[TLS] Added issues on github Re: Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)
Toerless Eckert <tte@cs.fau.de> Tue, 24 February 2026 15:59 UTC
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B1893BD359EF for <tls@mail2.ietf.org>; Tue, 24 Feb 2026 07:59:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.fau.de
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RW726khJurGO for <tls@mail2.ietf.org>; Tue, 24 Feb 2026 07:59:10 -0800 (PST)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id A1114BD359EA for <tls@ietf.org>; Tue, 24 Feb 2026 07:59:10 -0800 (PST)
Received: from faui48e.informatik.uni-erlangen.de (faui48e.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:51]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTPS id 4fL2TH5PHXz1RCDK; Tue, 24 Feb 2026 16:58:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.fau.de; s=r20250630-faui40; t=1771948742; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Dd8aoJ1+EjnLmZodjSWsdHQnZGE1QCSw2KKYSgSvVQQ=; b=qfNDyNFOqtV+98pk1a8yOgnyOm4wG+A9hwtTwlQPQwuHBRme3/Ug/7XReV1J+egE93usfo TCcrct1YcXi3WtJRpacTR813VoPd3kj+zTCFPEuYc3XerGUugYcllJGhJV5LHIQ94M9H8W 1mMTDnFFre5NcxLYdjzYovqNdav+oV20ZR42mtADemb2t3N8md5EVOFX0/U5d43kxAirBs RON2f0+l4uKdVllxHYSr8TcWWxFbcoDPhXEzrE5vS7fJUsQe2gkTYWn8Bb0xysQmub5/Nr xJsCe0SioMOcUV6aUFve8fZ2+8rQfANUDwzEeBBjUQT0x4Swyi8L4oVCUVAPSA==
Received: by faui48e.informatik.uni-erlangen.de (Postfix, from userid 10463) id 4fL2TH4mGrzl39Y; Tue, 24 Feb 2026 16:58:59 +0100 (CET)
Date: Tue, 24 Feb 2026 16:58:59 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: Deirdre Connolly <durumcrustulum@gmail.com>
Message-ID: <aZ3Kw5KTLRkfYgSb@faui48e.informatik.uni-erlangen.de>
References: <CAOgPGoDLVqAVesWjrrD9ZR8HMkqQVLMp69vOkXPkk87MzcsOSw@mail.gmail.com> <CABcZeBM6sHJArV1FuWYbRA=XJtQiKKbmAeYt0YJuy4zAU2Ak7Q@mail.gmail.com> <CAFR824z6u9eCqk2UwXU=GCmq8i95ue3P-DLSfj97cEa8bXU6EQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAFR824z6u9eCqk2UwXU=GCmq8i95ue3P-DLSfj97cEa8bXU6EQ@mail.gmail.com>
Message-ID-Hash: EWDHN3EIDQLAU7LWYH3H6UA4GIRBTKAR
X-Message-ID-Hash: EWDHN3EIDQLAU7LWYH3H6UA4GIRBTKAR
X-MailFrom: eckert@i4.informatik.uni-erlangen.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "<tls@ietf.org>" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Added issues on github Re: Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gABYM-GwHKAgAIBriby_Ld98XG4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Hi Deirdre, Given how this is an endless thread and how i guess my sugestions where ignored by you (i did not see any repsonse), i have filed both of them as github issues. https://github.com/tlswg/draft-ietf-tls-mlkem I can only suggest to others here on the thread that made suggestions for improvements that have simply been ignored through this thread. I also don't think that the adding of analysis references and simply enumerating them in one line in the text as the diff for Ekr now does is sufficient. There needs to be text summarize the DIFFERENCES/BENEFITS over draft-ietf-tls-ecdhe-mlkem - and only then point to appropriate references that detail it. But the summary needs to be in this draft. Cheers Toerless On Mon, Feb 23, 2026 at 08:39:07PM -0500, Deirdre Connolly wrote: > I've pushed basically all of these changes up to github, as well as adding > citations for much of the pertinent work on analyzing KEMs in TLS key > agreement in multiple security models etc > > https://github.com/tlswg/draft-ietf-tls-mlkem/blob/main/draft-ietf-tls-mlkem.md > > On Sat, Feb 21, 2026 at 5:52 PM Eric Rescorla <ekr@rtfm.com> wrote: > > > > > I am mostly indifferent to whether this document is eventually published, > > though sad that we're spending so much time debating it in the WG, > > given the relatively minimal practical effect of publication. Specifically: > > > > - The code points have already been registered > > - This document is to be published as Innformational with Recommended=N. > > > > It's not clear to me that the publication or non-publication of this > > document will have much of an impact either way on the deployment of > > this mechanism. > > > > > > With that said, I believe that the current document has some issues > > which need to be addressed if it is to be published > > > > S 1.1. > > > > FIPS 203 (ML-KEM) [FIPS203] is a FIPS standard for post-quantum > > [RFC9794] key establishment via a lattice-based key encapsulation > > mechanism (KEM). This document defines key establishment options for > > TLS 1.3 that use solely post-quantum algorithms, without a hybrid > > construction that also includes a traditional cryptographic > > algorithm. Use cases include regulatory frameworks that require > > standalone post-quantum key establishment, constrained environments > > where smaller key sizes or less computation are needed, and > > deployments where legacy middleboxes reject larger hybrid key shares. > > > > I don't think this middlebox text is really on point. > > > > If we look at John Schauman's helpful breakdown of a hybrid CH that > > offers both X25519 and X25519/Kyber768, we see that the total CH is > > 1815 octets. Swapping out the hybrid for MLKEM-768 would buy you 23 > > octets, which doesn't change things materially. If we were to swap to > > MLKEM-512, this would buy us another 384 octets, so assuming I'm doing > > the math right, just that change gets us down to 1431 bytes, so it's > > *just* possible that this might be large enough to push you into two > > packets in some cases where the rest of the CH was appropriately > > sized. I'm skeptical that this is going to be very frequent, > > especially in light of the fact that at least the CNSA profile 2.0 [0] > > requires ML-KEM 1024, which has a 1568 byte key, thus putting us > > squarely in the zone of two packets with or without a hybrid. > > > > > > > > > > [0] https://www.ietf.org/archive/id/draft-becker-cnsa2-tls-profile-02.html > > > > > > S 4.2. > > As a number of people have observed, much of this text repeats text in > > 8446 and contradicts the negotiation algorithm there, which depends on > > the group list, not the key shares. You should remove everything up to the > > graf that starts "For the client's share". > > > > > > S 4.3. > > Here too, the diagram seems duplicative, so I would remove it. > > > > The