IETF Logo Mail Archive

[TLS] Re: [EXTERNAL] Working group last call for the deprecation experimental code points in ECDHE-ML-KEM

Andrei Popov <Andrei.Popov@microsoft.com> Tue, 04 November 2025 20:17 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id ECE7082E048D for <tls@mail2.ietf.org>; Tue, 4 Nov 2025 12:17:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RTHG5Uej4Agc for <tls@mail2.ietf.org>; Tue, 4 Nov 2025 12:17:58 -0800 (PST)
Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11020117.outbound.protection.outlook.com [52.101.193.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 7502482E0486 for <tls@ietf.org>; Tue, 4 Nov 2025 12:17:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=RfG7BvRjiTZynPt/r1ihC/CdhY/WLy87POW/npWfX4A5xWwWO6srZgBUQGLKtuAEHYfReuy+SDVePJC730bhExYZx6rGr7TEAPqvnW2rffei0nKev425oC8GFzxnfL14MikflihEgo+deuFmIiegqf6z3ZfDj3JHJRyjv918mwRSjQDJTr0VJlKj5Slvzr0getTKyRF6t1oX5mWfR10sBK0bNziUmm6bZ5zRJxhOsdSCN6fClTTXMKlk9xQ+VGdPsYBRJGPPng42PGLKYxxVYGX+QeUEXW7H7MYAmvPtva7WyvMJr3YiupRP0OcgR45ECUwKHK8zlhQiL2GnkSdcUQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H53bXra+OpECoRMahtHLJO4L1+KuI9gvMnz+GX0ly3c=; b=m7G1AXaRSva+nu2pQ1idnyDgINHPdqRUJzi5WBSmL/80bJbkdDmr5hZ/inH6ret6pdkAjnSnyU6lgDuRuPJyYK1Qo3robHwNdSGivSLUJi28DS6xUDoAoBP56xTZiznWk3ihecqzdnC1yzboJGkbJyoGH1JkEJJCsY0fyCA72MAh+PreB+Zm2AI21CaZqSg6QnAaOOc9N/dgtniv5TOzKuSVot9R0XsQbUUbz7eVZ4oRHVTt0Wz/ePirFHXaUo01O5hg778mpYfE+lM7LZepx6eCe/gFYrwrgRuX3R5Wn17uwVocigafexe2qvb3GBHBlmsHoPRwvEMcTjUDIbXkGw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H53bXra+OpECoRMahtHLJO4L1+KuI9gvMnz+GX0ly3c=; b=aLx6Rbr7bfLI3iw7XA+4Kc7ug4PjXy3vu6SVglEHlz4D8OExAyz2SAEzesdbvRw+zbxA3eQPSR707DkGO98edXdRqd37EIMweUecrk09UqxnMbNhltqvDzJ6+240INikcotcl6go9sUwYEkraUmImWOti3urqt/GyqZ3dJf7QRM=
Received: from CH8PR21MB5484.namprd21.prod.outlook.com (2603:10b6:610:272::5) by CH8PR21MB4935.namprd21.prod.outlook.com (2603:10b6:610:274::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9320.1; Tue, 4 Nov 2025 20:17:51 +0000
Received: from CH8PR21MB5484.namprd21.prod.outlook.com ([fe80::c4ba:2e6d:2632:cbae]) by CH8PR21MB5484.namprd21.prod.outlook.com ([fe80::c4ba:2e6d:2632:cbae%6]) with mapi id 15.20.9298.004; Tue, 4 Nov 2025 20:17:50 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Joseph Salowey <joe@salowey.net>, "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [EXTERNAL] [TLS] Working group last call for the deprecation experimental code points in ECDHE-ML-KEM
Thread-Index: AQHcTcWdWWF8/K+rOUKxQ+w15SBdgLTi9GiQ
Date: Tue, 04 Nov 2025 20:17:50 +0000
Message-ID: <CH8PR21MB548480F5EE71FE3B75C9C84E8CC4A@CH8PR21MB5484.namprd21.prod.outlook.com>
References: <CAOgPGoDsX09SEUXr+Tq_m_5bs+erCLagSGMrAVohBRMqOkAtRQ@mail.gmail.com>
In-Reply-To: <CAOgPGoDsX09SEUXr+Tq_m_5bs+erCLagSGMrAVohBRMqOkAtRQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=0f480f40-adc0-4a3e-86f2-fdddb3729d15;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2025-11-04T20:16:59Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Tag=10, 3, 0, 1;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH8PR21MB5484:EE_|CH8PR21MB4935:EE_
x-ms-office365-filtering-correlation-id: c5571109-9657-4cf1-5477-08de1bdf3a3e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700021|7053199007|8096899003;
