IETF Logo Mail Archive

[TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

Martin Thomson <mt@lowentropy.net> Wed, 02 April 2025 00:59 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id A693B1625E4F for <tls@mail2.ietf.org>; Tue, 1 Apr 2025 17:59:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b="FQbaAQLR"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="X6hIDdav"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a1KsgiHSwj18 for <tls@mail2.ietf.org>; Tue, 1 Apr 2025 17:58:55 -0700 (PDT)
Received: from fout-b6-smtp.messagingengine.com (fout-b6-smtp.messagingengine.com [202.12.124.149]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id A15121625BD4 for <tls@ietf.org>; Tue, 1 Apr 2025 17:58:47 -0700 (PDT)
Received: from phl-compute-07.internal (phl-compute-07.phl.internal [10.202.2.47]) by mailfout.stl.internal (Postfix) with ESMTP id 3E6EE114018B; Tue, 1 Apr 2025 20:58:47 -0400 (EDT)
Received: from phl-imap-08 ([10.202.2.84]) by phl-compute-07.internal (MEProxy); Tue, 01 Apr 2025 20:58:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1743555527; x=1743641927; bh=WjveauxKJEa7xNpZusVv79AcKX6vuF+TvyW7IDl+jrY=; b= FQbaAQLRQo1NKvQradSWNQBqsIhW+6hFe+INPDr1/qDciyTe18RiFh6Fy08OTC3h wSK6ptPnZ1U7prvAjqhp9jhzo4EZMBEEXzPSmVPM22/pH1Tp5tMI7DXkOJjUMvcN 0rDytKOGPhYFmUUQArSOAsdvxZH+PjCTFfE11oBmtkhghFE5Yp6sUwOgEsJ7d+We CDqG4By5VfwphV4o8zbtDnxCIqBEWV/oln6j+ckRyw9xCmwwA2tPVLXE8VEWI0gD UzbqPU0n7DrHAGtvxlGXteYtzN0+6qnoFi0PjSSVLvmE1x0jnf0XSYca8XTsdtln un0N7aRxYZrHkU/+yMV6/Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; t=1743555527; x=1743641927; bh=W jveauxKJEa7xNpZusVv79AcKX6vuF+TvyW7IDl+jrY=; b=X6hIDdavAUsCyJ3bL jUSSjEXL8KN6RbSZzLZB8iqnRq2cVAe/xer0qEUh36PzduhS/9nGrF+PqKwaqp1P Myr8cpahq+8Y/LTCER0A+EbWuKWIjDcvZZ31+3ujnGL5BEFZ/LgaQtFa5ovRUMHG kYVzXCkWH1rIBHBWWvtyyqhj0G7IlZnXUvccGZ1weFJiHTG2RhbcYBj2Z/uH8CLQ 9iQaKKaxlBC+Uw74nC88tnH+P38rY6Yngj1EJFlY0Re5N9KXn1PQUqDedIttOHtG zyMkZUHp3rzR6ItfnLkdlkJFZyfXcf9VcrsPGg06r5xFKSwhgANW9AskNprk7XOb nmT5Q==
X-ME-Sender: <xms:xovsZ6dqB7v4y6oK--7w2iW_gr-LceVOSa6Q6DR45Zw9whSHjHKO7Q> <xme:xovsZ0OP5LcLy9sJJtMvwjGJqr8IKKgoRmO-r2FfmqLkwrsmlzdvFIkikmYoxj2WJ wRYgBqaFziRWA0QJck>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddukeegvdelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpih gvnhhtshculddquddttddmnecujfgurhepofggfffhvffkjghfufgtgfesthejredtredt tdenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnth hrohhphidrnhgvtheqnecuggftrfgrthhtvghrnhepffehueelgfegheeiveffleetjeej ffetveegleevgeeifeefffekjeegfeduhffgnecuffhomhgrihhnpehivghtfhdrohhrgh enucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmthes lhhofigvnhhtrhhophihrdhnvghtpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmth hpohhuthdprhgtphhtthhopehtlhhssehivghtfhdrohhrghdprhgtphhtthhopehsvggr nhesshhnfehrugdrtghomh
X-ME-Proxy: <xmx:xovsZ7iJK8idlH5N394QA7kVKK2BkdgmGfZz1_CSSg2mn8rNpMknLw> <xmx:xovsZ39fyCJgImRCIf4ET3d1pI1t_sC68j6oiryxJFnzZyakkk_IKw> <xmx:xovsZ2uHdDx58WqC1EW5jkrUxX3mUB3Y7719bZbfBnJK0pJVTzCSPA> <xmx:xovsZ-Fm0pA-bEpuo4Ibc8svis8r937MF9fZ2ohGq-A4OmYZRJtDzw> <xmx:x4vsZ8WUXnmPRrFv3b9eFUixAFt_0FaJZY9riWht0661brg88JmShTpr>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501) id D2AF518A006B; Tue, 1 Apr 2025 20:58:46 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
X-ThreadId: T8f730d31b389a470
Date: Wed, 02 Apr 2025 11:58:16 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Sean Turner <sean@sn3rd.com>, TLS List <tls@ietf.org>
Message-Id: <f65014ed-9830-46ef-ad9e-4d9813b74f0c@betaapp.fastmail.com>
In-Reply-To: <582917A1-F936-4A15-AE9D-342076605BE7@sn3rd.com>
References: <582917A1-F936-4A15-AE9D-342076605BE7@sn3rd.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-ID-Hash: LB72TTX3ZZALKP4Y2KKUEGPDIWUTFDPM
X-Message-ID-Hash: LB72TTX3ZZALKP4Y2KKUEGPDIWUTFDPM
X-MailFrom: mt@lowentropy.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hz-BtcGhXX2eN_rbVKMypP8XhW8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Like other pure ML-KEM uses, I am OK with adoption, though I might oppose Recommended: Y when it comes to that.  I also share John's concerns about key reuse, but would prefer to litigate that in the working group, rather than during adoption.

On Tue, Apr 1, 2025, at 23:58, Sean Turner wrote:
> We are continuing with our pre-announced tranche of WG adoption calls; 
> see [0] for more information. This time we are issuing a WG adoption 
> call for the ML-KEM Post-Quantum Key Agreement for TLS 1.3 I-D [1]. If 
> you support adoption and are willing to review and contribute text, 
> please send a message to the list. If you do not support adoption of 
> this draft, please send a message to the list and indicate why. This 
> call will close at 2359 UTC on 15 April 2025.
>
> In response to other WG adoption calls, Dan Bernstein pointed out some 
> potential IPR (see [2]), but no IPR disclosure has been made in 
> accordance with BCP 79.  Additional information is provided here; see 
> [3].
>
> BCP 79 makes this important point:
>
>   (b) The IETF, following normal processes, can decide to use
>     technology for which IPR disclosures have been made if it decides
>     that such a use is warranted.
>
> WG members can take this information into account during this adoption 
> call to determine if we should adopt these drafts.
>
> Reminder:  This call for adoption has nothing to do with picking the 
> mandatory-to-implement cipher suites in TLS.
>
> Cheers,
> Joe and Sean
>
> [0] https://mailarchive.ietf.org/arch/msg/tls/KMOTm_lE5OIAKG8_chDlRKuav7c/
> [1] https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/
> [2] https://mailarchive.ietf.org/arch/msg/tls/mt4_p95NZv8duZIJvJPdZV90-ZU/
> [3] https://mailarchive.ietf.org/arch/msg/spasm/GKFhHfBeCgf8hQQvhUcyOJ6M-kI/
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org

v2.30.2 | Report a Bug | By Email | System Status