IETF Logo Mail Archive

[TLS] Re: Working group last call for the deprecation experimental code points in ECDHE-ML-KEM

"Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de> Wed, 05 November 2025 08:15 UTC

Return-Path: <thomas.bellebaum@aisec.fraunhofer.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B2D578345A84 for <tls@mail2.ietf.org>; Wed, 5 Nov 2025 00:15:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.297
X-Spam-Level:
X-Spam-Status: No, score=-4.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=aisec.fraunhofer.de header.b="ilb7KBQv"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="h4jW0Pu5"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7f_qDWeXa3ot for <tls@mail2.ietf.org>; Wed, 5 Nov 2025 00:15:33 -0800 (PST)
Received: from mail-edgeBI195.fraunhofer.de (mail-edgebi195.fraunhofer.de [192.102.163.195]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 7CFFA83459E6 for <tls@ietf.org>; Wed, 5 Nov 2025 00:15:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aisec.fraunhofer.de; i=@aisec.fraunhofer.de; q=dns/txt; s=emailbd1; t=1762330533; x=1793866533; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=pnqvT4+6YQmMXAeorxgfichvMXV0Nnol0Nd79/K4NgQ=; b=ilb7KBQvS7lscYHJMd3SplmDKVlhWJoTaCG7T10oN5LktHAFrXhaM2gt fnrfcee0PV+7ImtV2IbbAGXt0wuozGAizFVPwAXkuXdW8XschvmC7UBbf Gf9USAAt0uF0wGE++mKhCX6GM+fcbq5EAHWsm7fzthektChqPb1lQk+xo 64jK1FnJnzydbUpvpC0aTA+bp3fdPPWqGZWhp+zan0QdFVvorwuogUke1 HvVdQADVK9Xz7wXpFuHYY9vnd1+TkybI5JaOPIEyL3JMFpLKZMKj/jBpT 3yxjPZM8WDXIRPX/gqu7RXdzvKcxGWHmzF3a7GtaG+qOfEs86eHGVAcaA A==;
X-CSE-ConnectionGUID: KI3W2fWLQq+7SBTKiut/eg==
X-CSE-MsgGUID: 4GWBEkDGSrWCUDxEnGtySQ==
Authentication-Results: mail-edgeBI195.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-ThreatScanner-Verdict: Negative
X-IPAS-Result: A2GrDQBMVK1o/3maZsBaHQI9BQUECYFpAoI+QAFALoE3hFWRdII9AZoxgSuBJQMYFikIBwEBAQEBAQEBAQQDAQEUAgMODR0EAQEDAQNDhD0CjCcnNAkOAQEBAQMBAQEBAQIFAQEBAQEBAQEBAQELAQEGAQIBAQEECAECgR2GCUYNgluBJwVhBAMGBjACAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQcCDQImDA48AQQBHQYdAQE4DwIBCEICAgIvJQIEASCCdYIkBBIDDxMTFAa6CoEygQGCDAEBBtspGIJABwkJAYE/AYFXgiSBBoNOAYFcEoMLhWqCDEOBFTWCRDE+gmECAhiFIYJpghEVgQIUhA6CKoFiiBuKKFKBFANZLAFVExcLBwWBIBAzAyAKNBUcAhQNDxMPGgUtHXMMKBJnhBWEHytPghtygQF0QRk/g1MeBmsPBoEVGUkCAgIFAkM+gXEkBh8SAgMBAgKBEBACbkADC209NwYOG5JaEiFGgV2DLWRXgWUGx0MDBAOCNYFnhl2DM4IOlVMzhASBV5IFkwuZBiKCNoswlWSFKgIEAgQFAhAIgWiCFnGDAgEBMglJGQ+OLhUcgiSBHjOEYLUdeAI6AgcBCgEBAwmSHoFLAQE