x-microsoft-antispam-message-info: lVWGp3ZgW7xQxqedw9+mpS+j+0qoYacMmvZQacpCWQ0z2uk9fbWdlRTUZnX6Cj934lJf2Z7RqvV4/Mtc0GxjY7z3agyifG826BOwmiKgpdn7xtdZaovdDQNGJf13KZAmpeZPDjjktt8Gqq1Jozoclkw89ZKbC+Hb9O7Krh49wh7C6gU85ArBuHCfPh+kvmlco6MoaAQW1d5LAAfZUqk565zhZ9pF4JYzB6Xrsnj5Aem4o0W3qNl5+jd4XldRXINS0/huP6K5FccB/zeYo5NxYA4bLG0mJAh946v8IgNIo8yPj15IgII+NohYK41/Qae0rC/gm7IXM+ON4CvVrYSkgngY7PvVYZbJgn/VB2MwoRz+hqzTk33FraE/pv7LLJEHrR2yA4qBwSaqRQ0etU9wOp9X0OBN0GvgGe+lAPI8pGQ0OraYS9TZvADTgMmyKAMN25rBE/ViPz26YPI8odQqHidyQFBq9I9Kan+E7Y2RvCstM1v/pylsTFWLnfhJkMowxDcao9d0sKi7ZjO2MxNonUkWUR0yWvm+pjyjyFuRmoKLWRpnGiPyv1Da9+CWnDC8WuiBwhxhidZDILdyz88SXWpEUcuLGpPrysodoofx/qgAQJ5ASp6C6fn8eNTzIoAU3zFOlXPIx1UOTa2ETR9W/3L4m6c8FXRgQPwPo+hmTfl3Nf6Fvl8d2DgY8JeStZQXUNUqwjbaQxoLeH866nzsgtfWG88O1lca7U22TEcKAop5dUJoMeEXhpzKwKddxg+Xa6EmOy7s9WDldbnXhs2WQ61wW1x0KfCQtTlDeXvHQPf3GD98Vlds7jno/XtgJvOXf6PyWx3/ohf75RETi4heieUEGwKKvRhnYZ5+Xf+Dyj/qVf4DZuMNNVAGHZNeoOGNfqzXiNm9TwhFYVnqo9xuc0syUXYdTwMvesGSEFDrZGaqmh2/xkEGmz17+aiTZ/ddCcAPBrf0GJf9WPSARD5VfvvqlLLq426Ps9BPEixafZ7uUPpm35vXuZ6TUy9uPE7YinHav42UlVPFQiglLghpj1wDztNk5fiRrJtASf25uokuei99rdM935FG7GDJNLmeugQZbBtHWb/WXl4PzrmXap8xYgVz3u4dUsAYUih4gNYf0ngQueajSUZ0FSq7qZL7LTFUGK1fbWQuhUe6pbKrx1SeQI3TJIF5S2v/yL+lvA2Hoc3ynx0dXh7dxSMmxpaGiE7SoY7oOy4yX9SLq7BaZ0fM0qZyiRJ+aevBqN3PyP4DeRX14ftmgodIQM7IjXtVkrlce1H3ZMR4Sr8eErSnM5eI+tEAvinlzKvtymm95dkGKwCViImpvUO3IBlqGm+OQDp4JUqu61NoxnZD4qLaHw3A9ry9UWjZYbSWJhAjH8Q4Xl4ffNsJ9TAknnPqapUgL6bt3GkE44By5eKg6wn7xhJb9ktgv7eG4LGeXhIM9xuf+LIyH1OJ5YqXmtow2u5bfpsxjaT37mrkgliyhBAIq+f1ThHsVwds9REyqK738GAy5MO5KCJAdScZP4ZwI+O9
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CH8PR21MB5484.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700021)(7053199007)(8096899003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: UWgasYj9U0qrMo5JD7KPAZ99c7BkZNM7MM+0qcfobpkaTzuViPkgSOWoWZWCU9qBAWVxjU1WwMpWIAP9sIXRFVzgxcfVJM+LEc/NZTUp+j78x9VfzDHvayJq9YTgm5IqOQLJe0K30TlBt0Ot7gWmK1BZ4Y9gcwsAgVrhKAIYSBF1J513njrTgRA0/9y5uT5t+/3817ASA7jGnn5w4dWQGbcoe0R3+RtKUUsQ4R/f93DX88IDBbwbSPfWjErUpRiqT9TRIGC9F/HX4X7zQdEzsLlKnKag5RocXPdC3hVV5Jj6neCMVeJMXsR15aE5dQSKHfXiaz0TM8HvxfauUMfOXkaZnUt4GPbR222tUuPJb1KDd757bDlv0vu7ZDPXXQ5kR5vwdKm2qmiMPBuONncEYWwcsi6U/uj0cyvZcDAV14iQZ/k/HCylO1cQHYtSN2GnTyAOhSOwIrX/Ea0G3Zt05cfw/6kKPE5lX+9b6byiyFZGdrm/FYBf1+tmXcUVNVC+4QVyj3jI8CYg6I0MMukFOyecl+/9E5TCQvCV/4NABWGAd47uSkimEcnIbm3Wiff8fI90x1MmOYQUeTUFccSTH6KckMw6lMacE4iq+F5K4JGWo1jKFg4Y7g79QDISaTVsPYzBIi7E0WqSltM03+caFoD+gyinqbnBCFoGBHYMDfEed6Qx0YLY3xQNe5GeYf7bbigfuzDKkEOr8rmlgK46MOb2pS83qwGrCpv0dUU9GKByL9MWzHH9Z6w9WWXQVwiO2i1LVQ+Ji5uW/934GNsGAN6CGzgXOyy3tUIHy4Nim7uxWsOIecwTWE6sKKw4tKM9dzolzP0fL0FsgJ112tkLE3RNDEPf6wVDh5Fj7R7iY0cDN9G74pK9CCC6TArjomGmOOwNzCssHMrrxMl+vdIOZVqJ0bz1qwUczpb+bCxXVF/aiJdN5DQavOZ8w9c/mDAFB0Lmy/d2eQ6hGZCjrMW1BLyTqHiLbw1Rwt7GaO7sZ+LMctgKykgNEe3jEgiwzxZRYKgpPLgIUpNWT+GVz6WfiwnjbtjqJ+P6ihLe9xYD3Oi3QUULDvynzTOMdVsnHz6svxv1CBAjYB7kc6G8bIy29++PgqqqyPg4nRw5MQz16xwfUDmuaCNm0/L9JZpEctqJzJE1PrYeGT3KodHGU0m/MopH1SqbUTc06KVli37lru9jZJpKY9Fpwaj3Fb1B4TQXv7IaWS9pH16gYPoB1IXBZ55YfSWDMumTkq/gnAfwK/Epa4PV6NGaV6V5n/De6Ifk5ink1XSQcQqrdzbhSeTVa0vKrrfiGKYf4dAT5qwdYnbbnpe/rxnv0fUZWRfG8oHrpCKF49kRpG4j6jJ8rCYlBsjaYqB8+SBQ4TRPc4JzD9B6nfF+XQbKMaWWZkRoZY6cBlDnScilVgRYExoeIu0AaXPeKrvIZeKy4VA0mR2y0k+elBfDnqBYlS/L+4i4OxCnd9EbQcikVZAFliLHE0N3r3IDzFWSLmS2vkndGR+1PgIkXPD7vETobszXhRpkdUn4jLhiiajdJe9wU1LQozOT5dPxB+6l5Hj2tvHLLT/z83cYsWJebj5bPAKZB+h0cFMu
Content-Type: multipart/alternative; boundary="_000_CH8PR21MB548480F5EE71FE3B75C9C84E8CC4ACH8PR21MB5484namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH8PR21MB5484.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c5571109-9657-4cf1-5477-08de1bdf3a3e
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2025 20:17:50.1587 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WEomFZR2aPWPkMSuzrYi9A7xQ5PsfwKGWtaCsvRPFj2rbBUAxchfwRfckyMkR/GzBLTvYTCexIRuDo/qGYubbg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH8PR21MB4935
Message-ID-Hash: OQL5JYRDDPZIRYQJB23ALWKFLJDBSQFF
X-Message-ID-Hash: OQL5JYRDDPZIRYQJB23ALWKFLJDBSQFF
X-MailFrom: Andrei.Popov@microsoft.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXTERNAL] Working group last call for the deprecation experimental code points in ECDHE-ML-KEM
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gwTVk4ICmJauvMy0pW68eWtlGIU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

