IETF Logo Mail Archive

[TLS] Re: ML-KEM recommended column

"Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de> Tue, 10 June 2025 07:38 UTC

Return-Path: <thomas.bellebaum@aisec.fraunhofer.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 10A0A330A6A6 for <tls@mail2.ietf.org>; Tue, 10 Jun 2025 00:38:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.297
X-Spam-Level:
X-Spam-Status: No, score=-4.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=aisec.fraunhofer.de header.b="w/Mi0j6R"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="Jh8fHkN7"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VJe6S4DEumfw for <tls@mail2.ietf.org>; Tue, 10 Jun 2025 00:38:56 -0700 (PDT)
Received: from mail-edgeMUC218.fraunhofer.de (mail-edgemuc218.fraunhofer.de [192.102.154.218]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 0B5BC330A697 for <tls@ietf.org>; Tue, 10 Jun 2025 00:38:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aisec.fraunhofer.de; i=@aisec.fraunhofer.de; q=dns/txt; s=emailbd1; t=1749541136; x=1781077136; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=AlwGzZQHDVukh7vDRc4uOsybcSjK7UTV6fUIQw4HVb0=; b=w/Mi0j6RFLJhGMd2IyqrnEaiC0Qu9VGZ/20Dvi4m/nswu8d+9X0bwztP nchA+2qu3y5qYbyBjluoc9AyzYUlmwD5O3pyv+frfLBHEzlvOInisCFYs DKEbqdMyhbDkZSwiyTxVfi1Gv4jyTa26S6tQRai61coFQwEJEypKnX1DY 0z/rJqCai5pCru04Y2PYGiu62JTH3CMhH1PN4SBqycHA7zv2Hazvl+sLV uAXCka9iAM1K3MYtb/zaxh/sj0wxeKTJ/cilEiD6CfMkPDXt5CGuciM4B 7Kz9UMeXS1+b/YH5MwPyufIST7XRf4NH3q3M1Csk/y8aLfKTOWsnP73j2 A==;
X-CSE-ConnectionGUID: PYc544+CTN2i4b2uGbB7vg==
X-CSE-MsgGUID: 3ipDO3S6QOWVWqwQ/txDrQ==
Authentication-Results: mail-edgeMUC218.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-IPAS-Result: A2EoEQCq30do/x0BYJlaDg4BAQE8AQEEBAEBAgEBBwEBgWgCgkJAAT8ugTeEVZFxgkABmi2CUAMuKQgHAQEBAQEBAQEBBAMBARQCAw4NHQQBAQMBA4UAAotmJzcGDgEBAQEDAQEBAQECBQEBAQEBAQEBAQEBCwEBBgECAQEBBAkCgR2FNUYBDIQCBXQwAgEBAQEBAQEBAQEBAR0CDyYMKiAGIx0BATcBDwIBCEICAgIvJQIEDhMNgmiCIwQSAyASFAauSYEygQGCDAEBBoJo2EEYgkAHCQkBgT8BgVeCJYEGg00BgVsSgwyBK4Q/ggxDgUqCdT6CSoFDDYQEgmmCEReBAhSEJIQrhRGCX5A/UoEUA1ksAVUTFwsHBYEgQwMqNBUcI0sFLR2CDYUZH4FzgVwDAxYQhAIchGKDblsrT4MigX9MGUGDXx4Gcg8HGkADC209NxQbljMSIYEHgT6CfoFVBEMwL4ECFAY1DMZzAwQDgjWBZoZdgzOCDZVQM4VbkX6SImaZBCKNZZsGAgQCBAUCEAiBfoIAcYM2CUkZD5IhM48BqCN4AjoCBwEKAQEDCZAXgX8BAQ