shared secret output from the ML-KEM Encaps and Decaps algorithms > > over the appropriate keypair and ciphertext results in the same > > shared secret shared_secret as its honest peer, which is inserted > > into the TLS 1.3 key schedule in place of the (EC)DHE shared secret, > > as shown in Figure 1. > > > > I don't know what "honest" is doing here. If you connect to a malicious > > peer, you might still get a shared secret. > > > > > > S 5.2. > > > > While it is recommended that implementations avoid reuse of ML-KEM > > keypairs to ensure forward secrecy, implementations that do reuse > > MUST ensure that the number of reuses abides by bounds in [FIPS203] > > or subsequent security analyses of ML-KEM. > > > > Implementations MUST NOT reuse randomness in the generation of ML-KEM > > ciphertexts. > > > > This kind of normative language doesn't belong in Security > > Considerations. If it's important it should go elsewhere. > > > > -Ekr > > > > > > > > [0] https://www.netmeister.org/blog/images/kyber-kex-wireshark-ch.png > > > > On Thu, Feb 12, 2026 at 11:06 AM Joseph Salowey <joe@salowey.net> wrote: > > > >> This message starts the second Working Group Last Call for the pure > >> ML-KEM document (draft-ietf-tls-mlkem-07). > >> > >> > >> The file can be retrieved from: > >> > >> https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/ > >> > >> The diff with the previous WGLC draft (-05) is here: > >> > >> > >> > >> https://author-tools.ietf.org/iddiff?url1=draft-ietf-tls-mlkem-05&url2=draft-ietf-tls-mlkem-07&difftype=--html > >> <https://author-tools.ietf.org/iddiff?url1=draft-ietf-tls-mlkem-05&url2=draft-ietf-tls-mlkem-06&difftype=--html> > >> > >> > >> The main focus of this WGLC is to review new text providing more context > >> around the use of pure ML-KEM. For those who indicated they wanted this > >> text, please let us know if the new text satisfies you and if you support > >> publication. This working group last call will end on February 27, 2026. > >> > >> > >> Thank You. > >> _______________________________________________ > >> TLS mailing list -- tls@ietf.org > >> To unsubscribe send an email to tls-leave@ietf.org > >> > > _______________________________________________ > > TLS mailing list -- tls@ietf.org > > To unsubscribe send an email to tls-leave@ietf.org > > -- --- tte@cs.fau.de
- [TLS] WG Last Call: draft-ietf-tls-mlkem-05 (Ends… Joseph Salowey
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Ben Schwartz
- [TLS] Re: [EXTERNAL] Re: WG Last Call: draft-ietf… Andrei Popov
- [TLS] Re: [EXTERNAL] Re: WG Last Call: draft-ietf… Ben Schwartz
- [TLS] Re: [EXTERNAL] Re: WG Last Call: draft-ietf… Andrei Popov
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Adrian
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Russ Housley
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Ben Schwartz
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Quynh Dang
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Simon Josefsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Joshua
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Russ Housley
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Paul Wouters
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… D. J. Bernstein
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Adrian
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… sanketh
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Sophie Schmieg
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… sanketh
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Filippo Valsorda
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Adrian
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… D. J. Bernstein
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Russ Housley
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Sophie Schmieg
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Yaroslav Rosomakho
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Andrei Popov
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Quynh Dang
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Dan Wing
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… John Mattsson
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nick Sullivan
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Yaroslav Rosomakho
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Kurt Roeckx
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nicola Tuveri
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Adrian
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Izzy Grosof
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Paul Wouters
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Rob Sayre
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Peter C
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Thom Wiggers
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Simon Josefsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Andrey Jivsov
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Jack Grigg
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Marc Penninga
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Jack Grigg
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Kurt Roeckx
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Robert Relyea
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Ilari Liusvaara
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Jack Grigg
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Thom Wiggers
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Joseph Salowey
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… David Adrian
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Izzy Grosof
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Paul Wouters
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Toerless Eckert
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Peter Gutmann
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Bas Westerbaan
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Paul Wouters
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Tanja Lange
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… DA PIEVE Fabiana
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Toerless Eckert
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Rob Sayre
