[TLS] Re: New Liaison Statement, "Liaison communication to IETF regarding draft-ietf-tls-mlkem"
Nico Williams <nico@cryptonector.com> Mon, 06 April 2026 22:39 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 72432D736239 for <tls@mail2.ietf.org>; Mon, 6 Apr 2026 15:39:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1775515159; bh=qp+i+LO4j7abv0n4wluWC9E8Xw+aEK+8ywznGmiyUaE=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=EQqCmOOaIUBwYN6HjZd6Yjj3TdfL4nAgbw1eS/3YRtPtmnqgQn/Nc/P0bWQycL+1z 0EU3x+3YxiSpuzRSQx7B4nN1Qbbg3B91HZ+94cyWquZcOyJuu2UbYtdxAoFipqTk9Z C9rsS2Uv/1/S0a0LmL1D09sv87KUvX31aILaXMUo=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cryptonector.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bSxltNu2lswH for <tls@mail2.ietf.org>; Mon, 6 Apr 2026 15:39:19 -0700 (PDT)
Received: from gecko.ash.relay.mailchannels.net (gecko.ash.relay.mailchannels.net [23.83.222.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C3830D736234 for <tls@ietf.org>; Mon, 6 Apr 2026 15:39:18 -0700 (PDT)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 09A79123C74; Mon, 06 Apr 2026 22:39:11 +0000 (UTC)
Received: from pdx1-sub0-mail-a202.dreamhost.com (trex-green-7.trex.outbound.svc.cluster.local [100.122.165.184]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id A8DBF123CCD; Mon, 06 Apr 2026 22:39:10 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; d=mailchannels.net; s=arc-2022; cv=none; t=1775515150; b=esn6IVxOaKYIaQl6fucBu3sDG09QmXyajSQiigPw/LXeqQtoArCL0YRl8vgoNch0VvxHm6 dN4p+te0UxWuCdQLtwn4SEzFOfAvm8L2YMGp25IrE+JAPAcCfrDgv3qrbj7j1fXgj6Yhc9 FwaG9OtdlNVZ9wBs1hEIpS/Pd9gHxC4fHjmRPPzuLxOoJVCycRb5Hsfcwi4NFlPY7etUqF 1D6OLiz9Mg03Egu8FK/Ni4B1WB7cVoCvM4dvvj2PVFOxDshbhgKmPvsn2Urw4Mk9SiqGoK YoyK67CjYG8uNkMmpCFSrem3PETChKLwb0ta4/ysqmUYJs4iqnpz0aFCIOgQsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1775515150; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=W3hcWOeWm1lhW5eyFtR6eto0EJa0TfH/wBZd6L6LKgo=; b=odvu0A+fBaZO3gFAqLO+n7Er9J7tXikc6Ypj9je7Y0ZoGnH7pN0w4cM3uZs0AKCSh39ekR 6DxUwsNay5ddQ78+hK051BIgquOm/49xlRYrDwzH7WYFlUE7tbtl9evSJxAFk8H1rv+5xq bSU6/31ak79J75AOIS6tTSKgbhmUghHlGkI1waya8qvZmh4Un4k770UMHn6uQ7ShqVAXHo rxz5uAW49b6FwGjp3bc0AsMlpkIr9ess6x5Oj1e3EuhyVdDbf0tjj47d3QBjCY3Rl/3Zmu 8tggSspPD60j1G5Ob0dR8YI60ChsV5nf9HDo3OR9gq7IsUt73hD9pQs7ZzCziA==
ARC-Authentication-Results: i=1; rspamd-7d86dcc447-g8kpv; auth=pass smtp.auth=dreamhost smtp.mailfrom=nico@cryptonector.com
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Society-Plucky: 2d73cecb3496a50a_1775515150903_3578558814
X-MC-Loop-Signature: 1775515150903:3574149804
X-MC-Ingress-Time: 1775515150903
Received: from pdx1-sub0-mail-a202.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.122.165.184 (trex/7.1.5); Mon, 06 Apr 2026 22:39:10 +0000
Received: from ubby (unknown [75.81.95.64]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a202.dreamhost.com (Postfix) with ESMTPSA id 4fqPQ60h5hzSF; Mon, 6 Apr 2026 15:39:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cryptonector.com; s=dreamhost; t=1775515150; bh=W3hcWOeWm1lhW5eyFtR6eto0EJa0TfH/wBZd6L6LKgo=; h=Date:From:To:Cc:Subject:Content-Type; b=WEtskeVEMnCUgmb/X6Rit4Fub13QKwEP82YEHF+ZOIzfJ9NTBfOyw2+0RXT8QaP7W k+ByJdpn5JbyblKKuuHHSdcltr+vT7l3/vXPu+u/qurtPkuSxFdNwIVgfh0IYpQwqA AdEtC0oBkVUiP6OZooylX5nM4lsi18pLkvX9eJDKZMl7NVbSzlmLQB8gfg5P+aYBRI c00pkSutH3i091K/FP7DYQP0ymGr4chY0z4yoiGlAHcNEn65m/JtDwE/gwUmfPjN2z /lWQiCpb8mS2NoVKUbrjHhH8aYoZWAkhrw3uxhKgOmzAJGVEJuTbu4FRTBSJ03+ISX iSc9ibxXtTIog==
Date: Mon, 06 Apr 2026 17:39:07 -0500
From: Nico Williams <nico@cryptonector.com>
To: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
Message-ID: <adQ2C/gPwGutLSux@ubby>
References: <adHR1YEW-mPEb_BT@chardros.imrryr.org> <MEAPR01MB36540326A63FD5EAB70F652BEE5CA@MEAPR01MB3654.ausprd01.prod.outlook.com> <CAPxHsS+fv2S_Ydub24AHnFJUESxkr=h1me5NEtdsZ4bCqAip-Q@mail.gmail.com> <5b703cb2-721b-485c-963a-c6661b40c4c8@tu-dresden.de> <59ADD91D-9A81-4DC5-A3B5-3D8C2747AB96@vigilsec.com> <3d933b83-2b0a-40ac-80b9-dd2cc15b4766@tu-dresden.de> <903E494F-9C92-45C9-ADB2-96456A88AF91@vigilsec.com> <dbf63a1c-f1e0-480e-90a5-67f74b661267@tu-dresden.de> <adQkkfDWpMYySub0@ubby> <60167faa-c4bd-4397-988d-8b226a73b705@tu-dresden.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <60167faa-c4bd-4397-988d-8b226a73b705@tu-dresden.de>
Message-ID-Hash: 5S22UKUCZS4VQJ33I5GCIDAITNZXFB3I
X-Message-ID-Hash: 5S22UKUCZS4VQJ33I5GCIDAITNZXFB3I
