IETF Logo Mail Archive

[TLS] Re: Complaint to ADs and IESG regarding TLS WG chairs falsely claiming WG consensus to issue an RFC for draft-ietf-tls-mldsa

Tibor Jager <jager@uni-wuppertal.de> Mon, 01 June 2026 20:48 UTC

Return-Path: <jager@uni-wuppertal.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E94BCF8E1F97 for <tls@mail2.ietf.org>; Mon, 1 Jun 2026 13:48:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1780346881; bh=e1ZIS3u0a8hk2mCr7lkF2m5tGd0GwrLo+uM4eZu92ko=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=NeeUDuUALhZt9LSF0mP89gg6sTdOkgzVyOXGqk77TQoaEHaXAuamfUhGwxbDAgr+j xuuv273xrnW6JefPs8a7Iszk+2uc5aMt1gnBl+886sZn41s50WeKXbB3Oe4q9CQfP3 KeV9DfY9BFljm2IigFg2FzdOhYbvawLFn1CGCXVo=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=uni-wuppertal.de
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sxih0dQnfgmn for <tls@mail2.ietf.org>; Mon, 1 Jun 2026 13:48:01 -0700 (PDT)
Received: from smtpout3.uni-wuppertal.de (smtpout3.uni-wuppertal.de [132.195.64.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 1699AF8E1F8F for <tls@ietf.org>; Mon, 1 Jun 2026 13:48:00 -0700 (PDT)
Received: from smtpout-intern.uni-wuppertal.de (smtpout-intern.uni-wuppertal.de [132.195.64.33]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519MLKEM768 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtpout3.uni-wuppertal.de (Postfix) with ESMTPS id D660817DF53 for <tls@ietf.org>; Mon, 01 Jun 2026 22:47:53 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uni-wuppertal.de; s=mail; t=1780346873; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=e1ZIS3u0a8hk2mCr7lkF2m5tGd0GwrLo+uM4eZu92ko=; b=hofoF6/HlHy1eIJ5H8a2BvFOOCR/fnne9qII0gFW1cik3Va0qLSDKhavBiZDDmBY5g4s9+ y2RpdSlY4Nm9DDkuK6l84aCvLOO+RW6zGvo/PXrOus0Uzv/q0XM4ko+qZzisvMYxRpb1Fy pQo4qRbIy4fQpPNeGzsJMYgoivd86y8=
Received: from mail.uni-wuppertal.de (mail.uni-wuppertal.de [132.195.64.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) by smtpout-intern.uni-wuppertal.de (Postfix) with ESMTPS id C70259F2F3; Mon, 01 Jun 2026 22:47:53 +0200 (CEST)
Received: from [IPV6:2001:9e8:cbd0:a100:d850:549a:156:58db] (unknown [IPv6:2001:9e8:cbd0:a100:d850:549a:156:58db]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.uni-wuppertal.de (Postfix) with ESMTPSA id 68FD74070; Mon, 01 Jun 2026 22:47:53 +0200 (CEST)
Message-ID: <3b0a8373-ca6b-433a-a2c7-87c68e83d138@uni-wuppertal.de>
Date: Mon, 01 Jun 2026 22:47:53 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Daniel Apon <dapon.crypto@gmail.com>
References: <20260519112813.1254795.qmail@cr.yp.to> <CAGgd1Ocy8f4HeQy-qWauAJAxizznXdXA53kWVp_FV1QUVGuxWw@mail.gmail.com> <5DFBF81F-4A98-4C5E-A060-580DC6960021@symbolic.software> <87v7c8lgt8.fsf@josefsson.org> <CACsn0cmaOdG4vCdeOVSxAPnJtPRH8rBJ3sfAY3o0f1fm-ouceg@mail.gmail.com> <ahddRzOIvQDXcvaG@ubby> <CACsn0cnStbBw8Szq+McPumjExnbL=3wmwESYEMWczJJZbJXRgw@mail.gmail.com> <ahdflj/Xy8VoOfH5@ubby> <CABcZeBO3hPa2PXNBzfBHLRAGdc3LzcpJGMQwo8f8ufwfhxy1Zw@mail.gmail.com> <87ldd4j7fm.fsf@josefsson.org> <ahgzW1SQNUS8OhUA@LK-Perkele-VII2.locald> <CACaGApmvARUhMiMegHp+Q0O5KuYwW66qOYxQcV9DdKRfHu24EQ@mail.gmail.com> <AS4PR07MB8825B332ED2BFEA91BED403589172@AS4PR07MB8825.eurprd07.prod.outlook.com> <85e8b5d6-3ad2-4722-bc8c-32b48b83b3ce@uni-wuppertal.de> <CAPxHsSLSpYHyMvpHNnoqMsLgzb-ATSutn7kc0wEUoxD-9PvjoA@mail.gmail.com>
