IETF Logo Mail Archive

[TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Thu, 17 April 2025 17:57 UTC

Return-Path: <prvs=820212e46d=uri@ll.mit.edu>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 032A61DBD99C for <tls@mail2.ietf.org>; Thu, 17 Apr 2025 10:57:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id es_NbqfukLko for <tls@mail2.ietf.org>; Thu, 17 Apr 2025 10:57:05 -0700 (PDT)
Received: from MX2.LL.MIT.EDU (mx2.ll.mit.edu [129.55.12.51]) by mail2.ietf.org (Postfix) with ESMTP id 774711DBD990 for <tls@ietf.org>; Thu, 17 Apr 2025 10:57:05 -0700 (PDT)
Received: from LLEX2019-02.mitll.ad.local (llex2019-02.mitll.ad.local [172.25.4.98] (may be forged)) by MX2.LL.MIT.EDU (8.18.1.2/8.18.1.2) with ESMTPS id 53HHs5Ev002558 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 17 Apr 2025 13:54:05 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Dl1ubyPKpB9KyQSAvndMdWgo1g+edfoGvMrgCiJjw5f8wenCkkJGgWImg4REJkdzKAr/LtPYdDxmfT7theshPxC6HrIVfXTKG6nYugAq8968kKDZt5CxzeKP5Ldq0AUe55XIBx22pPtKY+pkJndi2js4oDIjNA2kmee36a3lP21nbnWKpRmh2duHDORSm8FQJiS9zYVAvNjNd/Ja049uv5waTnYm6wOrBGPHhlOHEhwfXdhUCatG7du8rPN9JUwb/H/Zxy8EIXxc5O+FfumHw7Ccnpc343ruG/KEHkTZZuIb5K+33VB7r6rVO95WU0KERi+GMKnPT1rKTTofABAa/w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=djnWX13wpJ/Eub8R+7STEXlqYGy0OgoAOf1yW8ubKig=; b=KLbrnj7oHqO8R3CLaeb9bvLjSYnwBw8PxDZ+27MhpgmPEr0yFUCqc1yS7bfmvwJ680IwHI2s4XH9M1iuSQZX4XuW/42qoFONxw0y1hgkuOTbZmhL/0Upz6iC4GvSfvqtB6VvvZ2FOym3AcEjvc99VhIME73U32Czs8duhHnjGZzl70zyyXKsSOpra2S8A6nwmUFYa9O8wwyuMQ57WlXhC6fl0oPpX1y8Vmer1/4O7GWx4olQZ8NTg7Qo4Ln7ED+FlWaBLWLiP7C0UehluFNwr7fo7uAkEXIpbjBe0vS13p6cgswAOBtkd3V4Jh8y3Wfgs2lPz7vfoxDI/NLNSLqoHQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
Thread-Index: AQHbr78kz+gnQ0/CEkqRjOPdL3LwtbOoJKuA
Date: Thu, 17 Apr 2025 17:56:56 +0000
Message-ID: <CC953DB0-3051-4231-AA65-475638FEAE45@ll.mit.edu>
References: <ca271cd7-1489-45a5-85b0-35dca4cbdddd@cs.tcd.ie>
In-Reply-To: <ca271cd7-1489-45a5-85b0-35dca4cbdddd@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN0P110MB1419:EE_|BN2P110MB1671:EE_
x-ms-office365-filtering-correlation-id: 9e3f7954-860e-4c58-64f2-08dd7dd93e65
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|10070799003|4053099003|38070700018;
x-microsoft-antispam-message-info: MoiLluAJ7/VagNlylgXS90HT3Ob5fceatoWzeF7ZluwEzskbJB6Oy1BOoec29BK1kDfvHi6Bpr2dfsd9E7Dn41Mdceq1niJaLtvF1ws87V0llSneA8kd87b6zxbgs84ZksInTxL15n/ApOGZpRR9u2i5tWJfJaDb3/VwPsf1xpiol0tlMs//pYEoFbq2wxngfR6zZfXx2sjOOBDCsySSvB2aLPRb6tY2+K5qmxKvp7w5w5oQGxnPYwTEiZq3RmPVEaqw+kuGemt1SGV27QSLBBNc9DVqQbN6y7TXThJvl/i+FvwzJUtWnpv5vBmI5BFlA73P8SytwZXQo/86dWH4tAZLLKjDplTZNm4K5YdDecErt7Ntzo+J+KAFuGEJH0AhQGp5lrKWrsiAR0+ds1vg8/ve3c9/mOHDoLTknaKIQXu6mJ7MnvyD4BiM2T8uz7mzS/wbGL77MjT2Xq45dxVckIEb7EOWga/b6jXaUWk4oHx19NbzJNVycJOfz/MDK+/pY5tP5KXc1jATw+MaYpdltNPVcvgBwhtp9hDKyiQwb3q1BzBW75MGmIIhx3SnaSpVFBo5KkeMg+R/nhnISCuX7svr36ynqUzQd3ZEdevjZT+46P7CqXFoFjPzWFAtBJ5b+z0LvFxUA7aF2nW3NeSPr8RK1pzhjjIJmORhQzK5hQRYYmPSGOY4Xn2tez3bwNLGXwy2uV7mbhAMfRI9eMSpEaZMF+Jlh2h/QYl5byG3VMObj4om30t8XB9rsPz5+jE6AkxYDNfI4ZKN0I+DfPHS+clrXi24qjyrAFkRVayKgF6iUR5OM1Nh9sYb57lpNj9ey42ha6xFQ6o3vptwzWCTKzeiJ00gaAYt0tPpU5cG/J+b3qCzGr+wwnkvjxTtDasUWrDi8JTkjOXYpNsPl9qYyWGOss4V/0D9VFRWMSg3YAkcb9Eiie4xAYYfkjbGKyXBZfXYRqBuADuXZxpAGesDu0lURB3kVyESVCj4LHIrHgIJuTqNj7ooJ7G3qB/kVxyt3i8HC6swz1jkhV9sKXMjjilDTedhzITPxfXVwXV9b5oTH9HyB2NWI9cZYmEcQN2I4rWm+FTeLweg5Ob8A5H9KhWiRxwCeLs9nr+Klp7Pmv306ciUdnr9FW6MnH6lN0DbQwhsG159ALbp0vlp56V7hpUkfsZqcqNmLi+RmWHd8w9XEPQqwKo1p/i3dTIduBrp0FkGoXVuBrSuESstuRv3GPwmwFCbxIrIeu4dM1lHCxOpgmdReS1biRbhL1BH5TpsLbY8q1JW2e8aS3oNhIOnvSBNx0A/CfXW5vr2/WYqC4v+VnCIAP/5TDhxvv3COkAsMm7lYJhb+0wqG/PEx+7HpDeXIQyqUF7CcUIGGKkCVrsPlQrRmtxdU8inSuEFRT1u6D97pjJurahcxhfNqKHVee0mDckb9NCn+0desRzEAGj2vIwL8Ikv6s7orFwxAh0i0QyfbRgad9tywZaPF19Bt1xbAWuYOGuv7s3uEHjSe80=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(10070799003)(4053099003)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: PnboSZ60WNO/wvjjRLaTAylGbcWNI9GADGmYqNvXpBTcLVGiHUfalCxzvmJdVcg7pJGHzsaBAqW1bBW5lZ9kcMAmi6VMoCtWmAzUZmadJkIZB5J/c4zrO2L+q1jm4qiPY8akmqHA00f82t3SbkA5M7IAN6oWLTT9lnuX4EeagjnWaE2GTFG4a/69si/1htr1b5Vcs3F5MDX/XQkD9TQ9sd3oN0SbiJvCcfCi2Ra29+5m056RyZ7p8fsPD4NoWATKdirVPch+YfZJa8ZmxH42zLJS/qDGHRXdVI3awafENVHIHrpY/X5xdOOP5O1moXPiIrHMKW6v5H5UQ38LWIuMixFeqhCL02WWkAKWy1gldRUo/Q8+hBXHgAx+GRgOK9FIPUyHh9ysEDFTGJOv0839zOaXar2WxyM8ggGA6cexFDd/0DR3hEPQ0ne2ocADUDP+/xAO5vxZdYZLfCjTti/Qq794tOPZFVnTnTWjiPnHFKT7FpjxmKO9G9I0PS2Il54uV4a5YyV95ZkjKCxX6wTvMuQLvCSdgtBfTZ0h70KRmoqdbHOYh16G3PEZVeG7PaQtjdCpAkvdf+kc+KNry+IxHPtMYYzC5Q7pSepKBz7AePSY7mx5ov7HE9E75mfYYlX0MPB87j3mPPzDHWrYQgDeubRC0G6YvLzE9vWVJQaY5mPXwLroRHhUc+LGy1nQs4vVuLhdTAlBzPXgVGpTb8El6i9PtP7gny/eZIkwBPnV1zRR+tUxN1Zlh1g32+lcTJ6p+XUJhwsb8NnUefECg69TW/mK2WylgMveb3KSVCCdr/J/NBUmELqVEqR6ucNff1TJ0skfi0Grerb7HLgXaIv0UMBujUUmCI+IFiQFVml3IPlP+kYFlzjAmUhZF02J6zFvLYkkuALnCUNZb86eZ85k0ExEHMOO4sd1z7vGl+CBS5+OMUvdiaBYQD+PolRc3xS/a0xuBejeYg+Wx6A5nl6cYvGlrwK8WjinRROqMc9qGquw/e+cvHkfWPGbs0Bx1wvnTSmvydfepsu4ncp6op08P3+K9Mf92LILtIO8CWeiFk6dNDD0JqCZd4bNHMOxIH0Rw/MDCVvLG4QViU85ur2A74HPGOuj14AWVZd/zbx42xFe3Jp6Usk7jis1hh9/0BOxaPVvGKHr3xHSP0Bom9TpFLR9UKzqQ6sDXZKjTMeAND7IDeHHrwL903u53TXyCVAAR5JwBVxJJdjjQLZYqg/Z5rjVf1PGjuXc6FzXtCpwOC5uC17DeqlkgFwgIUkjEor4d0UrrkGSxyNqAJbbjlAo/8C3cJUop3gBkML+TSMwptk+Queq31BVVomNFv9ncwCqbjbRxVeutloJRGjXaG7SrJRhLGo4shMZ2xX22t2KVCU=
Content-Type: multipart/signed; boundary="Apple-Mail-4B47A4DF-BC7D-41FA-BC9F-966B9F91764D"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 9e3f7954-860e-4c58-64f2-08dd7dd93e65
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2025 17:56:56.4197 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1671
X-Proofpoint-ORIG-GUID: cxsLXB2XvfyhFJg6qS1d_AoU5qXn_xhC
X-Proofpoint-GUID: cxsLXB2XvfyhFJg6qS1d_AoU5qXn_xhC
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1095,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-04-17_06,2025-04-17_01,2024-11-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxscore=0 bulkscore=0 phishscore=0 malwarescore=0 mlxlogscore=999 suspectscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2502280000 definitions=main-2504170130
Message-ID-Hash: YWC2CCRY7DGQIYYIRKUGWI5XBR3A7SBQ
X-Message-ID-Hash: YWC2CCRY7DGQIYYIRKUGWI5XBR3A7SBQ
X-MailFrom: prvs=820212e46d=uri@ll.mit.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Thomas Bellebaum <thomas.bellebaum@aisec.fraunhofer.de>, "paul.wouters@aiven.io" <paul.wouters@aiven.io>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/YZsQI_QkBdXzUji9PWzp7weDopI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

