[TLS] Re: WG Last Call: draft-ietf-tls-mlkem-08 (Ends 2026-07-08)

"Kampanakis, Panos" <kpanos@amazon.com> Thu, 02 July 2026 00:47 UTC

Return-Path: <prvs=636380aed=kpanos@amazon.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7A02710C160D1; Wed, 1 Jul 2026 17:47:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1782953238; bh=0pNrcD3vm2lxZv1yr0w/V6Kz5x3a15HJQR9JjvYhuqk=; h=Subject:From:To:Date:References:In-Reply-To; b=AMUWefBl3oJlAOjsI1+gvzgpHDNRkJmEGnw75yAM/B5zMA/PjE2NYaJmEpPofmCTq qGKgezruWhvRzK6z6v6/Toi3BVXzDSZxx14/ZJtjZ5xzyYV5t27NEO+cmYVWmcA0Yc UnjhOsUH+s5LY6vhaQWgSQ/VBm88r6g6zgiy0dfo=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level:
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=amazon.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8VJk2mdoTD7X; Wed, 1 Jul 2026 17:47:17 -0700 (PDT)
Received: from iad-out-013.esa.us-east-1.outbound.mail-perimeter.amazon.com (iad-out-013.esa.us-east-1.outbound.mail-perimeter.amazon.com [34.198.218.121]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id D229C10C1600C; Wed, 1 Jul 2026 17:46:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazoncorp2; t=1782953202; x=1814489202; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=PFEb6j0tiWhMEqO1BEkzSL9Vb4jZc0hjBLRM6zb3pF0=; b=TcI/WdmtQ+C3I+dRSDpanVTJSUy/ZsS5PKiN4SgtUYJQjNcAj4QGM90L oOfvjD6eExwCGry5n77YnuQ+Odv/0TEWYasPKP7Gyd/9nC/q/dplZeWfS kLkTzSeueuKShHtjswP/31EVe+i2Gi5KPpTUq2j6Ax/CcBe88uUj6LmKz jCraA7bRz/ZcC+8ZuETaGPlNd4TxTup+Ucmtto04xYyk0j1OSz1Y78qgb pBfGR8dcYPL5aIWJbWkKpaLUAiNN74bh+K8tgWNE2bMhoL9qEvP/D+udH nun0oST1mLwb2+yQevD5HY280UQtzJjI6B0HGk15P63IkqbTpDuHpt90h g==;
X-CSE-ConnectionGUID: q03P52JYTtGi7kjtTRo9Ew==
X-CSE-MsgGUID: jQ3CKUYXTlelmrFmhCBvQQ==
X-IronPort-AV: E=Sophos;i="6.25,142,1779148800"; d="scan'208,217";a="21515062"
Thread-Topic: [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-08 (Ends 2026-07-08)
Received: from ip-10-4-22-235.ec2.internal (HELO smtpout.naws.us-east-1.prod.farcaster.email.amazon.dev) ([10.4.22.235]) by internal-iad-out-013.esa.us-east-1.outbound.mail-perimeter.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jul 2026 00:46:39 +0000
Received: from EX19MTAUEC001.ant.amazon.com [52.94.133.134:11463] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.16.242:2525] with esmtp (Farcaster) id a4361261-f289-421f-a8cc-dbcdc4959761; Thu, 2 Jul 2026 00:46:39 +0000 (UTC)
X-Farcaster-Flow-ID: a4361261-f289-421f-a8cc-dbcdc4959761
Received: from EX19EXOUEC001.ant.amazon.com (10.252.135.173) by EX19MTAUEC001.ant.amazon.com (10.252.135.222) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.2562.43; Thu, 2 Jul 2026 00:46:38 +0000
Received: from BL0PR07CU001.outbound.protection.outlook.com (10.252.134.239) by EX19EXOUEC001.ant.amazon.com (10.252.135.173) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.2562.43 via Frontend Transport; Thu, 2 Jul 2026 00:46:38 