[TLS] Re: draft-connolly-tls-mlkem-key-agreement

Sean Turner <sean@sn3rd.com> Thu, 12 December 2024 22:08 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E172C1E6400 for <tls@ietfa.amsl.com>; Thu, 12 Dec 2024 14:08:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgWoefgs9UXd for <tls@ietfa.amsl.com>; Thu, 12 Dec 2024 14:08:19 -0800 (PST)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 400BEC1E642F for <tls@ietf.org>; Thu, 12 Dec 2024 14:08:18 -0800 (PST)
Received: by mail-qt1-x82d.google.com with SMTP id d75a77b69052e-4679fc9b5f1so7231941cf.1 for <tls@ietf.org>; Thu, 12 Dec 2024 14:08:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1734041297; x=1734646097; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=x4IjYYVVQ9//Tvw9NL2R+0ETFOIt4UnLT89VS8i/xIk=; b=YFMewodrWpk2uC/EnOp77UQ6KyLp+RrWrX3Hj8H+Kot60fnVAzeDoh7+8NgMygu+py cPhwP33bdxMDc3Pj7Ibmo4/y7v4i3Mw3lBdmGhKZqlZooRRIFjw0Ztn9JcJ41aZLEKQL 8immluiqsnblq49+7yvmLjnG5TuspSDfZIpoM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1734041297; x=1734646097; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x4IjYYVVQ9//Tvw9NL2R+0ETFOIt4UnLT89VS8i/xIk=; b=LZlSatZQ1AYMOvAEUG83yegvjDZDz1xVfcgOdNYpy18JERjlMetH5wqxkfsLo9xadF PZjB+2uakXdIU5pvccVBKbG7K1s9M/v/NYx7CMeIYW+rwtDWgxSNoEV8YfRNhRh2AyMQ vZhiv0j1ZkjnG8P9oGFSL/gp2HbK5nDEjZrp7TXubpwcxncFyQ62elI3KT7BQujbvEtB W127UCxE6WL5B2c7mBpUe7qFgcqTdv7nUrzd5SoL3og/yX8cAqiFFy4dHzVkjIbnoHVb dFPT+Qej+Y6aGTudfXmWdVqHi467GBajauoNQCKKygl4kTpi3k6RJnKuw/7rhSXCtECJ rOyg==
X-Gm-Message-State: AOJu0YxuSQ87u8HxpDiCYuoA1LTvcifwck0cYzFWtK+ZOvFDMvGYCe8t +mX/npYPyzkJslr7iekK6Z3jKDLYS1eGWsklRtDZ7b1j3wyJzx6SE58hAhfcpEZ6tmOBq4aU/xc CBpk=
X-Gm-Gg: ASbGnctIS/oKnY5oaNmg+xhMbfF4vNLgWsP/5xBGXfZwvagBGqqtK8VB+mMUT+09V8a 8ihqiQPiJdtjuBE/foOfk0tjbc6m0hG7BcjDe1Cv6c0XWvg+f35y6Jv1Q1Nlkrv1o1hF8wcr64J dr2rM4TZzCT3ATWLWH41nkBSGYlbH320wmzj8U1P40JhHU3BEDpx55ZsWJtH3Spi8tc0QYk3Ncr qg5XUXPBItgm/XSfrgb01vWiU84SkhXqzToD8VB8SPI4p+XMrfF1UMGl3xJsLnkXKMFkrJxtEwk LL4gITI=
X-Google-Smtp-Source: AGHT+IFdzPP3vLkexkhbOBgj/DCPwTY6USDVu9XPwtqxT8NB31541KkcxFbS+L/l8v+/gIib7hTLcw==
X-Received: by 2002:a05:622a:1dcb:b0:467:5c9f:f8ef with SMTP id d75a77b69052e-467a572977bmr3750001cf.6.1734041297576; Thu, 12 Dec 2024 14:08:17 -0800 (PST)
Received: from smtpclient.apple ([2600:4040:252a:8d00:c595:4e5d:99d3:9184]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6d8dac020f7sm85582376d6.120.2024.12.12.14.08.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Dec 2024 14:08:16 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <3FE3BD8B-8260-4B0F-B48A-5EC61CEF3494@staff.ietf.org>
Date: Thu, 12 Dec 2024 17:08:16 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <F39475B3-F767-43CB-96BD-28315A153C79@sn3rd.com>
References: <20241212172840.553101.qmail@cr.yp.to> <3FE3BD8B-8260-4B0F-B48A-5EC61CEF3494@staff.ietf.org>
To: "D. J. Bernstein" <djb@cr.yp.to>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Message-ID-Hash: KZYFGHCU5UD2VOEYMLW7GQVPNFV3PXO2
X-Message-ID-Hash: KZYFGHCU5UD2VOEYMLW7GQVPNFV3PXO2
X-MailFrom: sean@sn3rd.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: TLS List <tls@ietf.org>, legal@ietf.org, Jay Daley <jay@staff.ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: draft-connolly-tls-mlkem-key-agreement
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Y0uXj9Z1yA7K1F47pPZ2R8xU3cE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hi Daniel,