IronPort-PHdr: A9a23:E32gSxYPpdfqo9ynEGnvpFP/LTEs1IqcDmcuAnoPtbtCf+yZ8oj4O wSHvLMx1wSPBd6Qsq0Y1reempujcFJDyK7JiGoFfp1IWk1NouQttCtkLei7TGbWF7rUVRE8B 9lIT1R//nu2YgB/Ecf6YEDO8DXptWZBUhrwOhBoKevrB4Xck9q41/yo+53Ufg5EmCexbal9I Ri4owjdrNUajIVtJqosyBbErXtFduRLzm50OFyfmArx6ci38JN/6Spbpugv99RHUaX0fqQ4S aJXATE7OG0r58PlqAfOQxKX6nUTSmsZnQNEDhbK4h/nRpv+vTf0ueR72CmBIM35Vqs0Vii47 6dqUxDnliEKPCMk/W7Ni8xwiKVboA+9pxF63oXZbp2ZOOZ4c6jAe94RWGhPUdtLVyFZAo2yc ZYBD/YPM+hboYnypUcBohSlCAmjGO/i0CVFimPq0aA41ekqDAHI3BYnH9ILqHnYosj4O7kWU eCx0qbH1i/Mb+5T2Tj48ITDbw4vofGLXbJ1a8XR0kcjHB7Cg1WMqYzlODaV2f4Ws2SB9OVvS +avi2o5pA5quDev28Ish5LTiYIU0VDL6zl2zJw7Jd2iUkF7fNikEJtXtyGUKYR2WNkuTHx2t ysjzLANpJG0cjQQxps92x7fd+KIc5KO4h/7UOufLjh2iXZrdb+xhhu8/0itxOLiWsS1zVpHo SRInsTMu30QyxDd5dWLR/Vy8Eu/2juC2Rzf5/1EL0wolaTWKJgsyaM+mJoUtETMBC72mEPug a+XaEok5uao5/7gYrX8qZ+QL491igbjMqQyh8yzG/83PRYIUmOG+uq8zKXu8VD9TblUlPE6j 7XVvI7AKcgGpqO0DBVZ3ps95xqiFzuqztUVkWUJIV9AZR6Lk5LmNlDLLf/lEPuygFGhnTJlx /3HP7DsBIjGIGLZn7f7Z7l97lZRyA80zd9C+Z1ZEqoBIPfvWk/ps9zYEwM5PxS0w+n5DNV90 ZsTWWeVDa+YNKPeqFqI5v41LOeLaoAYpivxJ+Y46/L0g385g0USfbSv3ZsXb3C4EOppI1+Db XXxnNgNCWYKvgwgQ+z2kFCOTDpea2ioU64h+j03FpiqAZrDS42imrCNwTm3EoBOamBDEF+ME HPod4ueW/cLbSKfOtNhkjwDVbikUYAhzguiuxTkxLpjKurb5DYXuoj+1Nhw/ODcjxAy9SdqA MuByW2NQXt0kXkVRz8w3KB/pkJ9xUmZ0aRinvNXC8Rf5+lVXQciKZ7c0+t6BsjwWgLGYNiEU 02mTc+iATE2QNM+3d8Pb1x7G9q8khDPxzCqDKMNl7yXGJw09brR32T1J8Zm0HvG1bcuj0UoQ sdVMm2mnKF/+xDVB4HSi0qZjbqldbwA3C7R82eO1XSCsFlCUAFuT6XLXmoRa1PTrdvj50PCS 6aiCbE7MgRbzM6CN7dFZsD3gVlbXvvjNs7ebHism2e2BRaIwb2MY5Twe2kHwSrSFlAInB0Q/ XaHMAgzHj2vrn7DAjJzDV7gfkbs/vNkqHynVkI61xiEYVVu2bat4R4VnfKcRusL0LwdoCkvp C14HE2l39LYE9WApxRufKFbYd4l+FlJzHrXuQMudqCneupggVM2aA1zuFzjxlNxB5kK2Zwoq 34C1wN2Lr2VwRVHei/Omdi6JrnMAmj/4B7pbLTZkBmKzNKN0qYC9Pp+rE/s6lKHDE0npj9N3 t1R3nGV+5CORDYSVpf4SQx/owR6oLTTeW836ofQ2HdlLKycuz7Z1tlvCvEs1xCgeNlSKuWIG