IETF Logo Mail Archive

[TLS] Re: Working group last call for the deprecation experimental code points in ECDHE-ML-KEM

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 05 November 2025 09:04 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 31BCB834C4A6 for <tls@mail2.ietf.org>; Wed, 5 Nov 2025 01:04:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.auckland.ac.nz
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pu0jGGLrj-xU for <tls@mail2.ietf.org>; Wed, 5 Nov 2025 01:04:05 -0800 (PST)
Received: from SY2PR01CU004.outbound.protection.outlook.com (mail-australiaeastazon11021092.outbound.protection.outlook.com [40.107.39.92]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C8C91834C49F for <tls@ietf.org>; Wed, 5 Nov 2025 01:04:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KEOwBpZxJnZtzqg90PzK9yScA9pMBVqMdoH5qEFv1xIhbEhz5U7TD3YFv19Z6gtwVbEX9NXjmLVPg6sQa3OSIw1XN4rZRp/LAixxxMjZL8LqjEu+3m6GTd2SaIUFCuWTCEaXJbxDEFHAeboXtSSeAupXKf8JGSb90Qg/w8nG1WHkyh8xEFyLERG9I5h8pbTakvcW5lW5wOk70f8FTEwK9Fr/1SNBBdquOSi2SNTnIWtW4JWZcFA3k7c22zvJDp3tZIAlpyLqjVf4nqtqhK1hyToZOmZY5ZuUjW7h6LJYkbVGJRWcIShijbWwXtnRPrHtrIr/91iA34VXUHoCFyORtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0Vj9PQxXsStbwT1VT23JQgnFSvijdFkLN8kVVLZgi4k=; b=utFYh1WbYUYpx9gTnXJo1R9yYoTjBMDP63aUr4CGagYNN6qwZ646C1DBXVz4sPB0t+hHSt5tk+vSSbZ/1b9xKaLwUmiy0g1dK7qG3glEF4J0oDfPrKQxnNc239uGvZj7HMFjxVqdocntIsjn5Zfbe41sHHhnbyQzfrczwZ7gTD5ul+isTWf90+UCIO504bJDmCtShZ1+Z5C7bKLu5UtKDVFUBeI2lGUVQfdj/y9cU8LFWJGthrMgcrYDxHol8h4dRjztHF/WOMjOudf8faAAo44RTcXq/PWQCo6m5j90fyaDT/oyH5JpDLWuot7IIiIkqkb/z8VsSwmjdgrKlxzfNg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.auckland.ac.nz; dmarc=pass action=none header.from=cs.auckland.ac.nz; dkim=pass header.d=cs.auckland.ac.nz; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.auckland.ac.nz; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Vj9PQxXsStbwT1VT23JQgnFSvijdFkLN8kVVLZgi4k=; b=VZXW1WcBCUq0vCJHm/3k/2XevIb06zfVDyMJj+Elx6RGhCXr79PQAS37J2tezDi289t9aHzJQzJya6wu14enPzrQno0TNpBuZ0vuWqN23C65zG6r9m46LyvrfWCbVXRsA4RfWG5DBbH0aH5WyydR+ZhAjgDIEuIcXKPfv8vwc8yg8//0n7tsEPHAh26jrHPBNxGoYiZrIdPVPzIWslVs9MW1vpZA1Zp1SwD0/j/1Df0eaf31tIa3mZI0kDH9A3MYx+IGel2dPjCsrW29PwUjQaVCdDMYTlq87SlJSnFPmZipcHO9s12YJZ8o8DQxEKPajw/Q709MV8VVnARpgXroOQ==
Received: from ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM (2603:10c6:220:229::18) by ME0P300MB0728.AUSP300.PROD.OUTLOOK.COM (2603:10c6:220:230::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9298.7; Wed, 5 Nov 2025 09:03:54 +0000
Received: from ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM ([fe80::2b6:430a:4d2a:5c52]) by ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM ([fe80::2b6:430a:4d2a:5c52%4]) with mapi id 15.20.9298.006; Wed, 5 Nov 2025 09:03:54 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Re: Working group last call for the deprecation experimental code points in ECDHE-ML-KEM