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=XzZvo6KaGSsQzi3RSzQXtgxwEP2IGGZ9addtDFjcvrZS78dbkhkq0EFXGq6ykikerEWB/TCxYdK10LhfUsDeyrcWgtAGlpNvhL+d1tB7vqFUESFHSQaNzn4VugBXBs3+6V7wEJjXPllJP+T9d+VSPa2uj8p9f8mUtWceJO0EIvJ6ZSPa3kZM8qk4n1ZqbZQFVocCRARg3rUxkEEel5dAwCMI1TJHiAcIA3oGoTsHYkG64Q1YQu48mutBmfyPiuYeVaojyqePRe1Eq12aFVQnb2gqP2mgRCYNkjyq+HV7OyRQp9yqbz1bkvD7BJp6l0kBUcz6ZXtWM3NXWh+uTLqgBA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PFEb6j0tiWhMEqO1BEkzSL9Vb4jZc0hjBLRM6zb3pF0=; b=qLxSEwuwrjeWAONSQbWW+R1zRSwVBVE99l/DQUO5fHY0pDBJNsUqUHwt7QFuWi6etyS6xKYFLGVbWzVUb2jXZ9AJH2GFLm8wqsD59C811W9Sod/j+AZI5gGlDINO+G7UAUOqR2fIryanO1oHn7N7ILI9GeYlfdLQWZ4qEaxeTkXeDRtLF2Gzibj1ZuLq2nmLUtX8uvj64ut2aXd0l+rMq2EyhCgvcM1DtGhKF/6dJu2pO8/tCWwZ6IsRX27AR74tWbVoxpyIdnlwhpZY9uALcpVgVwchlBp4MmSOZF+q1TrGwW4Im8E0wI+nYFQXxB3JYoKBKi8IwXNyA5JhMqUK1g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amazon.com; dmarc=pass action=none header.from=amazon.com; dkim=pass header.d=amazon.com; arc=none
Received: from BYAPR18MB2648.namprd18.prod.outlook.com (2603:10b6:a03:13b::19) by BY3PR18MB4612.namprd18.prod.outlook.com (2603:10b6:a03:3c3::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.181.8; Thu, 2 Jul 2026 00:46:34 +0000
Received: from BYAPR18MB2648.namprd18.prod.outlook.com ([fe80::3f0e:882d:13a5:ecd7]) by BYAPR18MB2648.namprd18.prod.outlook.com ([fe80::3f0e:882d:13a5:ecd7%4]) with mapi id 15.21.0181.008; Thu, 2 Jul 2026 00:46:33 +0000
From: "Kampanakis, Panos" <kpanos@amazon.com>
To: "joe@salowey.net" <joe@salowey.net>, "draft-ietf-tls-mlkem@ietf.org" <draft-ietf-tls-mlkem@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Index: AQHdA+1dvACXVD5uok2FBW5dU3gAerZZcD7w
Date: Thu, 02 Jul 2026 00:46:33 +0000
Message-ID: <BYAPR18MB2648864F1ECFDC2F9009D7A8ABF52@BYAPR18MB2648.namprd18.prod.outlook.com>
References: <178231320760.1520243.5914961961176039994@dt-datatracker-f9b87776f-8pmmg> <e7df5e33-9d77-4ca0-9c9d-48a154c0de86@app.fastmail.com>
In-Reply-To: <e7df5e33-9d77-4ca0-9c9d-48a154c0de86@app.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amazon.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BYAPR18MB2648:EE_|BY3PR18MB4612:EE_
x-ms-office365-filtering-correlation-id: b78a8993-a3c0-4c9d-6301-08ded7d35d77
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|23010399003|10070799003|1800799024|376014|4022899009|13003099007|38070700021|18002099003|22082099003|11063799006|56012099006|4143699003|8096899003;
x-microsoft-antispam-message-info: fcO8CQH0n0fja6iMyoB+jcorb8DF8VEc6oLHVQeScbSlZKq7FVwR7srrm/sGR9Uqc7NiaUONLObEIaa3+6PWNhTlGrGo1D7N880fTGbukVOjI8XclYjD23Nhe13Ic3EaUQNEZ5yviKbrK/gXEugz1CUAtcCrd4+bf7s/ZyEVEJSiSxJYhAP7lXg7jwL8r+pTqCTK2heQ8FI8vdBx4O9O4SORyUlhvi9q/FBIYx1e/PRlKXbRKi8Qf6wHTtZVGLdP6xMf9Q0LIb76gmca5IpFk5lM9AiHrrV8C5A/Z+2DW1TT05ji1vNcBs3hUIclEm2o8WWZP/qeN+bH5BgsGSbx8mrz3Om8aUC9KfJYiMGmyV0ZzToRCAuVyGboogWJ8lPTGE9nuAMWVL1LqyeGrGjB4MtmQuWEn+sQFvdfblW9b+y0RWJO0lXCwf+Iqn+9WJme0LLqLTlTK/zIxZwsrWoiFMTie6HJ1xly27GRkNAvHxZAu1sXjQvqTYX6TjwlRrpLJrbpb1X3R7WzYbQpFEfbfS1j4EwdqlVcX2AtroznoOCr90BdbfEx7jY8U+LG5Yiq85ZIoCYzZUwDsnR2bVAiIhUrnXQg70qYnCbvg8rmY7H+Dp4apI/SzXR47a8IbAuEOqLTteUOt5/SYIMOUOUmHPRRRdNGUOU3RQlp36o3fSGizsXzUL/372DzzkY1EYYvUfBOVL8081jb4wPzdF0t1Z7lpKmCJpQH+PUuykf3WkQ=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BYAPR18MB2648.namprd18.