IETF Logo Mail Archive

[TLS] Re: WG Adoption Call for Post-Quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 15 March 2025 14:34 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 09BD0BA79FF for <tls@mail2.ietf.org>; Sat, 15 Mar 2025 07:34:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D2j4J1OUHPu6 for <tls@mail2.ietf.org>; Sat, 15 Mar 2025 07:34:49 -0700 (PDT)
Received: from EUR03-VI1-obe.outbound.protection.outlook.com (mail-vi1eur03on2106.outbound.protection.outlook.com [40.107.103.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 8229CBA79F7 for <tls@ietf.org>; Sat, 15 Mar 2025 07:34:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Po/jtWjIWiOzc9mw7uZ4P1fi0KO9Sy7fmefh4aAU6Y/oBOcz9vWCGf+XEOkJO6HpYMIfDVyBervGEARnjJawY2YGEP90lCy+ZaVODqnrWWnTkwHRCPobRavLFYCRmk5OCnzaFvMfr45EeZepXM3xw4Xn1Yrt7ukTACfByQ/BX+cGNUWSjKZOpkGK+8tKnYfXg0u+Y9hX0gsRENPSqwCAk/FOimk/eCUxR89IGkEI8NY9lY4Wi3BSngEBi8gQFn5DuZGwjw2h+22kp89FfvYIHPZ2mC4vdG1uh+MA5Q5gF2En+d60CiBab11rRRUOHQ+v5y1vAEpcrye8FqLrrT7jsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=J8e3/vLCeIhP+Of3EHLJo4UTmFdxGCocvnk8dRg/oSU=; b=E1VALr5G1FoVCE1C80FxPLTHn4nWMEXIxEp8HpGrUh2ecoU/xV+WXSZ9u2oobovW+zeYBCDlojhjkgr/6C8LTAQrx7Wa885aLrBtGLflxj6bd/3LifNbX3Gizm0itw2SyEKDLxHAFBjDOWpfOjB73vwDmKK+nK+ESiLkaHNcCgCMRvc8L0QBBC7B5BLQVmawMb4nyfqCp4TiASZ75yk1A/Rin5gOIJo/4fsqeKtl6JRDLaxQV51SQ++Ayc/LRKU7cto878jKA/Y5GHVndFCXhf4iolMNUuLxaXQiEJ68EeUc+YOigTbzdLSAVfOISEwMc9oZQsFaHQzUzguAhJqGTw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J8e3/vLCeIhP+Of3EHLJo4UTmFdxGCocvnk8dRg/oSU=; b=G4cHD37l43sOtzQLQfj/sYCGpG87Kv1MkggRmHgIIe02kUx/S9T3E64CgNaXD8tfckvinjhZoUfjRqbNDJzlYkhLrhQzDkVvuNtOPqjzKvppPxNoXonozbdmqxqCuberSOhF+A/XZGSSdBf1yHLefA2CmY7uXbph2ZZmxsWzyCI37wmJNsxFenMxTkWjxFMkSfeVlqjrVImX1vXrQS+0LKmXY17ASGglRCyogbfBeNuGhNpjio6JYpHSEy+2LagbH9/U1tam/trVnl96G4SwYlx3N6B1na80XZdDZRHk1OEJHhLLt1c6EaYavf4UcoB7cWUwBJM9CywDvNZxbhRImQ==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by DB9PR02MB7195.eurprd02.prod.outlook.com (2603:10a6:10:24d::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.28; Sat, 15 Mar 2025 14:34:47 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%3]) with mapi id 15.20.8534.024; Sat, 15 Mar 2025 14:34:46 +0000
Message-ID: <4287ce98-c574-4be1-a898-fce4d9dab4c6@cs.tcd.ie>
Date: Sat, 15 Mar 2025 14:34:45 +0000
User-Agent: Mozilla Thunderbird
To: Russ Housley <russ.housley@verizon.net>
References: <d2be6dc4-c566-4506-b400-1ddeaff73258@cs.tcd.ie> <C6F6EDFA-3655-40EF-AFD3-789A0387B823@sn3rd.com> <3A212EAC-CCF1-46C9-B855-1D8D03DB76F0@verizon.net>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <3A212EAC-CCF1-46C9-B855-1D8D03DB76F0@verizon.net>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------xCvZ2ovQlBUNv9btSrojhObb"
X-ClientProxiedBy: DB8PR09CA0006.eurprd09.prod.outlook.com (2603:10a6:10:a0::19) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|DB9PR02MB7195:EE_
X-MS-Office365-Filtering-Correlation-Id: 518bee50-9d26-4576-c2b8-08dd63ce88dd
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|10070799003|1800799024|376014|13003099007;