VmhQIUhG8GyJblyyBCSZRUeMbUKnEZJF93zLqjO0fuxJ+8lhzKv1zkZs8h2h1iB8yNsR+KPx ZsByuGV0ljiNX/w2Vm7u93xmYdKaCtUGWy6yCP+A5VWaLE0doEOWi+1dta6wth1m5n3ATtW7 le+AVMB1sKzPB2Ual32xwpL0koL5HegnHjdrXR0xh8zqa/N8CXSzrbZaRAFN2VXFkxvlkzlL oXxrvxId0+ucwUviF6Z9F73lY16gYk6EWTJWkZPeXrGakRZF4agvbqLZcFCragltylaSs2QS lCXQb2uxnlS2SO2B21H2gxnNG+bg5DcrzV3j3iNI3hyp3rHXPFOnTHZ49iEY/IOj30lGA93s GyEYzr0NYypoderz6/e78GZamuFB6dpfQPgnKe6nRK2xGJyXzLilPzuodfLCiox3CvqlN9gB XrCoTjeMrnKx/+2EOVAZG1mJnO7yMNwNoZuq9NomL8X60ULoZvM/kdWvmGoMpZ+87/YbiYtb iUqmtnvyRXcgw48AnPSmdjiclu24M1wY/W7XjM5yAgl7sZjFPqu1axonHNNnVS0tVr1PvZmr C80ycok1SUcgrlWoDcL3jrIUfgCWEhCOir0kA6Uqsqzt7hTeDO3eKOrhyKW/PikBbCG5wxQV 3vTW85zQGl+9MxiNlLL3nDprI3pK5HcbtMW4wWdiAyIz/NUJ5Q4iucQiGJ5NHj8s3wox69zj RFn0Zyg+onSA2t39b+/AhlWOyezYMUW+zr3ir1ZkNrQ1Ieqdqg=
X-Talos-CUID: 9a23:r9E/rWAKX/Q/Chz6EwpGr3FOFP8BS2Sek0z6H2y5FHouRbLAHA==
X-Talos-MUID: 9a23:voT79Q/gy42+RALtfk7hBHCQf5tH3I6DC2wiqo85kPSoJQF2FCuMtw3iFw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.18,214,1751234400"; d="p7s'346?scan'346,208,346";a="14775131"
Received: from mail-mtamuc121.fraunhofer.de ([192.102.154.121]) by mail-edgeBI195.fraunhofer.de with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 05 Nov 2025 09:15:23 +0100
X-CSE-ConnectionGUID: QHYLf+LJT4qBNLQSmyr/VA==
X-CSE-MsgGUID: 1uoyPwMNTQmIl+I2oObIbw==
IronPort-SDR: 690b079a_efmNXW+krQeRgpezbCndw2YjliRHDtyVSRWmUv7ZVkLngSL 8TgSwXZ7ELfjzOsKFygr3K9UiOv9sTQGBDvmykw==
X-IPAS-Result: A0AsAADL7aZo/3+zYZlaHAEBAQEBAQcBARIBAQQEAQFlgRoHAQELAYFtUkABQC4ugQmEVINMA4RNX4h5nG+BK4ElA1cPAQMBAQEBAQQDAQE9FAQBAYUHAowlJzQJDgECAQECAQEBAQMCAwEBAQEBAQEBAQEBCwEBBQEBAQIBAQYFgQ4Thk8NhlsBAQECARILBh0BATgPAgEIQgICAi8lAgQBIBSCYYIkBBIDDxMTAgICDqcXAYFAAoslgTKBAYIMAQEGBATbIRiCQAcDBgkBgT8BgVeCJIEGg04BgVwSgwuFaoIMQ4EVNYJEMT6CYQICGIUhgmmCERWBAhSEF4IzgWuIKYlyUoEUA1ksAVUTFwsHBYEgEDMDIAo0FRwCFA0PEw8aBS0dcwwoEmuEGYQmK0+CInWBAXZBGT+DUx4Gaw8GgRUZHS4CAgIFAkM+gVwXJAYfEgIDAQICgRwaQAMLbT03Bg4bkjoSIUaBW4MqZFeBZQbHQwMEA4I1gWeGXYMzgg6VUzOEBJNckwuZBiKCNoswlWSFKgIEAgQFAhABAQaBaDyBWXGDAgEBMk8DGQ+OIQ0VHIIkgR6FE7ImRTM8AgcBCgEBAwmTZwEB