Joe and I have reviewed the thread and believe that while Scott’s email is in a grey area with respect to Section 6.1 of RFC 9680 (an informational RFC that provides “Antitrust Guidelines for IETF Participants”), we do not believe that email should impact this draft being discussed on the TLS list. This draft has been around for about nine months and the idea of doing “pure” PQ cipher suites for ML-KEM and ML-DSA has been around for at least a year longer than this thread. As Scott is not an author of this draft, we do think it is not helpful to the rest of the community who do want these cipher suites specified to stifle discussions.

We should note that draft-connolly-tls-mlkem-key-agreement is not a WG draft at this point, so if you would like to appeal the decision to allow discussions about draft-connolly-tls-mlkem-key-agreement on the TLS list you can do so via the process outlined in s6.5 of RFC 2026.

If you have thoughts about how RFC 9680 might be improved or IETF processes improved to address antitrust risks please send those comments to antitrust-policy@ietf.org. Discussions about the contents of RFC 9860 are not relevant to this mailing list and are considered off-topic; see our monthly reminder email [1].

Joe & Sean

[1] https://mailarchive.ietf.org/arch/msg/tls/9W7sx80XWO_RjAVBIFuaAUyAvns/

> On Dec 12, 2024, at 15:43, Jay Daley <jay@staff.ietf.org> wrote:
> 
> Hi Daniel
> 
>> On 13 Dec 2024, at 06:28, D. J. Bernstein <djb@cr.yp.to> wrote:
>> 
>> RFC 9680 coauthor writes:
>>> If, on the other hand, your concern is that there has been a failure
>>> of IETF processes that has created an antitrust risk, then the
>>> appropriate course of action is to follow the appropriate IETF process
>>> for addressing that.
>> 
>> RFC 9680 says that it's "generally inappropriate" to discuss "market
>> opportunities for specific companies". What's the IETF process for
>> addressing violations of RFC 9680?
> 
> RFC 9680 is not a policy but an informational document, including information on an escalation path for antitrust concerns, and so there is no concept of “violations of RFC 9680”.  RFC 9680 carefully says “generally inappropriate” for the topics to avoid because there is a vast grey area here.  The decision on whether or not any specific action is inappropriate rests with the IETF community through its structure and processes.  
> 
> The role of IETF Counsel is to provide advice to IETF leadership to support their formal decision making role as set out in these processes, but neither they nor I have any powers beyond that.  I took your note to me as invoking the escalation path that RFC 9680 provides information on and consulted with counsel and the response is, as previously conveyed, that your concern should be addressed through the standards process.
> 
> I believe you will be getting an email in due course from the WG chairs that explains that further and addresses the rest of your points.
> 
> Jay
> 
> -- 
> Jay Daley
> IETF Executive Director
> exec-director@ietf.org
> 
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org