IETF Logo Mail Archive

[TLS] Re: WG Adoption Call for Post-Quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3

Sean Turner <sean@sn3rd.com> Thu, 20 March 2025 05:29 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 6D422F57A02 for <tls@mail2.ietf.org>; Wed, 19 Mar 2025 22:29:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pu-zFc5e1wyH for <tls@mail2.ietf.org>; Wed, 19 Mar 2025 22:29:18 -0700 (PDT)
Received: from mail-oi1-x22b.google.com (mail-oi1-x22b.google.com [IPv6:2607:f8b0:4864:20::22b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id D1621F579FA for <tls@ietf.org>; Wed, 19 Mar 2025 22:29:18 -0700 (PDT)
Received: by mail-oi1-x22b.google.com with SMTP id 5614622812f47-3feaedb4d2cso217036b6e.1 for <tls@ietf.org>; Wed, 19 Mar 2025 22:29:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1742448558; x=1743053358; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=ne9LKa+wCBN5oFt8TXBI7WVZxo/6h4Wxo+IINOU0Sus=; b=GDPocbNXwtpAg0ckVjhYqyOTJv/5ViB90U932yMl5+9fVIRybIR8DgOWeX8gq33F0K Jiyf0Ugke0rZKQm70tSZIkaI253bFDmy7oFb+23E6zK7JY+2mnMbkfxldmXcsZRY25cR o15mGF/4cvKWA0U6Vzref65ic22eMbsDN/1VQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1742448558; x=1743053358; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ne9LKa+wCBN5oFt8TXBI7WVZxo/6h4Wxo+IINOU0Sus=; b=sLIMDnhTW4wGObdAAGPp4wHZQLpDKMSMPv/kaII34OeRbox6cVat0Bd2Vag6heoi/a ABklei09uINtuFbtLCKxdngMsWp1VDnheUSefi1Bqfjax/xRBVJCiV+1rs16mxKnby6E 2HMCzuZM6hmgpUFTcFL2fXfF4dC8XktgJELaZV3bLIvDA8qSLeTDWAXkXovqC1HMcXaa GLDzQQSNUlWdPi+Nm3xjHOyC5+yYRNJbUMmgZLpcJt1baqx74GFNB4SXe6BPWkPl3wJ5 BjQQ+usShgRQRvYtPiW3Lh/l7Mxc2Q1E6lceoTrOT1MHt0uOXyE8hAi4Ki/TurRYKImL pr6g==
X-Forwarded-Encrypted: i=1; AJvYcCUwFBVEa88eIpDkXwaS5IPY7eWN2lrvZf8m2boa/yuV/WO9Vx2ucXL35NHNxZ67QwOH1d0=@ietf.org
X-Gm-Message-State: AOJu0YzxCL5l2YaZtD16B3l4N8jdHNNVFbgdw/oDnNJR5kcigCUqUoUE YfOz5+BlQ4CM/1mVE1iLa8ATZLBdhvy7Yf5jZkphXrCtGbT33SYLcUfC+PVKZqs=
X-Gm-Gg: ASbGncsy+y9JXCSladvaQc8E7t1Fnb5ANtzfAe1Ou2842yC/5Jt0wJiWwijrv4T/egD 5hB0vubPwRxH2Jdbf+IwmviKUvwYfncVD8aAiFbi8QpaHBD1q+rHpW/+DrgNMN/RLzKnpwr8r37 +7UYXUwWUVPc8bJ2q78ZPt9d8kqGcyA2gsrYXpcvmiYBOJXJ/2oeZaQyGjg4mYWoTuXvE98ZwJH aZgZ//rnqut3bkEqRw7+JFQeteO5/K0gnQ/L6YsygldAvcGtoDORDvtCX07ukBE8/4AEcivIMBs PEUNyj+Ymymf5hkavs3jxTLXrv7IREhMEAFn/XDFTGCukrdiwQNlyUC7iXv2+u0=
X-Google-Smtp-Source: AGHT+IHPM77azmCQHl8UyNNKStKI3ZWaviWjiWNtWidUOpK+GowtX/OnSAX5WrMNwUBCP6zi2lACUA==
X-Received: by 2002:a05:6808:309e:b0:3f8:2c35:eeca with SMTP id 5614622812f47-3fead4ffddfmr4208597b6e.0.1742448558131; Wed, 19 Mar 2025 22:29:18 -0700 (PDT)
Received: from smtpclient.apple ([2001:67c:1232:144:1899:7487:42d8:88e4]) by smtp.gmail.com with ESMTPSA id 5614622812f47-3fcd48209ebsm3003237b6e.27.2025.03.19.22.29.15 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 19 Mar 2025 22:29:17 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Message-Id: <8F7D302F-CD7E-4D20-BFFA-69A912596363@sn3rd.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6A78CFBA-CF70-4BBF-A467-A0EF576D0D2F"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.400.131.1.6\))
Date: Thu, 20 Mar 2025 12:28:56 +0700
In-Reply-To: <4287ce98-c574-4be1-a898-fce4d9dab4c6@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, TLS List <tls@ietf.org>
References: <d2be6dc4-c566-4506-b400-1ddeaff73258@cs.tcd.ie> <C6F6EDFA-3655-40EF-AFD3-789A0387B823@sn3rd.com> <3A212EAC-CCF1-46C9-B855-1D8D03DB76F0@verizon.net> <4287ce98-c574-4be1-a898-fce4d9dab4c6@cs.tcd.ie>
X-Mailer: Apple Mail (2.3826.400.131.1.6)
Message-ID-Hash: KF4FIWOMKF62TGTXLZ7FIU3QZ332HTUM
X-Message-ID-Hash: KF4FIWOMKF62TGTXLZ7FIU3QZ332HTUM
X-MailFrom: sean@sn3rd.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Russ Housley <russ.housley@verizon.net>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for Post-Quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/N4-gdWqmhOMSH2UAumn2oce4WXQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>