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Eric Rescorla
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Thom Wiggers
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Paul Wouters
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Watson Ladd
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Jacob Appelbaum
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Peter Gutmann
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Stainton
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Ivan Visconti
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Izzy Grosof
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Benjamin Kaduk
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Yaakov Stein
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Andrey Jivsov
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Tibor Jager
- [TLS] Discuss 2^64 reuse bounds, or omit? WG Last… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Added issues on github Re: Re: WG Last Call… Toerless Eckert
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Tibor Jager
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Tibor Jager
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Joshua
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Scott Fluhrer (sfluhrer)
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Ilari Liusvaara
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nico Williams
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Bas Westerbaan
- [TLS] Proposed Text on hybrid vs non-hybrid | Re:… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Izzy Grosof
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Tanja Lange
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… John Mattsson
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Yaakov Stein
- [TLS] Re: Discuss 2^64 reuse bounds, or omit? WG … Joshua
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Watson Ladd
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… David Adrian
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: Discuss 2^64 reuse bounds, or omit? WG … Filippo Valsorda
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Watson Ladd
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Peter C
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Joshua
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Stainton
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Ludovic Perret
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Scott Fluhrer (sfluhrer)
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Rob Sayre
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Ilari Liusvaara
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Tibor Jager
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Ilari Liusvaara
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Rob Sayre
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Scott Fluhrer (sfluhrer)
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Scott Fluhrer (sfluhrer)
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Izzy Grosof
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Rob Sayre
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Izzy Grosof
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Benjamin Kaduk
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Christoph Striecks
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Salz, Rich
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Peter Gutmann
- [TLS] Re: Discuss 2^64 reuse bounds, or omit? WG … Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Watson Ladd
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… John Mattsson
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Adrian
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Keegan Dasilva Barbosa
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… David Adrian
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Muhammad Usama Sardar
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Scott Fluhrer (sfluhrer)
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… David Adrian
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Stephen Farrell
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Benjamin Kaduk
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Viktor Dukhovni
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Viktor Dukhovni
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Stephen Farrell
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Loganaden Velvindron
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Peter Gutmann
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Deirdre Connolly
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Eric Rescorla
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Ilari Liusvaara
- [TLS] Re: [EXTERNAL] Re: Proposed Text on hybrid … Watson Ladd
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Deirdre Connolly
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Stephen Farrell
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… John Mattsson
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Benjamin Kaduk
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Benjamin Kaduk
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Nadim Kobeissi
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Wang Guilin
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Stephen Farrell
- [TLS] Re: [EXTERNAL] Re: Proposed Text on hybrid … Watson Ladd
- [TLS] Re: [EXTERNAL] Re: Proposed Text on hybrid … Watson Ladd
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (… Bellebaum, Thomas
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Scott Fluhrer (sfluhrer)
- [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-07 (… Wang Guilin
- [TLS] Re: Proposed Text on hybrid vs non-hybrid |… Thom Wiggers
- [TLS] Re: [EXTERNAL] Re: Proposed Text on hybrid … Andrei Popov
- [TLS] Re: [EXTERNAL] Re: Proposed Text on hybrid … Andrei Popov
- [TLS] Re: [EXTERNAL] Re: Proposed Text on hybrid … Paul Wouters
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… Deirdre Connolly
- [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-… David Adrian
- [TLS] Encouraging European Commission Engagement … John Mattsson
- [TLS] Re: Encouraging European Commission Engagem… DA PIEVE Fabiana