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(23010399003)(10070799003)(1800799024)(376014)(4022899009)(13003099007)(38070700021)(18002099003)(22082099003)(11063799006)(56012099006)(4143699003)(8096899003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: A/hTb8fMjrZaatFwWKOcKVXeI92f1W++EbMub4Ao24VlwC0cdr9te9zDpS+0JeCuMhwOjN/vmYST+PQd7gcE9Nt/oDaalDOL4AliwJy/WW39GQFLqiW/UGlXfUcn4PTZFYr7w+78r95P72YaSZkPkdvxqwQGH61qFUUMJHrLhhn08ai+JI0bHIERqDSolODQ63HieGI4+mo+qJuTVh0doNP1giJwE/hqffEa6ju4j0SehbJiTuKLrxIVYpTQbcCbN/A5bA0gNgJFEAroS5CRNlyufkYr/LbfjwR+Hn3nZdblKGrzygrX8PgWJPcIBiDDeSrKxoM1W5a23JUU92kG/5rpx6IkkIxM0MOV7fGV6SJiO88zsqG3rO/tOQYaNaXa32bSkTQ666EIBTKyZz4pZiYchMB6gOFPb8McshYXL1M2lcdVGzsSvibR2frCmA4uT62XWI8+fKXpHJDauci9w+IiwRhNeYt82lmHqKYAckvH2yVfQ+OAhnGI9WwUCBMzEZeaASP+7CLduO7dwdyAit/UQbfd1sT2avCrcgxp2fjC4BsqWxJzYrg3Wukwf0lr64RByEAZncQ2grhm5KaNYI1w0YZcr+cqL6CgxTxIfQPmnVCX3Hsr2hfOtgdWh4HGzFO3ejcty19+/u1IfT2T6D3ATUzB8o4AtAhGe+4lXZstb9UCK6+DOKaspJgY6lO6Btp8dSwh+r0UXHfrCBHhJ3Mlqkn+J5Law8dWFl5kJdKt1XIOYfB4nH+6IMUexdaX/EIW30AoBCyOhEjJa8iv3Fl4E/AhJKfvBCe/zofem8lunAheRTdZrhjZjomoRBBUW2hr7Ev+kDlpOt+aY23ianZ/NPVFgKNCTolRK6+tvvcUV/6dAIezUEghmxIpLwgUD7LMDNk0VQx7ZOu6as/J4Q/VMquSu3lOwbMnYMCsMyVDlHsykoAvWfwq+3QTayKkF9EOa+qiQl9WHFzsQRSsMEgG8qmCMJe+5mpOA7q0TJ+O2ZtFtlbS5t69wRo9daEeGtfs/kWfTCcUIIW2OiGrn4S8VT9pYh7RHLnr+6WktjKV7BPcR0H34LNDErvlWcF4dYYP296gmRpzAV1Rg+hyy+9C6dtXSBTrLVchxNf13AEI2sPU+gnrx+CAMkneJYkJzIFgdioLuLRPBdOS/am2dN9C2DU1a7N01R5ndVNV1NMBzEbPIIw8ircrmsK0/oxoSzhgbTpfmMNiym9uSt4zNvNsIcQWJiHO7/vPv6ex5k4PtX1/woTuk+gg8NjHZXWQ+H49Eh0rKFg7OiBH1apia3hS0u1SIssP5fMp5t5VRUr1CEvbwvFvndVFc9T6LpLUHE6yU0I/WgRH11d02AgsXEzUR1O9pSFnvP5s9ibkCvvsW9f6epxsA54EGbjdjM+77Z3+U+QrUzU7UESpboMFEw3KVs8Njxmm+KJjPNadl46nG8Tf+7JXMLf0FXHsSoKVJhBxdwEE5TJQxvEruFaysZ5yu3djzkTkGCSp2tIphNLDpfDwDiGJ6bnrg4DIHDp1XtkSrzirOvix+OrmYb9MB6cDS53/GjIEry8BqCOPBRH1HPuRYIhNQ3gKjanj1zJqwx6ivi7DST6xLcO5RQtIzlv6OzrcUkQtJXAtvuB0dnNuDAuAjo6rgJrZBfUIFt4d/gYkHllJZDife53WWbr6WwrXRbVxAFx13kHCdddCLy3aIafCmgWxKzyHbz+ugpcqMnrtvtdHjafgkJdsmAYvtUtqLzuwC4nRzsN1b9b6In1GXjtKVYgVLxLpREk/Cotc
Content-Type: multipart/alternative; boundary="_000_BYAPR18MB2648864F1ECFDC2F9009D7A8ABF52BYAPR18MB2648namp_"
MIME-Version: 1.0
X-Exchange-RoutingPolicyChecked: ao2+j53aTMC9v2K0DNEts9gba7FI+FuP8DFPr94BuW/0A4zKhfRGOlQQsp73E7zyhA/+PXLTLXQU4g6+l0JUl2EYFytw67JJ1kiZj2ev14q/dm8PFJrC2Ol4CYBeAqjUnevt5m0PobsSF99Er4NwlKKh/cvzkxNt2vRbqqynnq+lMIJfQ56ZW4ZGhkiZ8Z0DbajfOi6p/GNbJqvcsCxOotntgF2s0NquwmXr8BiqK55KCFIUfw0HaULFITbq5KCC3voBDILG/Tf49sV3b1wbLWGnQLMllAGiQj95BVcXJcWzGLLE/pngIRL6jQFv/LOm4lobBkMUqIZ5vbi4dLYcpw==
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR18MB2648.namprd18.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b78a8993-a3c0-4c9d-6301-08ded7d35d77
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jul 2026 00:46:33.8999 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5280104a-472d-4538-9ccf-1e1d0efe8b1b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Mf+kkrohy2uTVBKD6Z5tNANhgtlpOmvqnMEwmorYgJ3qkS2TFjYcTcIG9hKSX87y+RIleTFPoQw4YPthQdkvKg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY3PR18MB4612
X-OriginatorOrg: amazon.com
Message-ID-Hash: PA25YTKBFCNI3DV7L3EPSQSLIYTVIUHO
X-Message-ID-Hash: PA25YTKBFCNI3DV7L3EPSQSLIYTVIUHO
X-MailFrom: prvs=636380aed=kpanos@amazon.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-08 (Ends 2026-07-08)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gdyeR_LjwVw8bHRSvIUduFlBLOE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