IronPort-PHdr: A9a23:M+HxvhDuE9sQsXbpDfucUyQUP0IY04WdBeZowoRy0uEGe/G55J2nJ 0zWv6gz3xfCCJ/W7/tUhuaRqa3kUHwN7cXk0jgOJZJWXgIDicIYkhZmB8iACEbhK+XtYTB8F 8NHBxd+qmq2NUVeBMHkPRjcuHSv6z4VFBjlcA1zI+X+AInJiMqrkuu1/s62AU1I0RSnZrYgA ByqoFfqq8MUjIB+eIM80QDArXYNWsgE7mRuOV+Vg1PA99+9rrtC1gkVhf877M9HV/fKOoEDC JFIBzQvNW84ofbmsxXOVyKjzXsRWWZF93gACQiQ9BfjQKut8XXLj+9Y6ACXOtfmQr41UjS8y pdVEDnujyNfETJmoSb01up/tfcIxXDprUl/n4zrOLmIadtZQ6r5LOkgSUBKD+JrfhVMI4ykM aRSBOZcBux0tKv2ql8f7h20VVamCc3Nmg9pliT6/KodycAvMy2B/wUqM9UeiSyMsPvyBpoDd u7sz5SZ4jOYbLBz8yrb6tToWQsA+Pa2dK9JKomO5Uh0SVneqnu7i4r0Ox+U6rQioUKD7uxJS b+Vsn4LqllJnTaj3p8I1YfStJo8ymHOyH5/wd5qPeCeWFEuMpa0VZpKsCeCMJFqB9kvWHxsp HMiw6Yd6vZTHQAPwZUjghvDYtm6WNHSu1TtTu+MJzd/in9/Pr6y1F6+8kmln/X1TdL8kE1Lo SxMjsTWuzgT2gbS5MmKRro1/kqo1TuVkQGGwu9eKF0yla3VJoRnxbg1l5EJtl/EEDOwk0Lz5 JI=
IronPort-Data: A9a23:T7SPYqADftGXihVW/+zmw5YqxClBgxIJ4kV8jS/XYbTApDkmhGcDy WUaDTyOOfmIYmKhKtkkad7k8kIFvcSHzNViOVdlrnsFo1CmBibm6XR1Cm+qYkt+++WaFBoPA /02M4eGdIZtCCeF939BC5C5xVFkz6aEW7HgP+DNPyF1VGdMRTwo4f5Zs7dRbrVA357gXGthh fuo+5eCYA//g2YtWo4pw/vrRC1H7KyaVAww4wRWicBj5Df2i3QTBZQDEqC9R1OQapVUBOOzW 9HYx7i/+G7Dlz91Yj9yuu+mGqGiaue60Tmm0hK6aYD76vRxjnBaPpIACRYpQRw/ZwNlPTxG4 I4lWZSYEW/FN0BX8QgXe0Ew/ypWZcWq9FJbSJSymZT78qHIT5fj68xOPWU4fqk6xrpuK0dqz McdOSpKUDnW0opawJrjIgVtrt8mMNGtMZMUujdu1zjEC/YhT53ZBanHjTNa9G5t3YYfQrCHO JtfMGAwBPjDS0Un1lM/FJI5me6zwHPydzlVoluIoII+4nPex0p/yrHwNtrSdNGQA8lY9qqdj jmerzqmXUxKXDCZ4WOY9WOUmcrpoRr+eYZRNee/0fRLikLGkwT/DzVTDzNXu8KRiEmzc8lWL 0sL9ztoq6UunGS3SsLVXhCkrjiDpBF0ZjZLO+Aq70SN26DO4grcDGlCRzJaLtI8vdIwRTsk2 0XPk96B6SFTjYB5gEm1r9+8hT2oMDUTLWgMaDVCSg0A4tL5p5o0gA6JRdFmeJNZRPWocd0p6 2nS83hstKZZlsMRyaSw8HbOhj/m9NCDTRc46k+TFiip5x9wLtztLYG5y0np3dAZJqagT36Fo Cclneqa57swFp2jrnGGb9gMO7CL3My7FgPgr2RhJLQbzAT1yUWfJdhRxBpcOHZWNt01fG61Q U3L5iJUypxhHFqrSq5VO4ueWtgb/Y39JNHbTfr7UNt/UqZtTSCp5Co0W0y02lL8oXgSjKgQa JKpQeexP1knCIBM7jm/d8EC25AFmwE8wmLqQK7gxTuZ0IuuWmKxYp04OXTfctEJyaKKmxrU+ NBhLPm3yw1Tfen9QyvP+6gRJkAuAVliIr6usO1RVOqIAjQ+KVEbE/WLnI8QId10rZpahsLj3 y+bWHYB7HHdmHeeCwGBSk47WYPVRZwl8E4KZ309D22JhUomT52ktpoEVp0NerIiyuxv4Nh0Q 9QBeOSCGv5/cSvGyRtMcajCqJFeSzrziTKsJyaFZB0NT6xkTSHN+f7meVLL3wsKBSyVq8A/g uOB0iX2fJk9fDlhXf3mMK+X81CMvHYmiL1TWWnMKYJtY0nCytVhBBHwqf4VGPsyDyv/6AGU7 CuoJCsJhPLsptY1+ebZhKrfoIaOFfB/L3VgHGLazOiXMw/G8kqK3L1wUOSBVm3YX2baoa+nZ ftnys/tFPg9mHdLrItOPLJ5xo0u59bUhuF7zyY1OF7pfliUGrdbDX3e5vZ2t4pJ3eV/qyatf 0CypulhJrSCPf36HG4rJAYKavqJ0dcWkGLw6csZDVrb5igt2pa6SmRXYgexjRJCIItPMI8Kx fkrvOgU4VedjjsoKtO3sTBGxV+TL3AvU7QVib9COdXF0jEU81BlZYDQLgTU45vVMtVFDRQME w+u3aHHg+xR+1rGf38NDkPy5Ot6h6kVmRV03VQHdkWomN3Eu6cN5ydv0w8LFyZb8hYW9NhIG DlPF1Z0LqCw7TtXlJB9f2SzKTpgWjyd2GLMkmUsqkOIYXWsZGL3KE8FBd2s52EcqmJVQSha9 uqXyUHjSjfbQ/vy1SoTB29jkfvpF4Vx/RyfmfKYD9+3ILs6bQW8q56RYXg6lD76M8UThEH4+ O5gptR0YqymNhwrgrYaDrOC3u86UyG0J21lQNBg8pgWHGraRiqA5DiWJ221eeJPP/bs80SoL +BPf+VhDw+f0gSKpRAlXZ88Gad+xqMV1YBTa4HVKn4jmJrBiDhQ6bb71DX03U0vSPVQyfcNE JvbLW++IzbBlElvujH/qedfMTCFevgCXgr32d61/MgvF54utOJNc1k44oCrvke6YRdWwBaJg DztP6Pm7fRu6YBJrbveFq9uAwaVK9SqcM+q9Au1kcpFbPKREMPomj4WlGLaPFVtDeNMY+h0q LWDjoemlgeN9rM7SHvQlJS9BrFEr5f6FvZeNsXsamJWh22eUcvr+AEO4H28NYcPqt5G+827X EGtXaNcrzLOtwt1nxW5sxRjLis=
IronPort-HdrOrdr: A9a23:FkMuMaAGNUIAAXflHegosceALOsnbusQ8zAXPh9KJiC9I/b1qy nxppkmPEfP+UsssHFJo6HkBEDyewKhyXcV2/haAV7GZmfbUQSTXfhfBOfZsl7d8mjFh5RgPM RbAuVD4b/LfCBHZK/BiWHSebdB/DDEytHSuQ639QYrcegAUdAF0+4NMHf8LqQAfnggOXNWLu v/2uN34x6bPVgHZMWyAXcIG8LZocfQqZ7gaRkaQzY69Qinl1qTmfLHOind+i1bfyJEwL8k/2 SAuRf+/L+fv/ayzQKZ/3PP7q5RhMDqxrJ4dYOxY4kuW3vRYzSTFcRcso65zXMISSaUmRQXee z30lYd1gJImjbsly+O0F/QMkLboUkTAjfZuCGlaD3Y0IrErXsBert8rJMcfR3D50U6utZglK pNwmKCrpJSSQjNhSLn+rHzJlhXf2eP0A0feNQo/gpieJpbbKUUoZ0U/UtTHptFFCXm6Jo/GO 0rCM3H/v5ZfV6Tcnic5wBUsZeRd2V2Gg3DTlkJu8ST3TQTlHdlz1EAzMhamnsb7poyR5RN+u yBOKV1k7NFSNMQcMtGda88aNryDnaITQPHMWqUL1iiHKYbO2jVo5qy+7kx7PHCQu198HLzou W1bLp1jx9BR6u1M7z/4HRiyGG/fFmA
X-Talos-CUID: 9a23:KFVsR2l74/c+bUYmh+3aIwZfK7XXOUT9/VPeYGuaNTpwYpuxcGSV6bkjreM7zg==
X-Talos-MUID: 9a23:TJUXNQmL78lwqCTaFGHqdno7KcB527uLLnw0lLQC+OjeMgt6Gj2C2WE=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.17,306,1747692000"; d="p7s'346?scan'346,208,346";a="30867758"
Received: from exo-hybrid-bi.ads.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaMUC121.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Nov 2025 09:15:22 +0100
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Wed, 5 Nov 2025 09:15:22 +0100