IronPort-PHdr: A9a23:8ETJFBXl61YpTIn1FFhn3VoKa+LV8KyuVDF92vMcY89mbPH6rNzra VbE7LB2jFaTANuIo/kRkefSurDtVSsa7JKIoH0OI/kuHxNQh98fggogB8CIEwv8KvvrZDY9B 8NMSBlu+HToeVMAA8v6albOpWfoqDAIEwj5NQ17K/6wHYjXjs+t0Pu19YGWaAJN11/fKbMnA g+xqFf9v9Ub07B/IKQ8wQebh3ZTYO1ZyCZJCQC4mBDg68GsuaJy6ykCntME2ot+XL/hfqM+H 4wdKQ9jHnA+5MTtuhSGdgaJ6nYGe0k9khdDAFugjlnwXsLYtjTVpNhE+AWkIM72Eq4YYz/+8 oBwWRXjsyUkaAMFzj/Zt+1Jk/57nhj58k8aocbeNaOVZPRefYWCXspDZVIQXJp4ZjFcXtqMT qtUAu87B8x4sKvZu2MVlyOmL1TzJOnN0xZkg1Lpxo8b0cQgED/X3wd+Avw04GjTs/z/MoA+U 7C545vQlWniT60L+yrcxYz0NUEo4uOCf7t6LonK1G0dOx3LvE+S9YXaAxich/4173qkzNBCE r6u2k4j9DxTjgOt6MEyjpXgloYE8k7e3H5l3ogzHeyKQ0lSedC1C84D/zHfNpFxRNslWX0to ish17ka7IayZzNZoHxG7xvWavjCfoSH7zfef7zIcXF2nnt4frK4iRuot0StmaXwVcixhU5Dt TEN0sLNuXYEywHJ54CZR+F88Eas1XfH1w3a5uxeZ0FhvaTBIoMnwrk+m4BVtkLGHyTsn17xg rPQfUIhktU=
X-Talos-CUID: 9a23:0btK0mr2IJ/dlaAGgj1FuLjmUfgUeSCBkDT7H2niCDpjEqC6Q3XP5qwxxg==
X-Talos-MUID: 9a23:E5kk3ga8vV03HuBT7D70qBY5D5lRxJuQN1kSqNIaq+WeDHkl
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.16,224,1744063200"; d="p7s'346?scan'346,208,346";a="10455265"
Received: from mail-mtaka29.fraunhofer.de ([153.96.1.29]) by mail-edgeMUC218.fraunhofer.de with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 10 Jun 2025 09:38:53 +0200
X-CSE-ConnectionGUID: 81KgoqixTaC63s4LAgzUWw==
X-CSE-MsgGUID: G+M5PAsOScGGHQ0OxL4ZnA==
IronPort-SDR: 6847e0f7_T78Xn23gHUP36emDszupY0K4cxkZ1aM1zDSCAvfPY/VSyd/ RLuwlOqERPOcQ5sRLw9AiV4UpcU3f6R/my/z/+Q==
X-IPAS-Result: A0DSCQCg4Edo/3+zYZlaDoEEHIEugXJSBzkBbS6BCYRUg0wDhSyGVoIgOwGcMoJQA1cPAQMBAQEBAQQDAQFRBAEBhQcCi2MCJzcGDgECAQECAQEBAQMCAwEBAQEBAQEBAQEBCwEBBQEBAQIBAQYFgQ4ThXsBDIZbAgEDEhEdAQEUIwEPAgEIQgICAi8HHgIEDhMNB4JhgiMEEgMgEgICAqF8AYFAAoslgTKBAYIMAQEGBASCYNhBGIJABwkJAYE/gViCJYEGg00BgVsSgwyBK4Q/ggxDgUqCdT6EDQ2EBIJpghEXgQIUhCSEK4URgl+QP1KBFANZLAFVExcLBwWBIEMDKjQVHCNLBS0dgg2FGR+Bc4FcAwMWEIQCHIRig25bK0+DIoF/TBlBg18eBnIPBxpAAwttPTcUG5YzEiGBB4E+gn6BVQRDMC+BAhQGNQzGcwMEA4I1gWaGXYMzl10zl1mSImaZBCKoawIEAgQFAhABAQaBfiaBWXGDNk8DGQ+SIY80qCNFMzwCBwEKAQEDCZAXgX0BAQ
