IETF Logo Mail Archive

[TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (Ends 2026-02-27)

Watson Ladd <watsonbladd@gmail.com> Tue, 24 February 2026 01:36 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id AF5F1BCAA29F for <tls@mail2.ietf.org>; Mon, 23 Feb 2026 17:36:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H9KpvfVpsBeN for <tls@mail2.ietf.org>; Mon, 23 Feb 2026 17:36:45 -0800 (PST)
Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [IPv6:2a00:1450:4864:20::436]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 666D0BCAA299 for <tls@ietf.org>; Mon, 23 Feb 2026 17:36:45 -0800 (PST)
Received: by mail-wr1-x436.google.com with SMTP id ffacd0b85a97d-4376c0bffc1so3720902f8f.0 for <tls@ietf.org>; Mon, 23 Feb 2026 17:36:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1771897004; cv=none; d=google.com; s=arc-20240605; b=bfLw/Qm8KK+SqVZT5IXBRkglnwdb5cUE0N2P1sEwVrCckcn7y0Br7pupE+bmcfT7Xe 3fC5+dEb2I/re7kuOycXU+TWelesDWyBs3+Jw8Fht6/d8PVKwzhnhHpjyUX19OTZaPbP TJxIY3yTemE60zwWVkTmZb7/4JAQzslZhkcKZwjsAy+KbJbpz91ZJKmWxWXHc1D69bzm XDzs7MUVVJ2cK4D3aE1O5mM/C+GiV3m0Lb/OEhzIrh6aEx1qM7bk0SpKlvTKzjfDuowv QWqPn/4eqh2YCZ2I3ZaeXGbiMJ/A8c9WJgWGAq2S7xtcbukxqCKX0+F3Eh2dNrJZnvtQ 6U5w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=g0NexjMAf3azlCfbWsn83XUC9WdwMLaRpP+4qChN4U0=; fh=1avd8NTQM524+ZmlsUkUwEV90tbZxTYqXiEgSfzRZ+k=; b=TGojIn1OQvdcTykiD7XZbJqp8JWa7/dl3EWPnCoKmq1Lxa+5jGyGGiEnFNZ4lSnQPf FW0uxM3EyoUp4e/+BGMZAroGK5NdL4urE+bM6F/Hx8cg0iIDxrc8xvxxWlEyAa4sFu3V IusQPSAVzdbbW1ElKlY/z1RqDvdr9xA/saiquAmIai9Mf/OjE9OQ7gvqjN3PcSpPI8yu bbp8WXsrKppHawsuoRfSSoC8kE7vzP7bIH8/Xw2w2XJGaOzZLPLNajpP8B4x0miFXcJL ess5kvLRneeGWYW/3f36bGTxaMbU/HzEKOjJt46OSbuSmYcxgiHSu7M00ieW1RW7GM/s Q4+Q==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1771897004; x=1772501804; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=g0NexjMAf3azlCfbWsn83XUC9WdwMLaRpP+4qChN4U0=; b=Z6HZYJjaZWmkL3rtGarlsOBaZ4vRjYcvsyWL9xV41Qua3D3/BeyL9ort+pN1X5zVeV DfaHCJnLjsxS3cCZGORaJSfXb7vLHQROWueBKyrYAiTRagTSHYqWhwSYkYK/oQ3hr3bd rq8yuleWvK97OVFAh9i4U6/6ULM5EseMFWplKypGjH2OVzujnDNYrns6uJN0EdHAV0N+ V+4Ukeaq0kn8wdU/lqSrLaJBZLukUjl8Qak9uc4bC7WAetzBx/xosW8748IAQL9HgvuV i17Mm+h9m9GuhmiiL9Q9GPVRYiLH9lm2k3I+54K83FqVFbhkIeCelSsz9BhyChOzQvgJ 136A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771897004; x=1772501804; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=g0NexjMAf3azlCfbWsn83XUC9WdwMLaRpP+4qChN4U0=; b=gb10YFkvphG5FsBSLiDhK1iljr8WzeVDWVPidXxcbCJvDUyXnBul+JH/sqfCh/CQ/T HPnFzK1enO9bNuQ9UlEMoJextLsFXb7RVxCapZmC1Pkoio5+4De0yCYaf7jQ1vjxc2N6 OmOhPrUEN1/OtQJ6/9e/yODZfxf6R295yBF1dLWsafOvBelZHGLchT6TLBTqIBcUn6Im Eiy/BfnLljK9cQQxYwtnrnW4IKaRPU18eeZFyIszzKiNoiP0mi7eIRMB4+eEmw55t2CW jGSNw2pjChgP1Ftgu4LiwBQLz67XqvinZpoxqRUMLcWSkdcQcKpRYE9CRkNZ1KBafvCy ZWkQ==
X-Gm-Message-State: AOJu0YzA8bDbWBYLqao5juWLBQ84oOiqejA699kz4knYZXKN92FyuxQ9 5Y5YzVQjysys0zMxR0Q9fD2I+Cyfkvk7ATR4lMobUlsQQCl0ApUEnmESUE3MZazgugHClSSpvD/ 9lDRmQY07kPhK1FQjvfanHKYnWOqwpHJRbQ==
X-Gm-Gg: ATEYQzzatWlDlqoPgrlA+/vcfp81H6tkEz7N3Ss0y0udK7Kzg/prLKDTUynNmv7huEW YGFgz6TU3qyCQ+j+rqLfkexKnJsJwzDwEzqPji4y4U+Fx6zWnqUCBzMtYvedz/yE8w7OlQhjTDo BkjXsRbjzEWkOEGpxQzeZpI3EqxEDJxPh6KiTsVIrShwuKHACcCdTKJBFZft8id5TWtbcywYxQe HxoYMnV98RWUQ1R3+wwpQ3v6kqAR6jlogfoWYumiin1ivmXzySiUVGAyrN3cN/cfWiDLUH1vLg3 cXl5o4gTlLdNbQ4GXJqodvkayRC1sOs83+PyjWBx47f9UnkIAtcA/5enqrix+j3GgikqvwVj
X-Received: by 2002:a05:6000:2012:b0:439:879f:f8f8 with SMTP id ffacd0b85a97d-439879ffa95mr53551f8f.36.1771897004135; Mon, 23 Feb 2026 17:36:44 -0800 (PST)