X-Microsoft-Antispam-Message-Info: u7MTapA1fwhafMBuohuyP2sAmmXC9KO8EiU+flSfJBKLNXgzps/a8JWs1VS1tNXg/PBA7UVZY4QRUc/dqIlhwM4JR5sKRYVdrPDTMdyr9Qp3hOWwtFMo7OBG/LYBPThmxpOK+skjOtHLSZDZW/LGlh6TtKrrHv0FMZyi+TGnMgO5Pa5qp+M1hxth9zXMpUvLiSFiekXmLBz9OA03LCTaE/4CiTRoba7nMx2DikpgCGVakPW+ZMBklRb1cxWn5iGDsmLIooFUzmvhe2SsRNEt5uIg91GQGK5/D3TCW7N06N1/ktIqjnd1mpuY9cfNZK6RxD+nbo/PYvj8gFeIHbJ9mKSBpcieaT931WAJi3nvEdwvtuh4bkaj73ZneJvVBQmj+xFGiuf69C92Sm7n56cC0c8gjKZz3o5Q9Um02DlqExMHqZ09J7Tmp4LWRs6GkMBRBGaNIRN1tOGEtyfxXad5+7aH28pt6G7+dJqrmeg1QTz78iVMVfJb46ecQz4xE1FbRUwZYtHF41ZrgEkylLsaRvVrvKQUoLOnfM6nTc8JG/P0ifPxEytZ3nWkXMN5laQzP3ApK0NZVDq+vB/ia7jxWONYq2113MRmgxx2gV2flaGrxVHkg30l2qwWpaYgtP3vvFgn+dtonVY71GOMmWpxr3ggKtphfZpndmj6H11aNNykX6/zaHJ4+IKnCFsigm16K8pcJ+BHxh4hlyqYZndPBT8pE3nbYt9ubyk1D/c1+dHFPo+X90Ya3+PDB6ewA990xKuRLeenlsPLo4N3qc4Tim9zMUjqiA6UqYcoj8WhNPlxXXPJzdRV7ebe52muVAv0QXqE0BsuhUU+fad5Q1y/WwFT5SYWVMugqqgrpfMLWhyI2Oy14IR2/woGx/MhZodDW2kMK5my4ycFPI9w3B6RuHGrw2P545v+Rp1LBOmjIEzDnhCABEfQT4kfa8EcXkcPCc01XsT8Arh5zN7JXpfKaH9vGEqTk8BWdcQS4ZClKFfO6mDCTp8km50bimnBZgg7xTVH5eUsKUcATnd7u7OPJv9KhlKzfq3nHv/KuA1xzJZWPLFqHBLmovcAJeToeWcW8R9AW4l7AzJZtfBSDot92vWwC0rGQm2aPvC/cFZcZEHsKHgqSdCiJ1uU9HS0gUKA90XQK7LHWP7ZnHL3z5PhMXcSLSGQ6H9xnD56HcixUc0Fv1kC/o0FA1dtkvt2n13uFdC+pwv254GjwEy2rB3O6kXPWdZAUUAdNl8kdHyrNEyBBAHq/eyC/JanbaFghVtfJ0GRYAmdcpd1kRfo8pxHRp4E679VNOE7qj8DlLC3u6w4I/TQfi+HBRrQOZ4SWQ7p++Ejunqe7n9UzIzF5WWpqsq3wAzOMjz8fvPpr2kWX4r5CAwaPhxuab8+7OnNjvh5
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(10070799003)(1800799024)(376014)(13003099007);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 0I+WO8mrjZfgn2S79/or9jupUOXRzx0a5ImzgMjTo753s34wuFyKrdgKCislnVBnR03ZeWuWiyL9ACtantjGtwV4Nw/nWgrbUbXjTLaRoZs40zzlmNv7vpDY4e4KfiAnTvNfyMq14pvWGpq8pi4n9RXy9EMBx3KS/n3qOAMIe7A5+GX2MhQUHPXMCiZYQpPMYlVHoURUOLpsjb1ILqV2KwWXYUTYQxrbgvVAitai5t6iwDqGc8N/pmh5EK2k6eJHwt/OZ85y8LN9JW2E9i1hWBAfBXTKqeiXpca6Dg/78ZIxmlI/Ugm831nbu8F+wf1dtVeQwWogI+EKepRZFnYv0IjiRL2paPJUDZA6RVClBjKa0HHtQSEIkzgArjM5hR15rtmeOhI6E2MSkjxiUgN7+H2CdSR2whkUL+QmmIodzy/oyGQtly9FAnLCCCyIN6WNDeZz57fhJUSQqKlHpQ5Kj4Uni/xhmEnK1g/1uwBpXeyqe2tIw6NDkQfutHu9UKy0MG+5cXYAzvRJ+i8riW+tY2x1kd3OkHFaasjJ7bnGL1D1FAmjQXoOeJ03gCTXU5pMeMEv0tbIAPD3JuociRn02/DjXaIyMkeMSJIxbhWTh8xjGuJGTbsmhPtRnQUqHTPj8YTgz8QhAds5syWBQC+k3KqhRWYB8dMarH4b4AiwUYkaaunNdPQ/vz5B9PtMFY2yQ3tSBsfL6No41VAYe3fPhojApFJifspGIAYzZIGzaBuGajzlzh0/RHo6uVBaHY/xx2ozjpzxeBQNhEUq2RHm7ova02R2uzvZRgqSOaLO1faYs8YyznE5An0rHtWSfJB642SMt7bnI+6UtqpL0QFiR8qgujgoS/KWEEwdf5s5cSf7wT+hSxFfMhND+Ud9n3JbxnxO3DuyviIbzheI7+kp1/fHxRxUXh/W6FLnwiS+Xq+rZw56nGEHIaKhDSLV6r8oVtufIcb6RY+er9CCoIQ+EPWQ/erlwQL7+JBXx3A4IcebXsuNUOd/xNLV7+1I/6+M18hRx5fTSGc1nT0EP2k2Zb9xkzbWy6+Z2PdL72g/e2RbHS0H4fh4MDhJ2bx39AsHxHWZ9sFJZ/NHKhKXA7oA9PYBQsTpilpWoMNfKRep8gRzpd798Auh88s+6oFaX0V3pGYUrAddXVF9mTXPXXLD/FVleOJxdBelsg1QWM4pnj43zNxQV4MR4FA1IyuMWCl0F2+UzwOaBGB9MuIMTu4hzZkRo19d8sc4/9XpIPpqcNKmPIbSF85G3hTGPcSE1QPvMeP43zm8pfHn8GmGAJTl2RVTrj241H0dxoyEkfx1SBSmjJO0Itm3oE+rSiIUyQ8vs6LlswbAfpxEJVNn7k9b1/5a6RnCzGskAk3M0M+svavS5zxXvpvh9tO5Zr0ZJTOvviumuKIc3ec4UJG0bP/V2OxtcKnK7uCUD397s9MN+ZB82jcCy/ZmouDVR3qND0HKwiG1qcEXlU4ZxsdeyO7dEX5cLcaIYkSDDt0etip3PzR5BcjkA39VxUseuwp5Ln9fxOYCLBZj801Fz00g6elSEkDnUyH2oIBLVmTOR6Us4YhL42vSqgjSsWujQo8EypqdgQFF30umaG6y5oUIYRUp2exXHcI2d0UvWu8Im39znbOQ7hhQdT8NADrd1fB0Hkj9
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 518bee50-9d26-4576-c2b8-08dd63ce88dd
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Mar 2025 14:34:46.8209 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 2fjqVZXjVpTpzyzFHB65d5E40tgF0vfGaKQHhq902ajaw7qppF8PRm0WI8aQV2K9
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR02MB7195
Message-ID-Hash: 64DUVXW6ZCHRT6ZH5Q73TTMCDS3BEP4Q
X-Message-ID-Hash: 64DUVXW6ZCHRT6ZH5Q73TTMCDS3BEP4Q
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF TLS <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for Post-Quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/JIYqiqDsWMO8zPawgnaWxklhJUc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hiya,