IronPort-PHdr: A9a23:9ORpBx1mGnPKaAZdsmDO5gUyDhhOgF2JFhBAs8lvgudUaa3m5JTrZ hGBtr1m2UXEWYzL5v4DkefSurDtVT9lg96N5X4YeYFKVxgLhN9QmAolAcWfDlb8IuKsZCs/T 4xZAURo+3ywLU9PQoPwfVTPpH214zMIXxL5MAt+POPuHYDOys+w0rPXmdXTNitSgz/vTbpuI UeNsA/Tu8IK065vMb04xRaMg1caUONQ2W5uORevjg7xtOKR2bMmzSlKoPMm8ZxwFIDBOokoR rxRCjsrdls44sHmrzDvZguC7XhPNwdemBodKgzawwPIZ7fdjDb5trVj9BORYdDRVqE+Ug+gz PhWdCG2hhomDiFl0F/d0pkj6cATqkeDp0xx443yP6KMbdpGL6GBVOIHWDYYbudxDCFEOLmWT 5QtK/Y5Jtxgt6Og+HsEjwKXKQyBG/jN6z1oh37IzK4xjfkPK1Ha2xMJFdQpnHaEoPrHLP9Oc MDrkYvV7BjHU7QH0HTv5qrBeE9iuuyob55uf/jLyxUmKD/uhwSKkdD3ABCv9KNRsjm767Vdd 86UiUAhtQVtiyir1/8ykKCSmpwbzGj1xy5+6Z47NMbtGwZrJN++F51IsDuGcpF7Wd4mXzRws T0hmdXu2La+dSkOjZE7zj32Ma3BfZKB/xTjU+icO3F0iSEtdLG+gkOq+FO7gq3nV8ay2UpXt CcNjNTWt34M2hCSosiKQ/dw5AGgjB6BzQnO7OFDL00u063dLp8q2LkrkZQP90/EG0fL
IronPort-Data: A9a23:VBdtVKtg8skXplG+wQidLnchIefnVJJbMUV32f8akzHdYApBsoF/q tZmKWHXM/mOazDwc41/O97jpBgBvcOGyoUwHQdt/3w1EnkVgMeUXt7xwmUckM+xwm0vaGo9s q3yv/GZdJhcokf0/0nrav646yElhMlkf5KkYMbcICd9WAR4fykojBNnioYRj5Vh6TSDK1rlV eja/YuGZjdJ5xYuajhJs/za8Es21BjPkGpwUmIWNagjUGD2yiF94KI3fcmZM3b+S49IKe+2L 86r5K255G7Q4yA2AdqjlLvhGmVSKlIFFVHT4pb+c/HKbilq/kTe4I5iXBYvQRs/ZwGyojxE4 I4lWapc6+seFvakdOw1C3G0GszlVEFM0OevzXOX6aR/w6BaGpfh660GMa04AWEX0rYuIm5J7 P0IFDkmMEuY28afz6CGdfY506zPLOGzVG8ekmpl0SmfAOYtQdbNWazX499f0joqwMxDdRrcT 5NEMnw+M1KZPEwJYw1IYH49tL/Aan3Xbz1frVuO46A652zexgVs1ZDkMcHYcZqEX8xImEafq G/cuWj0av0fHIfBlGHfrCr07gPJtQy4fd8qPaafzfVFr32qnksDLEEkU3Lu9JFVjWb7AbqzM Xc85zAvhaw2skmqUp/wUwDQiGKApTYdVsZeVeog52mwJrH8ulvCQzlbC2ceOZl/7pBwWzls3 RmHhdr0AzxovrCPD36QnluJkQ6P1eEuBTZqTQcKVwIY5dnkrowpyBXJS9doCqmuidPpXzr3x li3QOIW3d3/VOZSj/rrr2PUySmhvIbIRQMT7wDaFDDtpABgaYLvI8Ti5VHH5LwSZMyUX3uQj kgiwsK+1eEpCY3StSqvRO5WIqqlyczYOxLhgHluPaIbyRKTx1CZc7t92gpOfHVSDp5ceBvCQ lPihgdK1ZoCYFqodfBWZqyyOeQLzI/hN4zseaHIX+prf6l0ShSN0x9vVH6uw1nCvlAny589H ZKpYPecM2sTJvVi/gqXWtUy7L4P7QI9zFP1WprU4UmG072fXXurUr0qDlq/Xt4lyIiunQz6o spuB+6LxS5AUeb4XDLlzI4LIX0OLlk5HZrQqcdHUsKiey1IQHoADd3VypMfI71VpbxfzLr0z