Thread-Index: AQHcTizTtrhyjd3a4Eq08HsBkrbQd7TjxIKAgAAD2ACAAAFgmg==
Date: Wed, 05 Nov 2025 09:03:54 +0000
Message-ID: <ME0P300MB07136A22356B5B14BA07FF51EEC5A@ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM>
References: <CAOgPGoDsX09SEUXr+Tq_m_5bs+erCLagSGMrAVohBRMqOkAtRQ@mail.gmail.com> <0bb9483f1bef258d67d543c300b1035fbca4680a.camel@aisec.fraunhofer.de> <CAMjbhoVT1p9O7LDeVq4OWdEVMD=s9zGTn3h_47U5nnqLAW0RUA@mail.gmail.com> <aQsRtJoMqiW5q_kN@chardros.imrryr.org>
In-Reply-To: <aQsRtJoMqiW5q_kN@chardros.imrryr.org>
Accept-Language: en-NZ, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.auckland.ac.nz;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ME0P300MB0713:EE_|ME0P300MB0728:EE_
x-ms-office365-filtering-correlation-id: 1c7f3a25-3b5b-4670-d5ca-08de1c4a3f48
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700021;
x-microsoft-antispam-message-info: zpEiLncFDwv5h1M/YBsDf1Vjunq/ZnE6VcDm1lw5Trm+5s51XWRyO0oUw3myKtGNFdqB+tz1fscW00OB4D9mli3ilDrg1bDAyxArhZwSOtHYlnS1GnlRr9znRMIVTjSt4EbD+c6gyV5vsM6i6UgkTQdpj1Xp0mFSulA79APBAg2rnCwenCEytIrJMZ2Pu6LLBXn2BFd07L/o/kOuDLzk6h5JJ5zBCtsQF/64WC8GpO59DBrGmgZ3fl7UbQ2IcHwwISsRnLaWBNP9b2mkOHolthteU/4z7bP0gYtsqg/qTL3Mtd0PUCrWWKFCgCuKJiJv583A7DzvowZVizSOKquCPZhDq/JVh8BtpcPHoWeusq2MrX2BOkLlFDLecHgPnBprW0mjDb5msVxMnV6zJ6wl5fu0YjpLXFLbbnCeRjfLMqzpVD2ms8C03uE8OOIeVJ3gJHEE7KfLdrbQPyavCouGyAY1hMMLBlYgRJtB5o2RF1/sRi4QitoKhQeK2KGGLRPo0hQUV9Sk5sv3mld93KeZrX+aIC7H69gzCbJDKcZ90vClWmwKiV+W7nuOwWGeVZBzHejhd8AOEmcFXEB1sE1lFctVOitXKlFB5Dz2H8fOMRESeo5XCWkPG+C7GENAZdiI0Uj4EieaTrl6azfFPzuL36/hvQ7nfA/1QDL6sMaCPwGu00zUDdWzuQWqNORF9jzrx3R3v+8+1hYUcSsPHWermvamJ2ax5kDWj2Ol7+jLCGYFoxh6SSgjW5btRgtka2bxAWwiMMUvcR60F1pQQDtuV6MCwul33kv25xrwGkU58pX1vpqR/82n9JT7wUAfnrNcH3oIYSclewJWXO066wuD77P7asm8511xvHVGuda8TpVXS7Xm70V32fY0Pdfqmrb6whJzLnaQU6Q/jb1wxyHu/iF7RPoqan6x/hV0pSYv2gB9NNIAKBEd5wPGQOXUFQAztiKT8A8G+mP1VPLwlY8U4ZU7Cd8+bL7vlsadlSZTZ0bKgiAUv1JzjnlPOFE7Yxt8JtqLHrnr1RY4ah8+bjflxcX6fJ6c0ZMy8UK63knjI66+pZV2PTnj0kjPnYGMA82BshcSSBD+Yya4QUcL9j18A0C0ctZXRtZq5Ex0sTciN8GqAmcNIQsEaDrAVuopFu6xHOP1cUhtbFyHaJR4KGpSG+t7bh+Ow8BoEV+DERtOlHVBUFUmYXJ3XqY9zJN+XDvtW3BKUgXs5Y8yseftaManZ9A+R+9NVDdyIQeR8qn6Yot1cisgqZawZ4c+Aj+gIgZjT2AvqFuCDp2RbGuHov/3VKj3VdTGMUiGNGPBli4FA1dh46uv68kQrPn0eDlleSIQJYO68d1svphyYTmB24tuZZDrGdvsslwL+5Ng5dD9uiBK7TIyOya/LZfAw730rAlS+3GutA4bnno1H3QA94ZTIy+rLPJ0yHZfyUukowUXvDTvYZiltMF20ayr5/dW6DNmxff99n7CwcCgLrKxqLjaEA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700021);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wBk8yQO0NYImVIsw0MXYiOC+lcpa6dF6C2SSeSOoM9BtkDrm9M4ewaNiDDjLkLm2iH/ncmB/MXn3YAAn6bmuRLdPDfNSMQnqldHhkunaV9FoHLU+8ubjdI8Tr8X2c4DEzBB/x7Erc2iFPmzlscTIqUfLjRpJrmKa/31SuU8YhisXXFagqq7BjLYzyComVmswPLT8e2OvE2+ktRxcYJDpx/TVWew+UsT1PAxGTXhCU5kZ795zDhArTeMeQ4x/7ovLkpM+y/jl9OnGYnXwmEhkLLX+VZXXVE2wykw+6mJyO7GGqZiQukC3nPD6whvRE82gA8vS4/YZ1y0V1OtdshRwyZkktPj+tl6hdN7jjNhhL6h3Lfix0Ux9/3QGtbvFc6WQtj0fJau/JmMXE5sbTvwBJs4hs0X3JrZY6R2dsjlnxBO1M8m7YgMhJCBCHrTB2ivKaBLdEyLuWqvmHdIr1W39dRZGooA3M5mXK4LX71cD6Up7YqjNwsJsqdiSQ8HWxYzu01YgCXZ5aO5VBdaF3Q8lneBo41YK3Y5YzWKDrV4ARA/KZjHOwsRFrimJx8/YxsQfgePhBu9F2gdSiE1X9gUuKbJB97P+PcNO8GypbcInZZ+LBAa6JGGyiHGY8LBHVeRNHgufQMIFvOhcVru0uSWX9VRt5y/xPxNGM0eNaQABJiE3m7uepFsI79zDm1o3goIji8wKwXWxQ4WP0J57tb4ur3xaZfG8M1SKZCHBoE0U4S5gKpHTfLRFqWZ/ZZN008K+CPVgsFcc0Q+8DKI7P0lXaGGQCZauFP4VOKhwLHtDk39wjCEY8HFUhgOSOH62KeP0vG2Qg/kdNWIHR917F7RuSgr9dNMDU36RDP/kTATYSVhuhtie6meyLeU8bDVkjM4t/Reaxeg3pybjpKKgd/JMe21zqzhmWL9wkiVQc7mwiqVleZkLWPdPlOIskRsyRN2vf6GNnnr3CvWxyRpBGIfvC9OxeP4Cu9t59ox0pZagbbBz6jafPlwdcljhPkdlUpXNBS8Id6/runiTqpXorF3i+wq876ln3wjYmA2LYsFZELUw6AnA+wn2llAeQz+TMos2zI7R1r1H/n7QVGE6R5CWzw5cvnpiI2KWolDWOFeXG7MnMLzJ2/1zLYRhx5EZ/sJJokjU9V48hpyIETBnmseG4RPiap/QFpOW7oM4DVeGWU+7qAGs7eiMLZ0Ei5bujNxe2hdhIeW++ixC3njX+uGiDH4/Y5hiG6SHzJ8j4YIsNbzjQdoBfS1q2egv0jJH5ihns6cBXaEuedK8FUXF7EfdmScjx1dmmgDXjHImJPm7IHE1svIAsXt1rG5IDTttY7hfZnvixdPdU2KnUrhf5Ek53d5kFrsD2zuUxxR6UokPLs9uCdO1g69tnZWX5ezbHgNAGNwM8CcR4G5oVEkiaZQ/AYWw3bycivzIPXy/TGM5faKY/ATjADY5CnbcmIfVGWst0bhumffZcqVDJvvMW5rhfGe35fPAQ+XjKArVhEoccJvWMiGeot82sPedXVcbBdyyUY0YgI7ZR20uGLcw/+gI3ScfoXnapBo37R6OBfaRU8paoRQi38XM/gte/GTIAdUH
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 1c7f3a25-3b5b-4670-d5ca-08de1c4a3f48
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2025 09:03:54.7865 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Luf/K3UO4X34XQfwJrcoqAm7GMTPHjA6Vv4EhjAQF7ZE7+WG9XqSmufszgOQjMOEaCsYdEw+K484S24NS07tQy1QK7t2o9tSvN0JnX0EMMw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME0P300MB0728
Message-ID-Hash: QI5WY3SIGZNL5ZJ2H57RO2BDS7CRLTOH
X-Message-ID-Hash: QI5WY3SIGZNL5ZJ2H57RO2BDS7CRLTOH
X-MailFrom: pgut001@cs.auckland.ac.nz
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Working group last call for the deprecation experimental code points in ECDHE-ML-KEM
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hDiexH7OiG9XTsFK2J9uqCuzU1s>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Viktor Dukhovni <ietf-dane@dukhovni.org> writes:

>This assumes that:
>
>    - We know for sure that quantum attacks will eventually materialise.
>    - We know for sure that the timeframe is soon enough to matter.

+1.  See in particular "Why Quantum Cryptanalysis is Bollocks", 
https://www.cs.auckland.ac.nz/~pgut001/pubs/bollocks.pdf

The SNDL bogeyman is specifically addressed on page 29, but you need to read
the surrounding material to give it context.

Peter.

v2.35.0 | Report a Bug | By Email | System Status