> On Mar 15, 2025, at 9:34 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> Signed PGP part
> 
> Hiya,
> 
> On 15/03/2025 10:14, Russ Housley wrote:
>> Stephen:
>> I did write to Yunlei and ask for an IPR disclosure.  
> 
> Yes, and thanks for doing that.
> 
>> As far as I
>> know, Yunlei has never participated in an IETF activity, so he has
>> not promised for follow the NOTE WELL.
>> Dan pointed the LAMPS WG to a message where KCL publicly claimed
>> patents related to ML-KEM (formerly known as Kyber):
>> https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/Fm4cDfsx65s/
>> m/F63mixuWBAAJ
>> In that same mail archive, the following statement was made by the
>> same person regarding these patents:
>> https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/Fm4cDfsx65s/
>> m/2NzgqoTaBAAJ
> 
> I note the following quote from the discussion (dated May 19, 2022,
> 5:03:08 AM) at that last URL: "Yes, certainly we can make such an
> official claims about patents as you suggest. It may formally start the
> work after NIST or other standard organizations show the applicability
> interest." Maybe I'm being optimistic, but if that the and other
> statements about those patents only being intended defensively are
> the case, it'd seem like that set of inventors might be incented to
> make an IETF IPR declaration if asked, e.g. by a set of WG chairs
> and/or ADs.
> 
> Cheers,
> S.
> 
>> Russ
>>>> On 28/02/2025 18:56, Sean Turner wrote:
>>>>> In response to the WG adoption call, Dan Bernstein pointed out
>>>>> some potential IPR (see [0]), but no IPR disclosure has been
>>>>> made in accordance with BCP 79.
>>>> While I don't think the lack of an IPR declaration is fatal here, I do think it'd be great if that uncertainty could be reduced. I think I saw that Russ tried to reach out to one of
>>>> the possible patent holders to ask if they'd be willing to make
>>>> a declaration. I've no idea where that's at, but I'd encourage
>>>> the TLS chairs and SEC ADs to see if they can help get that to
>>>> happen as reducing uncertainty would be good and if we can't,
>>>> then this topic will just keep cropping up and Dan is not the
>>>> only person I've heard express concerns in this regard.
>>>> Cheers, S.
>>>> PS: I do realise we can't force someone to make an IPR declaration.


Stephen,

We are following up with the ADs and other WG chairs to see what can be done.

spt

v2.29.0 | Report a Bug | By Email | System Status