yvsS31mx0rarlyZDwezM1RISq7lBLR7plIFZR0cB06igSUfUNz+/ZUkVsUFeJc8/7Ze1t9yd f4OfvuADtlpSjjq/zc8b4H3nLd9dSaE1B6/AC64XAcRJ5JQZRTF2tvBTDvd8CMjCimWt8xnh 5aC0gjdY4QIRiU8LcLwRc+s8WiMvikmqLovZ3fLH9hdQ1Wz0Y5ILyeqsOQ7DftRIjr+xxyb9 T2sPzEmmcf3rbQYzvz1lIGfjoLwE+JBDktQRGbayrCtNBjlxGmowK4eceCuYTz9fX7GyKWgb M4Iyvr5HqQNmVZUgY9CApJu96Yf5sTulZBe3A9LDHXGVHX1K7JCc12t/9hDib1J/ZBd4TCJY 0Oo/sIAH6ekI+bnLQIhHxUkZeG9yv0koDnewvArKkHc5iUs3r64fWhNHhuL0gpxEaBUNd47/ OIfp8Im0QyzpR40ONKgjCoP1WCtLGQFYpo3pKMhH47npQo6+G5sOaWGJHfN36iOTNFQPm0BA Dye3vPCjosB4HvySSM4EHyV0NdNgZgLhgtx82YDAFa0gfvAuO482UxA0DYwTzkN9C597cBIB jFJOXF2dIK0xBU5oOhYXmupJRNNOw3BxGz11GkytTP4S2uGazXzCVMTaMix+HIXyWZ+RgRg3 aq5zT/lWAn6fcuq0SoVX1VkmsPZTtdw11PjnvqgFZ7cH5IrPDvXvb+1V1UqqxfYWOoAu0nVl 9ZP4dR2S633CnMXqfcJD4KbiLciczGfBWl4Wfo61rg4LWLdXzCT2Da1NEG6fP1WFcHK6UOVD 89PJNpFcRa1xAKij2k8K/YXArlWmPUJ2oIzSonzLzRbj4rF/ytbjp3A0wPf2kkpeoxKuuQgI NrzczmiLDShtUFMkTWQkPgea3uKWvhaVgjSx+vvzf4oEagEu+RScU0f9Lu4knGWEQl/9SKvo wLxSP7K/tNm1LhTsdPgIodbCyWwDOHDZuCC3QSwktZJNPfkE8PFsSELoVjGYSVSG5YsWOpMq Lfci+6vgXv5v4s3XV6AytPFX+NM6N6pVeVaDtPvITMI1WGeUcvr+F0Y93r+NZVNl8hH69K6Q xejLvG9bsMRR8wX0Ug9h/KyyPrBI/+fgn/cmB6A
IronPort-HdrOrdr: A9a23:gRQWeasCOzeiB7uG98WkJ7Um7skC8oMji2hC6mlwRA09TyXGra +TdaUguSMc1gx9ZJh5o6H8BEGBKUmskKKdkrNhQYtKPTOW8ldASbsN0WKM+UyYJ8STzJ8/6U 4kSdkFNDSSNyk2sS+Z2njBLz9I+rDum8rI5ds2jU0dNj2CA5sQqDuRYTzrdnGeMTM2Y6bRY6 DsgfavyQDQG0g/X4CePD0oTuLDr9rEmNbNehgdHSMq7wGIkHeB9KP6OwLw5GZTbxp/hZMZtU TVmQ3w4auu99uhzAXH6mPV55NK3PP819p4AtCWgMR9EESitu/oXvUuZ1SxhkF0nAid0idorD AKmWZjAy1H0QKRQohym2qp5+Cv6kdr15ao8y7mvZKqm72GeNt9MbsGuWsRSGqp12Mw+N57y6 5FxGSfqt5eCg7Bhj3045zSWwhtjVfcmwtqrQc/tQ0pbWIlUs4mkaUPuEdOVJsQFiPz744qVO FoEcHH/f5TNVeXdWrQsGVjyMGlGi1bJGbMfmES/siOlzRGlnFwyEUVgMQZg3cb7Zo4D51J/f 7NPKhknKxHCsUWcaV+DuEcRtbfMB2EfTvcdGaJZVj3HqAOPHzA75bx/bUu/emvPIcFyZMj8a 6xJG+wdVRCDn4GJff+rqGjqCq9MFlVdQ6duf1j2w==
X-Talos-CUID: 9a23:XHMZ0mDmatWGSLb6E3k+10ETA8E1TnT2kizLf2uRBnRUd6LAHA==