Received: from BEUP281CU002.outbound.protection.outlook.com (40.93.77.2) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29 via Frontend Transport; Wed, 5 Nov 2025 09:15:22 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=vlLiSoZI+uTLaQcXf7Rro1F32OYvDCgxPeBMH+UQws+3b8tVvqWS7cQlAM35EwcSci3Bmjrqy+V5D2cvMtAreus6Xl94z8bZqry/QqqSrka8FPetnBA3Hd/1d5Vc9o+TNchCowpU90UrNNdC9MADIEPISP+BwyukuF0VfDHk56UPCDc2oTZm9/pm39mRmcWh4ZjxAvnObrJ2dFyroMehuVxeUenieP7GlxEOaZZ4PwUECj41SNq516AmeuXe6g3hMOa2AP7TGdRGQKZs2mmq0xABr2aQBPKCvfIkninPe9k71GFpfKewYoFf53+zuhclXmxUNSoRYDERlS7zRRHx2Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pnqvT4+6YQmMXAeorxgfichvMXV0Nnol0Nd79/K4NgQ=; b=SfnNobeh64vhgVLp5ovFtvhS+WlcJNLgATNYkfZ+1nwkDrm5VipwXn2RjkV2GCyCAcFEOkeY6HN6qP8I1hHFTnz2HUoZC62L/BkTaSepNcUKNHI2MZtw2Sje4lxYRy8++VTYPEePmootuQt5zy/8zyXuw/JB59zs2Xvq9Lx5PMVavMJiywJhAzJ0/M1nLtBnvg5vxKE0UPXSiNsEVN3jK2g0ceP4n2G/2fxB9w+ud3XrDNGF0smNCoLx03wDmt3LtULMZGKo0Z4wANCKP1j4bnLs+yyKPuRZuT+rMFHGPtInMYJMsfFfsWDhu/239CrQ5Y/cQyaljriWNP9pVGMJMg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aisec.fraunhofer.de; dmarc=pass action=none header.from=aisec.fraunhofer.de; dkim=pass header.d=aisec.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pnqvT4+6YQmMXAeorxgfichvMXV0Nnol0Nd79/K4NgQ=; b=h4jW0Pu5IOUaL9RRdBc9LRAQeIgp6G5cd5SbDsJcely+nb87beFJ8XIx3dIoOrLfJD/KabDoxQ00tFoZUyOf1kU9Gn3k+MBuNj4HCsI1oRAuQ3+7Di362sLFCJnylDiT8GzBpinAt5RQxDi0PWfdp0L7fsZpAhYbU3ni07pUNxw=
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d18::f66) by FR4P281MB4396.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:126::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9298.9; Wed, 5 Nov 2025 08:15:21 +0000
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::8d96:d427:50b0:8ad6]) by FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::8d96:d427:50b0:8ad6%3]) with mapi id 15.20.9298.007; Wed, 5 Nov 2025 08:15:20 +0000
From: "Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de>
To: "joe@salowey.net" <joe@salowey.net>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Working group last call for the deprecation experimental code points in ECDHE-ML-KEM
Thread-Index: AQHcTcWMFC9CdyCs00mdACOz8/tGTbTjvRiA
Date: Wed, 05 Nov 2025 08:15:19 +0000
