[TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt> (Use of ML-DSA in TLS 1.3) to Informational RFC
Tanja Lange <tanja@hyperelliptic.org> Tue, 02 June 2026 12:04 UTC
Return-Path: <tanja@hyperelliptic.org>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id EA327F92DAC3 for <tls@mail2.ietf.org>; Tue, 2 Jun 2026 05:04:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1780401852; bh=nniEsw6lSLe8off6YbIUz+QfpuZ504RheFfQJsHTgIE=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=sVKTe6yKZkL/BbvvyNwGrTlNpDP+K4d9HsNidX+kCeNs3XfPWZZSY//VEdxsHCapx 3ztONOcXk0Tx2T3I69sfAzW8GWILO8pNx9E3YRPg3afqbvthZAqZIh7iIdWJFPzUUG LYbP8bw7BAGCzMDP6uUDSk+qGflymgUKZKqhumto=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GYiUbC6IffyS for <tls@mail2.ietf.org>; Tue, 2 Jun 2026 05:04:11 -0700 (PDT)
Received: from calvin.mcs-cc.tuehosted.nl (calvin.mcs-cc.tuehosted.nl [192.87.90.60]) by mail2.ietf.org (Postfix) with SMTP id 4175FF92DAAC for <tls@ietf.org>; Tue, 2 Jun 2026 05:04:11 -0700 (PDT)
Received: (qmail 14916 invoked from network); 2 Jun 2026 12:04:03 -0000
Received: from hyperelliptic.org (192.87.90.62) by calvin.mcs-cc.tuehosted.nl with SMTP; 2 Jun 2026 12:04:03 -0000
Received: (qmail 283060 invoked by uid 1004); 2 Jun 2026 12:04:02 -0000
Date: Tue, 02 Jun 2026 14:04:02 +0200
From: Tanja Lange <tanja@hyperelliptic.org>
To: last-call@ietf.org
Message-ID: <ah7GsvvawT5aU4wi@ein.win.tue.nl>
References: <177911881651.554519.6124006444783847072@dt-datatracker-7688897f84-l74h4>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <177911881651.554519.6124006444783847072@dt-datatracker-7688897f84-l74h4>
Message-ID-Hash: QRED3LNKODKPZ4VGY4PRM5NELU65N2IF
X-Message-ID-Hash: QRED3LNKODKPZ4VGY4PRM5NELU65N2IF
X-MailFrom: tanja@hyperelliptic.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF-Announce <ietf-announce@ietf.org>, draft-ietf-tls-mldsa@ietf.org, tls-chairs@ietf.org, tls@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt> (Use of ML-DSA in TLS 1.3) to Informational RFC
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/W1opYY3fD4gBxxeRFGQ_FhSeSsI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Dear chairs, dear all, Already in the previour round I expressed a strong concern on the unprotected use of ML-DSA. That concern has not change and is substantive. I also do not see how it has been taken into account or has been addressed as the same text is now in last call. Here is what I had written before: " I do not think that the TLS WG should publish a non-hybrid signature proposal at this point. We should instead put support and effort behind hybrid drafts. I agree that these systems should not be recommended at this point, which is in line with the IANA considerations, however I'm concerned that the mere existence of an RFC will be seen as an endorsement by the IETF and lead to deployment of ML-DSA without extra ECC protection, which is a security issue. I thus oppose publication of draft-ietf-tls-mldsa. " All the best Tanja On Mon, May 18, 2026 at 08:40:16AM -0700, The IESG wrote: > > The IESG has received a request from the Transport Layer Security WG (tls) to > consider the following document: - 'Use of ML-DSA in TLS 1.3' > <draft-ietf-tls-mldsa-03.txt> as Informational RFC > > The IESG plans to make a decision in the next few weeks, and solicits final > comments on this action. Please send substantive comments to the > last-call@ietf.org mailing lists by 2026-06-01. Exceptionally, comments may > be sent to iesg@ietf.org instead. In either case, please retain the beginning > of the Subject line to allow automated sorting. > > Abstract > > > This memo specifies how the post-quantum signature scheme ML-DSA > (FIPS 204) is used for authentication in TLS 1.3. > > > > > The file can be obtained via > https://datatracker.ietf.org/doc/draft-ietf-tls-mldsa/ > > > > No IPR declarations have been submitted directly on this I-D. > > > > > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-leave@ietf.org
- [TLS] Last Call: <draft-ietf-tls-mldsa-03.txt> (U… The IESG
- [TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt… Stephen Farrell
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Salz, Rich
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Dave Cridland
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Salz, Rich
- [TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt… Simon Josefsson
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Bron Gondwana
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Eliot Lear
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Salz, Rich
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Salz, Rich
- [TLS] Re: [Last-Call] Re: Re: Re: Last Call: <dra… Viktor Dukhovni
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Daniel Apon
- [TLS] Re: [Last-Call] Re: Re: Re: Re: Re: Last Ca… Brian E Carpenter
- [TLS] Re: [Last-Call] Re: Re: Re: Re: Re: Last Ca… Ilari Liusvaara
- [TLS] Re: [Last-Call] <draft-ietf-tls-mldsa-03.tx… Brian E Carpenter
- [TLS] Re: [Last-Call] <draft-ietf-tls-mldsa-03.tx… John Mattsson
- [TLS] Re: [Last-Call] Re: <draft-ietf-tls-mldsa-0… John C Klensin
- [TLS] Re: [Last-Call] Re: Re: Re: Re: Re: Last Ca… John Mattsson
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Stephen Farrell
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Deirdre Connolly
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Rob Sayre
- [TLS] Re: [Last-Call] Re: Re: Re: Re: Re: Last Ca… Nico Williams
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… John Mattsson
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Brian E Carpenter
- [TLS] Re: [Last-Call] Re: Re: Re: Re: Re: Re: Re:… Loganaden Velvindron
- [TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt… Tanja Lange
- [TLS] Re: [Last-Call] Re: Re: Re: Re: Re: Last Ca… Viktor Dukhovni
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Brian E Carpenter
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Eric Rescorla
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Rob Sayre
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Marc Penninga
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Russ Housley
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Ilari Liusvaara
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Filippo Valsorda
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Sophie Schmieg
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… Loganaden Velvindron
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Nadim Kobeissi
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Nadim Kobeissi
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Nadim Kobeissi
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… John Mattsson
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… Falko Strenzke
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Filippo Valsorda
- [TLS] Re: [Last-Call] Re: Last Call: <draft-ietf-… Salz, Rich
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Filippo Valsorda
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Nadim Kobeissi
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Nadim Kobeissi
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… Damien Miller
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… Stephen Farrell
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… John Mattsson
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… Loganaden Velvindron
- [TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt… Paul Hoffman
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… John Mattsson
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… John Mattsson
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… Soatok Dreamseeker
- [TLS] Re: Last Call: <draft-ietf-tls-mldsa-03.txt… Deb Cooley
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Deirdre Connolly
- [TLS] Re: [EXT] Re: [Last-Call] <draft-ietf-tls-m… Brian E Carpenter
- [TLS] Re: [Last-Call] Last Call: <draft-ietf-tls-… Muhammad Usama Sardar
- [TLS] Re: [Last-Call] Re: Re: Last Call: <draft-i… John Mattsson