X-Talos-MUID: 9a23:gVpN1AoflFXzuoByTwkezx4hEZpQyr+JM0sivrU/4+6UEXBCPR7I2Q==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.16,224,1744063200"; d="p7s'346?scan'346,208,346";a="36532600"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA29.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jun 2025 09:38:31 +0200
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11; Tue, 10 Jun 2025 09:38:31 +0200
Received: from BEUP281CU002.outbound.protection.outlook.com (40.93.77.5) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11 via Frontend Transport; Tue, 10 Jun 2025 09:38:31 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=MT6Ye9/o8xLSnJwFllFZBtV4cAnBsC6IVbVIo0/zGshHY4SQHz/lsLCffNtaLuGjvCu8bTJyfJru+oPp20sN/Csz79kP0j6l70Sur5igjDel8CTk2lrpgezKT7Gio5grMta4wFa2ha//6sH0N/pNPJ3NKeosb81ttE3Iubx9kj/vus5fR1MQM0EBeU9bp1ngDB1f3DIg8JZzm5rLqpsCaSiq2gtU/ir5TBi/tjnbsCdz2Tcz3s3YsZu/GifTOGBkkGQGRMFH+qAzF6MfYuL2gUlP0+CCu72WJQoHO3+MNoWXxMznFr3UzwuW0l5KoqPgQCVqHVykKSsPRAf9+NesPw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AlwGzZQHDVukh7vDRc4uOsybcSjK7UTV6fUIQw4HVb0=; b=ZMzt3Ja44orouU1RVc48RnhCbqE+TBaoZ+bAqS0LCmMtY/QBhyOkrnoNZD11JZbjNq4fPlxlxQ+Eez83HBrwHJM5n42u+2L0UGVUT4SsgbVDBbSJw5PDL4ugK8LyEDutvmb7+xgYtKmsGcGkxUJSHAFvIBfAiEfkh5yUbd9WpQmxUM1hRLgEJRIDHtWMSYt/cvsyX+nOAAMo13mv2YVPaA7CEKupNLFVsufVHES+NU2QrmH0GyW9VA2xoFGpaLaYFXOPRCotBObDofS8aYGpQwjr45Gr7kFupsHB8bdDNO+3YcGZ2eBr6dUwM/cGoii/R8gT8TEXQO2rPqY+nE/kUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aisec.fraunhofer.de; dmarc=pass action=none header.from=aisec.fraunhofer.de; dkim=pass header.d=aisec.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AlwGzZQHDVukh7vDRc4uOsybcSjK7UTV6fUIQw4HVb0=; b=Jh8fHkN7Kq1HP9j4AYuu41XIH3emRRBHwJLtPsRPpB57HbJqADmEwsJIjHiiVykc6uFR8towAbnODj8dGZp04IH65JuIElT/9a+zfJab7+suLZDvfZrj4aWTCa9rP4zWKRJ/4i9Hl7UJDSjFnvltAxlyPvrA3tvfnPYZcoApfys=
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d18::f66) by FR2P281MB1817.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:3c::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8813.30; Tue, 10 Jun 2025 07:38:30 +0000
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::b42c:81ce:43c2:c309]) by FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::b42c:81ce:43c2:c309%6]) with mapi id 15.20.8813.024; Tue, 10 Jun 2025 07:38:30 +0000