Message-ID: <0bb9483f1bef258d67d543c300b1035fbca4680a.camel@aisec.fraunhofer.de>
References: <CAOgPGoDsX09SEUXr+Tq_m_5bs+erCLagSGMrAVohBRMqOkAtRQ@mail.gmail.com>
In-Reply-To: <CAOgPGoDsX09SEUXr+Tq_m_5bs+erCLagSGMrAVohBRMqOkAtRQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: FR1PPF809320EF6:EE_|FR4P281MB4396:EE_
x-ms-office365-filtering-correlation-id: df648cff-d6a2-4bea-89d0-08de1c4375ee
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|10070799003|4053099003|38070700021;
x-microsoft-antispam-message-info: sSIG/QYXTQvNjb9L44NFS14LgaPbUgOweasNSKl9WVw0DoJb9Yc0UZJw6dRtFx4f5qqostXvnLUFvcnFvr6f8q3h9GoprMnJxopSgxOb6Jat/kAmzZN4rCl/IHD9nViVTliXCxW/fUbD0fmQ2epqKW8qBtmd7Dxcmx3TlZHLWzQRWuJoKglWcY0lELWPQILj1nPoFzXdBTPcjyBC6EW78sNzbQb5OqunVWcMO96msQftYB+kdnH9nZ2i8IGbkkcn2Yip45XU6N+7fDL8rDw2mmTF2JXSAOfAtozgMz9dOCnjxK7BfHgcGnUP2m1AvrygDKe6WsXBXqlO2Y5TxjRV5/XP4xnOcgHYBISEgoJTfmYAKCRtk5CTot9T00dUJC4BJ311HpwrSDJqpU8JPlaZX4jyZYEg/KY3eEn2sFFPRzFNm4uTe6cpxbc1aUIB99HLTOTdR/ER3bgOBdcucTrDcFwBzfHGuMM1JDFWKv+GxR0HqFrPbdkvGudnmVx14waQnfIinJ/0x5nynyO3KMqNyQZgNs+uskmKsmW6P1CVqvI5YbxPGBYrxz9xjA2wPGjGspfl/Ph2Uo41aKGuP2qWKHkadBQhKIjus6hQslM+6L4J8ba4qWbdoDwcFV0v8tjTx7d60HyrNv7bGVULHBSlk7SVCgsQUwMTzMluIX5SM5LKwSIzTo/Ys+kxSPJHznkyTIjLHsopT9wceNChEucJo3u5/zp48sOrFPzx0n/fw8XMxCZs24jZFUy6lN39d4KKThNxIUt6fsRvCUrM+CVmJqObJ2mCvHldrxet8qH571gPL7t+iUDaNFesGp4yfdE+rQNWUIqtiI6mGUAzjpG9VogSoNbnrIAxNL3LkMwq9s2HdyhIy0uV9O2hcGkdXc6evBsXYD0uqULtNS2qZBZqbLOXzrSOhKFOypTM/A8sCFc4yAS9HBuxfiFVyBXqqE+owEloCoJQGPs8WMq6nLdc1m5A33VOaz3kFJ0WOcaSn98b0lOBqGb6cIyQJuewjChU9afLqrDTRBZzNG/XRTPDXjicFtpTsDfzVF0qCrVVDo80xDA63kh9Nor/ZaUVTVCEl2CTi4tfMHbtkGuqdqd2Fjbb+4mBqh0TYncTVBBH2OH/gJOTdRXvbIHQID5uPZ9rEjg+BIb27fiH1ymtRZTqVMHYx1s8xe1sA2szNNvtzARmaPDMSF0x7Ork0ZSwPk6ViWFPE6w8iK7wRS6hUB3lxX2DV3OQ3q7lGz8/Fl/YjZMjteHujbO+a9R18lrSgyTY2PtOQyCWDoiqY/X9XgT4PvjEmd7MU5v7Xi8HWYXLJ3KSL68WH2/erRSslx4saPAwJq9fYMIO9RpBsYuMDRNhfNQLj4y/m71Zma2MiBy5KEQl9QuRYLo5e8ClgrWrMmFoQwNZE+27HayYfXUfirP0b27x4xPq2pp5KArHRmiG/GC7inoUxFdxpxxmglnNwd1IAqs9ahKwl668/lZhL9+/J0BGDdFizDbq/WvI4Y7eP7wgZFkAoA3xq4FsUUygfU8v