“Needlessly” - well, I guess in getting tired and irritated by the incessant attempts of a cheat minority to override the choice the overwhelming majority (which is what I call 75%-25% split) made. 

This group has been trying to reach consensus on “comparative riskiness” for considerable time - and failed, so far. I see no reason to expect such consensus miraculously appearing out of <where?>. Do you? If so, please enlighten me. 

One reason hybrids add risks is the practical implementation/deployment/processes/management/maintenance part, as opposed to treating the issue as a pure mathematical formula - which deployed software apparently is not (some might argue that it should be, I let the reality speak for itself). 

Since It looks like 3/4 of the audience holds position similar to mine - frankly, I don’t see why 3/4 must convince 1/4 that their position is valid (usually, it’s the other way around). 
—
Regards,
Uri

Secure Resilient Systems and Technologies
MIT Lincoln Laboratory

> On Apr 17, 2025, at 13:35, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> 
>> On 17/04/2025 18:23, Blumenthal, Uri - 0553 - MITLL wrote:
>> Don’t try to stuff your perception of risks and correctness into
>> everybody else’s throat.
> 
> Aside from the needlessly accusatory phrasing above, seeking to
> reach consensus on the comparative riskiness of these seems like
> a good plan to me, and entirely doable, so I disagree with you.
> 
> I also note that you earlier declined to get into the gory
> detail of why you consider hybrids more risky. Arguing for
> inclusion of text reflecting the details (gory or otherwise)
> that have been aired in public seems entirely reasonable to
> me, so if people who prefer one position over another aren't
> willing to say why, they should IMO expect their positions
> to be less well reflected in draft/RFC text.
> 
> Cheers,
> S.
> 
> <OpenPGP_signature.asc>

v2.30.2 | Report a Bug | By Email | System Status