From: "Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de>
To: "uri@ll.mit.edu" <uri@ll.mit.edu>
Thread-Topic: ML-KEM recommended column
Thread-Index: AQHb1suiQUJYhDmJYEGQph28yRFp7rP2QmvxgAXFTQA=
Date: Tue, 10 Jun 2025 07:38:30 +0000
Message-ID: <c898b03ea86bd69831d00a90a751aaeeb28af875.camel@aisec.fraunhofer.de>
References: <3291f7396fa0dd06ab713ed59e01ccdc4f1e8ec6.camel@aisec.fraunhofer.de> <BN0P110MB14196A3B6CEEC5A4FFD3C07C906EA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
In-Reply-To: <BN0P110MB14196A3B6CEEC5A4FFD3C07C906EA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: FR1PPF809320EF6:EE_|FR2P281MB1817:EE_
x-ms-office365-filtering-correlation-id: 08a0c7d4-f4d1-4963-2196-08dda7f1cbae
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|4053099003|38070700018;
x-microsoft-antispam-message-info: Ac3Laa1ywc3hifSpIWTPQ8zUx3NElpxHABhezc0qIxjkOdjIVTbOc0r7cwrF8JRRE2EySS1UjaIL+LwNXJA7Y4KwFsa4XnCNNLhUcqNOmdwQZc9dxdNKg4+A7hwa5F86/7TCUTGiAcvpMotSh2Aw30OuB1+BXUiDq7sUI4DuP44bmBoCOW2oa4KBxVwjFQER3NqQtLq+usCSKS8Ym+UQTqmrZQt6d2PiSfhPPIRxxe2asiRiCHHThlWv/dEFpcdRV/stC8Ey3VwiTJ4gfEDVJLYTpgO5kYcIH5Qd+P6IgaKqX1qYdDfcKAmJsYwbYvp/jnNtF61o6j1dZsx017nTnusEa7fyWd4lXOjrJRgnw4x+MYhxeNw5tsnTt+yluYBP1+spf/Xt0IfOii4dw5OBJl4x6IlgItr8snt+I7owwLEN2O/hw7FahTrLXITmBWpmceIuvPvBXhQAO2uVt721oV/R5AJGnVlkNZK5zCMeQrWjpNgYvD8smUay5EHLyEFLXMP1rO2u3Oi7FuQx0uoLKpe641fl6NQDEtqfiDapk2OM5aZEwEKT4zZdOjv73zFed/4hJDtC4Sr4YIJU+i7k2YYxvn23f9Bb++w3oQ95dWcSAlKZuoWXdSHWFYNCwZ29fzz776nsPs228yHCeyXkRTllBPuwo5icGnx20fKnR5JNRKbBGlZOUCzcZhjHXejg7FzQqs1et2qf2pFKi4xsgO5NDqFBcAh+Lq5/NQ5LcUEXvKJ28EUOmXe5WotERZvSCs83s3Yolzv5NNkAxTgX78UpFn6D5l50vf99v9/aTNwoBvf+IhQ4A5lA8/jvihbclw7n4CWUIIv6JSuO1cOXPSVxXtP71BO/5Q7Jyv4x4YLbh4T7MJ0j/D/IirvubZoC2IOPhP6HO9OjK0wl4JNokU0ZjAJr2oGT1JLkFhvVN93/7lubiPwEDABDPvt6Vfg50ytFuugE9OHPgjWwwO+gYS7PobowPFHHHsOh3WrmPst9tQieElwkJtjYcGIQ7sbCI+PArwjl9JlApRuDYsceR0QsOHl4rKsQRkikrjJDHRx4IyB4CHfse3CufJuOEcpocQj2jM8LlUYqMfpyNcQXv3lop83GxkaOLZbUAPEMWnYckzWSPOCc5V5lLZJHSnrB06UdW4XZn9STDFLb9iDGGn9WeM4bIMMC7Z+kHOuoeQC1nVKAxNOWBb59iCjcbOklMmFar4PSLHJpyx+iNnOq5Dyas1syRzcO9GOUi+44SJUGaEMLC13QRQ7ZbLGUZs8dDAKuclmlEDMd/yPFCulu/+tefyDF4AgQLBJc+8nT22YhL73ZOq1/ZITzHQP7/2X+GwN6nHEst3vDzYmwgs3X4yAvCA8uTVEbMQZoNVi1JtrWTzNAXHUWzkTaMHpmuyG2zi5/Od32Lcg7YPDfbolFKt4PfHWgtqukJpN3fSIuquYmjHA/vsxDQCsb86k+oDDBPAOC9tPBrS3F2Z+YqjroJrBgKFPUHDOGdcZnSLi++ys=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(4053099003)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: s5biVvHH9zi1Mx3NeYiynHIrWw7gDU1h9frTE9DpKku5C0t2CciUwV2vm366Ly3uTYKLwSQQBqVj8To6GHUzx0ChW4Hq9WGQTvxp0FfqXiHzO2TgePKSAFjktRzQ28YWcGct8v4S/HCr7nLPoyepF121Q5qc/9Oa+KAGpd7znCFzpJ+qMESzVNp++oN0Pd52mdHf6St9iUgsWX7DKbWRyaSvWT0eQE02tEjIB3NL2yGpwtjIZtQEJXIOrAvDR+b9Flmt7HlvwO96trvWtljDiNfplI264OGRfbVXkGr3NfflIubtd3r8fXIoDmQEOJiLxkwqPYcaHpRaCWUZfDaQ0EdfbyeK7yhPp8oOZX5l9Zqt7EEskGTlfsmgKJdBhrm5qgBZ7hWD0iuyq2ORL9j4mpinnx/NwzIyxBROsZmNAYGIHcoYPc8snXHEV01oGFW/fUC+CttJ2EUjNPNwe1hwfZ27CmTCb4wQog+AeEyia4xT8ismT8j0vLWDSsowodEPBxBBlWbYBkZSFX9yAPSJR0mgW6dOwpfw1FGqmnJqJ3S94Hke9o5MmZY801DGyXGCx9jclK/j9aOaTklq08Vdc699LSUS01RoryTQtzf0WVfNqZoH0E230TMubs63OQAWP766EEfIhcS/6/C6rekIiMEHXtALgFAiH5Z8prkQhEoCuHv87mljPaSPS5CO0jA9diDoFIB9ZkRO5s4kgH3F/BvIMg2sL8qvotg+rDJu97qdbwpP6SM4bQ/elwXf/suBVMJTLApVhr5Ro6vwU4ZC0NQ19ll8bXsJKMtMJw6mv/YFglbiEuJ+DLAgJ4o2gKy0mRVlzZrA6D4BLcGbNUZ9K7l7TblJoLGrfzgzt48TUy9ohOIa5E+3q6jSMkwZWRqwlrmaarDkiu0/6GWlRyMIgPkTM9vtbQaqqWf7iFsi3BxqDqo5W7RwDYnW5q+90aWVDg6W/x2ykfMBVJPDECOY9XDR4s5Eg1cQVrAiblYYMOOrbWz+XL0egXF75ssxNncct0bef8aXOT0F4X+GXyclBgfXc9Q7fus3c3E/Nw22U8aLrSELRlK1B1BpifzuiwW2o6GaSVbNhJMc6iPLtjJezELH+GCAfqZf5kd7G2XXKrhPKiyL6/uycRxGid4JQj8WYgBfUYk2CAcYSN9tNif6AlJr9Tm7JIBIyujjJKj/6ZFFWIyVIHeRkG4Mm7B6h7pB1+VNb4YtN9P+7KiDOHX+YzfeXhiiMA3oaK4aOh5Lx3YgfQauouHfZTeoVo/UUPBza/sOY1RIB716d5uo08aSvgy5huUZNcxS5p9BTNuLxtuU93jSNuObBRPw5U8LyPL+rQCc1Wy899oQt/avZxI0+FO5XPRvyVsiRo4Ik5/WkCrpcFQqJgeWxi+yhxh0YplPJnO2LHExCiybyuRGyMc07SpRgefmyOag7q+P2UTwQPPgydVSMrhJoLo95sOGZ4awdP4xPg/zGanv5vgJU4hvVDPoOUwCJHmsfTfgwEcVL1GxqIjf4Kw4pQ8UqCC0WS9QtNdbO/Vw2PlpzOrkqS6bEiG0bZ8FT2WatURSzGMsZQ2cvn4E+iEgO8GTM6C1dUWA7EZVqgQVAGwnvMYlYU/tuaFcuJcwr2qhdybUCkR8kxI=