I support changing this document to standards track and the proposed change.

Cheers,

Andrei

From: Joseph Salowey <joe@salowey.net>
Sent: Tuesday, November 4, 2025 2:59 PM
To: <tls@ietf.org> <tls@ietf.org>
Subject: [EXTERNAL] [TLS] Working group last call for the deprecation experimental code points in ECDHE-ML-KEM

Chair review of ECDHE-ML-KEM uncovered the following issue.  The document has a section obsoleting the following experimental code points assigned to pre-standard versions of ML-KEM (Kyber): X25519Kyber768Draft00 (25497) and SecP256r1Kyber768Draft00 (25498).  This requires assigning a 'D' to the recommended column which requires standards or IESG action.  At the Monday afternoon TLS meeting there was strong consensus that the best and quickest way forward  to change the document to standards track and make the following change to section 6.4 (Obsoleted Supported Groups):

Experimental code points for previous versions of this specification were added to the TLS registry as X25519Kyber768Draft00 (25497) and SecP256r1Kyber768Draft00 (25498). This document obsoletes these entries. IANA is instructed to modify the recommended field to 'D' and update the reference to this [ this RFC ].  The comment fields for 25497 and 25498 are updated to "obsoleted by [ this RFC ]"

No other registrations are to be modified by this change.

This is a consensus call for this change only as the last call has completed for the rest of the document.. Please respond to this thread indicating if you support this action by November 14 2025.

Thanks,

Joe, Sean, and Deirdre

v2.35.0 | Report a Bug | By Email | System Status