I support publication.


2026-06-24 17:00 GMT+02:00 Joseph Salowey via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>>:
This message initiates a new Working Group Last Call for draft-ietf-tls-mlkem[1], which defines standalone ML-KEM key establishment for TLS 1.3. The main question before the working group is: "Should the working group publish a document specifying stand alone ML-KEM?". If there is rough consensus then we will push to refine and publish the document; otherwise, we will stop discussing the draft and not progress it. Please respond to this call indicating whether you support publishing a document specifying a stand alone ML-KEM. Please refrain from further discussion on this topic as most arguments have been discussed multiple times.

Why are we holding this consensus call now?

Significant developments have occurred both within this document and in the broader TLS ecosystem to address the concerns raised in the last WGLC. Therefore, the third consensus call is warranted. We ask the working group to consider document publication in light of these recent changes:

- Promotion of Hybrids in draft-ietf-tls-ecdhe-mlkem: Following a separate consensus call, the WG agreed to promote the X25519MLKEM768 hybrid group to Recommended: Y in the IANA registry. Consequently, the IANA registry will reflect a clear community preference for a hybrid because Recommended: Y clearly indicates this while the standalone ML-KEM groups defined in this draft remain Recommended: N. The updated security considerations in [1] reference the IANA registry to emphasize this preference.

- Key Share Reuse Prohibited in draft-ietf-tls-rfc8446bis: The WG recently reached consensus to explicitly prohibit key share reuse across connections in TLS 1.3. The new text changes the guidance from SHOULD NOT to a strict MUST NOT. This resolves the concerns regarding static key reuse and its associated privacy and forward-secrecy risks for ML-KEM.

- Nadim updated the ProVerif model of TLS 1.3 to evaluate KEM and hybrid KEM groups in TLS 1.3. This supports other results which show that KEMs are secure when used in TLS 1.3 and that hybrid groups are secure even if one of the components is compromised.

- Liaisons: We received liaison statements from multiple SDOs including  O-RAN[2], IEEE 802.11[4] and from 3GPP[3]  expressing support for the publication of draft-ietf-tls-mlkem as an RFC as they rely on the IETF to provide a stable normative reference.

Please note that a third-party IPR disclosure exists [5] against this document regarding patents related to the underlying ML-KEM algorithm. This IPR declaration has not changed since the last WGLC. As a reminder, per BCP 79, the IETF takes no stance on the validity of patent claims, and the working group may decide to proceed with a technology despite IPR disclosures if it decides that such use is warranted.

Conduct Reminder: Given the heated nature of previous discussions on this topic, participants are strongly reminded to adhere to the IETF Code of Conduct (BCP 54) and the TLS WG's Mail List Procedures. Keep feedback professional, technical, and focused on the document's text.

This working group last call will end on 2026-07-08.

Joe and Sean

[1] https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/
[2] https://datatracker.ietf.org/liaison/2198/
[3] https://datatracker.ietf.org/liaison/2151/
[4] https://datatracker.ietf.org/liaison/2148/
[5] https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-tls-mlkem

_______________________________________________
TLS mailing list -- tls@ietf.org<mailto:tls@ietf.org>
To unsubscribe send an email to tls-leave@ietf.org<mailto:tls-leave@ietf.org>