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/pkcs7-signature"; boundary="=-zHoEwC88mZYiBQubHXIZ"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 08a0c7d4-f4d1-4963-2196-08dda7f1cbae
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jun 2025 07:38:30.2244 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WMZ6Zmzv0/Ifl9bpbWzHvwQs0xZ+IOb3ZrATfv8hTjio06svWB+Lg6c/ScqvC/Mm2Elzb3uaUO3IOpDFlZ+VhXmvYG59P3AZx4qe+yXl3mQgyhBIDRztiYXg4mFhE71v
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR2P281MB1817
X-OriginatorOrg: aisec.fraunhofer.de
Message-ID-Hash: AR73JRXFP5Y7QUS2EBFQI7THRQSICDXT
X-Message-ID-Hash: AR73JRXFP5Y7QUS2EBFQI7THRQSICDXT
X-MailFrom: thomas.bellebaum@aisec.fraunhofer.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: ML-KEM recommended column
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Sryy-53PWAPn92BeiDmii-lQxFM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

> I think this PR should mention risks introduced by hybrid solutions as well – which (obviously) differ from those introduced by non-hybrid.

Mentioning them is certainly a good idea. Perhaps it makes sense to be specific as to what is compared:

- I would consider hybrid methods beyond ietf-tls-ecdhe-mlkem (or whatever the WG decides is the best way to combine ML-KEM with a traditional KEX in the specific context of TLS) out of scope.
- Potential drawbacks of ietf-tls-ecdhe-mlkem are best discussed within that document, as they represent securiy considerations for *any* potential implementers of that document. For instance, the fact that a memory safety issue in one KEX algorithm can affect the security of the entire program, whereas the effect of timing leakage is (should be?) limited to the specific KEX algorithm.
- Insofar as we believe those reasons to be sufficient for switching to non-hybrids (at least in some contexts), draft-ietf-tls-mlkem should mention these contexts in the listing in the security considerations.

Would this address your concerns adequately?

-- TBB

v2.31.3 | Report a Bug | By Email | System Status