From: Tibor Jager <jager@uni-wuppertal.de>
Content-Language: en-US, de-DE
In-Reply-To: <CAPxHsSLSpYHyMvpHNnoqMsLgzb-ATSutn7kc0wEUoxD-9PvjoA@mail.gmail.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms040608010908030401040908"
X-Rspamd-Pre-Result: action=no action; module=multimap; Matched map: WHITELIST_SENDER_DOMAIN
X-Spamd-Result: default: False [-20.20 / 100.00]; WHITELIST_SENDER_DOMAIN(-20.00)[uni-wuppertal.de]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DKIM_SIGNED(0.00)[uni-wuppertal.de:s=mail]; ALIAS_RESOLVED(0.00)[]; ARC_NA(0.00)[]; FUZZY_RATELIMITED(0.00)[rspamd.com]; LOCAL_OUTBOUND(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]
Message-ID-Hash: DCFUVE55HOAZHTRYLQDXUC5WJVLGT4BK
X-Message-ID-Hash: DCFUVE55HOAZHTRYLQDXUC5WJVLGT4BK
X-MailFrom: jager@uni-wuppertal.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tls@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Complaint to ADs and IESG regarding TLS WG chairs falsely claiming WG consensus to issue an RFC for draft-ietf-tls-mldsa
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_ybMN3Y7wi70dfVrsXlNEtqv5NI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On 01.06.26 21:40, Daniel Apon wrote:
> " This statement might of course be outdated, but I recently asked one of
> the members of the CRYSTALS team whether this is still his view, and the
> response was: "Yes, of course." "
> 
> I also recently asked _TWO_ members of the CRYSTALS team whether they 
> support hybrids in their view, and their joint response, which they 
> wrote in tiki torches -- flaming and placed across the facade of a 
> certain skyscraper located in the Iberian Peninsula, with a massive 
> fireworks show celebrating the lighting of these torches -- was "No, of 
> course not!"
> 
> [[/The above was said facetiously/. In full disclosure, I have not been 
> explicitly told by the CRYSTALS team that they lit fiery torches in the 
> Iberian Peninsula with a massive fireworks show in support of any 
> particular cryptographic viewpoint.]]

Thanks for the "facetious", but still very toxic comment. Instead of 
discussing fireworks, you could also have asked them about their opinion 
on hybrid deployments.

I thought that most people on this list understood how it was meant, but 
obviously not everyone, therefore just for the record:

The earlier discussion had referred to NIST and certain individual 
cryptographers as supporting non-hybrid deployment and suggested that 
many experts are comfortable with pure deployments. In light of this, 
and in the interest of making an informed decision, I think it is a 
relevant contribution to the discussion to point out that the inventors 
of the algorithms themselves are publicly recommending hybrid deployment.

Since the statements on the CRYSTALS website are several years old, I 
wanted to make sure that this is still supported by the person I talked 
to, before I post about this on this list. Please feel free to ignore 
this anecdotal comment, and focus on the main point, if you don't find 
this adequate. Or just ask yourself.

Best regards,
Tibor

v2.46.0 | Report a Bug | By Email | System Status