MIME-Version: 1.0
References: <MN2PR17MB40310F0A2891942D76C43E60CD6BA@MN2PR17MB4031.namprd17.prod.outlook.com> <2caab265-00ba-4078-b6d0-3a178dabaa61@tu-dresden.de> <CAEEbLAbkV4YxN7cgggckpEp24MLtRZpzs6M4KemBatpzCCcs0A@mail.gmail.com> <MEAPR01MB3654415F735DE96CEE239C78EE68A@MEAPR01MB3654.ausprd01.prod.outlook.com> <aZfbhrFDBp7a0xHL@chardros.imrryr.org> <EB48AB24-A1A2-47C8-9C2C-47C93B9320E7@thomwiggers.nl> <93af0689-4bd3-4f6b-afaf-41869d27fa4d@app.fastmail.com> <7e6727a1-c994-43df-a16b-078bd8995717@tu-dresden.de> <AS5PR07MB1059610AC3701494F1B0BE7A28968A@AS5PR07MB10596.eurprd07.prod.outlook.com> <CAFR824z7endo8REtKvxQp-0dbVuQvg532BFtT1UebPLOSKbS6g@mail.gmail.com> <aZkMpTWxJGsmx--C@chardros.imrryr.org> <850d1216-8b24-45e3-95ef-3a6899deaf73@redhat.com>
In-Reply-To: <850d1216-8b24-45e3-95ef-3a6899deaf73@redhat.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Mon, 23 Feb 2026 17:36:32 -0800
X-Gm-Features: AaiRm53-cJa1lfawm34OE3eXmwBhhNrEp5IwyiK2EGZStB7OclpQ4OdgBjOBu_I
Message-ID: <CACsn0cmJbv99eE=s2jNUDrD5g34ZbJWdiwAxhK_0rYDybgu=ZQ@mail.gmail.com>
To: Robert Relyea <rrelyea=40redhat.com@dmarc.ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: 2W7X4CWVSJJ5JJL33MSBHFV75NNNVWCQ
X-Message-ID-Hash: 2W7X4CWVSJJ5JJL33MSBHFV75NNNVWCQ
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tls@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (Ends 2026-02-27)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Qres8mNNUEZJnvt5UkEEpetvP2g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Mon, Feb 23, 2026 at 3:26 PM Robert Relyea
<rrelyea=40redhat.com@dmarc.ietf.org> wrote:
>
> On 2/20/26 5:38 PM, Viktor Dukhovni wrote:
> > I support publication as a stable reference for the already allocated
> > code point that sports multiple implementations.
>
> I support publication as well, for exactly Vikor's reason.
>
> There is some feeling that publication == endorsement. Almost all the
> arguments against is 'hybrid is better, so it should be preferred'. I
> agree that is the case. I also know that I have customers that, despite
> our recommendations will want to 'pure' ML-KEM.
>
> The fact is the exact same thing will be carried out independent of this
> acceptance:
>
> We (and other libraries) will end up implementing this draft (whether it
> is published or not), and making 'pure' ML-KEM default off and require
> work to turn it on. We now (and will continue) to default to hybrid
> x25519mlkem as our preferred algorithm (and have since before that draft
> was approved).
>
> Publishing the draft simple means "If you must do this, this is how".

The codepoint registration is all you need for that.
>
> >
> > At least for OpenSSL, I don't expect publication to shift the needle
> > from "implemented" to "enabled by default" (in clients and servers).
> > The pure ML-KEM groups are not included in the default supported groups
> > list and there are no plans to change that.  For a pure ML-KEM group to
> > be used as the source of the key agreement shared secret it needs to be
> > explicitly enabled on **both** ends and preferred by whichever side's
> > preference order is taken into account by the server.
> >
> > Meanwhile, the X25519MLKEM768 hybrid has been enabled by default for
> > almost a year, and will surely continue to be far more common in
> > practice.
> >
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org



-- 
Astra mortemque praestare gradatim

v2.43.4 | Report a Bug | By Email | System Status