On 15/03/2025 10:14, Russ Housley wrote:
> Stephen:
> 
> I did write to Yunlei and ask for an IPR disclosure.  

Yes, and thanks for doing that.

> As far as I
> know, Yunlei has never participated in an IETF activity, so he has
> not promised for follow the NOTE WELL.
> 
> Dan pointed the LAMPS WG to a message where KCL publicly claimed
> patents related to ML-KEM (formerly known as Kyber):
> 
> https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/Fm4cDfsx65s/
> m/F63mixuWBAAJ
> 
> In that same mail archive, the following statement was made by the
> same person regarding these patents:
> 
> https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/Fm4cDfsx65s/
> m/2NzgqoTaBAAJ

I note the following quote from the discussion (dated May 19, 2022,
5:03:08 AM) at that last URL: "Yes, certainly we can make such an
official claims about patents as you suggest. It may formally start the
work after NIST or other standard organizations show the applicability
interest." Maybe I'm being optimistic, but if that the and other
statements about those patents only being intended defensively are
the case, it'd seem like that set of inventors might be incented to
make an IETF IPR declaration if asked, e.g. by a set of WG chairs
and/or ADs.

Cheers,
S.

> 
> Russ
> 
> 
>>> On 28/02/2025 18:56, Sean Turner wrote:
>>>> In response to the WG adoption call, Dan Bernstein pointed out
>>>> some potential IPR (see [0]), but no IPR disclosure has been
>>>> made in accordance with BCP 79.
>>> 
>>> While I don't think the lack of an IPR declaration is fatal 
>>> here, I do think it'd be great if that uncertainty could be 
>>> reduced. I think I saw that Russ tried to reach out to one of
>>> the possible patent holders to ask if they'd be willing to make
>>> a declaration. I've no idea where that's at, but I'd encourage
>>> the TLS chairs and SEC ADs to see if they can help get that to
>>> happen as reducing uncertainty would be good and if we can't,
>>> then this topic will just keep cropping up and Dan is not the
>>> only person I've heard express concerns in this regard.
>>> 
>>> Cheers, S.
>>> 
>>> PS: I do realise we can't force someone to make an IPR 
>>> declaration.
>>> 
>> 
> 
>

v2.29.0 | Report a Bug | By Email | System Status