X-MailFrom: nico@cryptonector.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: New Liaison Statement, "Liaison communication to IETF regarding draft-ietf-tls-mlkem"
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fQ-FKPp4QyqOFg7kBZHq_Jh8ToE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
On Tue, Apr 07, 2026 at 12:31:08AM +0200, Muhammad Usama Sardar wrote: > On 06.04.26 23:24, Nico Williams wrote: > > Their trade-offs might be different to ours. Perhas they think that > > security in-depth means you'll use TLS at the application layer, with > > hybrids, and so if you use PQ-only at the network layer, in the worst > > case scenario you're still protected by the use of hybrids at the > > application layer. > > Well, this double TLS is really shooting on the foot the only somewhat > reasonable argument I've seen for non-hybrid so far: efficiency! We've seen this argument made before on this list. If you're double- encrypting, and each layer uses different algorithms... IIUC NSA mandates double-encryption. Considering the need/desire for defense in-depth, I am much less concerned about IEEE 802.11x using non-hybrid PQ than I am about TLS using non-hybrid PQ. Nico --
- [TLS] New Liaison Statement, "Liaison communicati… Liaison Statement Management Tool
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… Richard Barnes
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Richard Barnes
- [TLS] Re: New Liaison Statement, "Liaison communi… David Benjamin
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… David Benjamin
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… John Mattsson
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… David Benjamin
- [TLS] Re: New Liaison Statement, "Liaison communi… Stephen Farrell
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… David Benjamin
- [TLS] Publish ML-KEM after all (Re: Re: New Liais… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… John Mattsson
- [TLS] Re: New Liaison Statement, "Liaison communi… Rob Sayre
- [TLS] Re: New Liaison Statement, "Liaison communi… Viktor Dukhovni
- [TLS] Re: New Liaison Statement, "Liaison communi… Stephen Farrell
- [TLS] Re: New Liaison Statement, "Liaison communi… Viktor Dukhovni
- [TLS] Re: New Liaison Statement, "Liaison communi… Stephen Farrell
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Deirdre Connolly
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Viktor Dukhovni
- [TLS] Re: New Liaison Statement, "Liaison communi… Peter Gutmann
- [TLS] Re: New Liaison Statement, "Liaison communi… Daniel Apon
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Viktor Dukhovni
- [TLS] Re: New Liaison Statement, "Liaison communi… Deirdre Connolly
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Arnaud Taddei
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Daniel Apon
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Daniel Apon
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Tim Hollebeek
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Nico Williams
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Daniel Apon
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: [EXT] Re: New Liaison Statement, "Liais… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: New Liaison Statement, "Liaison communi… S Moonesamy
- [TLS] Re: New Liaison Statement, "Liaison communi… S Moonesamy
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Christian Huitema
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Russ Housley
- [TLS] Re: New Liaison Statement, "Liaison communi… John Mattsson
- [TLS] Re: New Liaison Statement, "Liaison communi… Daniel Apon
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Paul Wouters
- [TLS] Re: New Liaison Statement, "Liaison communi… Stephen Farrell
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Rob Sayre
- [TLS] Re: New Liaison Statement, "Liaison communi… Watson Ladd
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar
- [TLS] Re: New Liaison Statement, "Liaison communi… Daniel Apon
- [TLS] Re: New Liaison Statement, "Liaison communi… Eric Rescorla
- [TLS] Re: New Liaison Statement, "Liaison communi… Bas Westerbaan
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Viktor Dukhovni
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Viktor Dukhovni
- [TLS] Re: New Liaison Statement, "Liaison communi… Nico Williams
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Stephen Farrell
- [TLS] Re: New Liaison Statement, "Liaison communi… Salz, Rich
- [TLS] Re: New Liaison Statement, "Liaison communi… Muhammad Usama Sardar