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(10070799003)(4053099003)(38070700021);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: by3Tn12XMUUYHjxsH7AcJIHLTj3q53MDJhNK+wkr42AM8qud++Xbbi9jeFkyVyQ8GMhnbCfFm34UeW4RFd4tETfSHffLJrTMpKRhARLSh5tI/pXfDXc+SXZQXlhOyyjdSVjeqJyn1GBGjXUCWollKRdJKI07BsBVjRRIlTpxQEu/6MWIBfE3VFryiQr3vKI4ost7zo5mHLEIoE0KJH3MWfE95B6aE66AE/rxCY5sM/OSFp6CYIVz/qOt/HHV6/bz9Ysk69GJgfLWnxCM/vz5t/WO0uNbyzy0Khqa0spOjk/xkxCS3JgZZkL6ZiCXEQF8hS+qfiEukvTWH/8c/liXhf2kA+F2CHStgbChlIsQuOJM/nt2TfuGRvRIXo7HZwEtxhHuAvzfb/qQVlfqikt/4I/DsKDUnPKmU7qzUMigOp+WQtPv1S0VDR+qh36jo4VGFBlyP+B0hUzR+2ogA50H8wjcgB9G2BCo4bCvInKDwnMz1leEPTCW3aEjvBLi23x6KZ+RynHd8K48Zcrhey3mLWLkro8kAUdLFEqdSVRRNOw24XwFwWmS2QF6sQwARsB94WO46W97PUmHyxZvVE0wnwPSl70AepBUoZH1k4k3l67GYOEHhe8bOV+IIg4dIi0ZNYQtphGI6gfGbLN0cK8HEPK64n0xTSHHfsVCCQ9yH0DKpgE6lut51w+Lj00fG8WWTzOav06BH/NnjiW5NAmBAfi6SmJeg5XvnTaJoRLmwViWUzRfPib8Hcv0zaRhx0G3LzLmDtqjPXKsYV9ikNLushgs6oUmdVmZpwnkBaWl2nzY86/sFD6ChTNeZOlKC0Ims+GVKhF/UQ2zBDRvBxiTGra2XM2rxDnhNh/AhSXXDPGVoHXNu9rlzo5Ljk6h6Wm6bGot+WmFwtjKzNbRGgewHulZLMtUb5f8EOC5/wUG7N90/5MOTqZa2RTbVqH1HkcAbH8TrcZmU5i9YwpsQob130smgiH9nBzLro2oAgnsYFRoMd24dF5Tsiq+gpXfkn00Mq6ZbkfNHUys7O3DzhiZP4A+r+6v5Q1DGpIl9ER5fkjk+A07ds6LmuduglsmOyijrdDf9ggeAt5MlFjiowUkOtGO1tKRNYesPXE006gimIM+mg/AQkQSu51gkXizuDuR01UPYEO00FemmF9ZleC5YArxXTTw6Qr2dC0aAZnUhEN0tTgzeEgBQt+CSAF9zRYVQXGmRrbPOLwyMXHAPH4uB6MojI0zY+/yeMv+gEWyDIrHOWl7xsj3q0xvPVjDs2wAQjOSve8xLi4gq3PQmAaRRTm47FT8sSmptm/0/uI79J+YNuGN1xPoYDrlzyIFNp+nHpWzhIXLL0EmOX2gVVtbqWHr1i7xqeRMbp1hMHiMK6xF9xhVn6uitImVuGUCRkSx1FAKQnbxjHEVot/A7acUu0C1YbplYMMAGQ3QrmXNOl/ZIOdswAnag+E/qforapMJXxvSONX084ubDM+3/dj8h5BV0Euz0S/ozOZVbC/uhDoun3Zyqf4hOg9QNwUx4veHNXJud9rhoEUy6jmmRj3YOIeOx1+fHSvwtJaxI5s86f8Lk162kbKSVzAIDnYqjdFtdIyj+nXA0x8ojAqfeYRCVc9ZaIztg4O39ZDHGJpSuh7cX/L+Y9zFP8TTaskSLd0s1CdycEXejv+qGXeKSRRvAvTBRZJAtmuF5J9Hf7xheec=
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/pkcs7-signature"; boundary="=-p1vB6hcgxRixQNsjpiCc"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: df648cff-d6a2-4bea-89d0-08de1c4375ee
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2025 08:15:19.8763 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZMyktgINf9pWCsbNyvnrLO8cJWQGaZycWu5NgtRyvDC4EeQW1dLr0SUEFPoOPPaaHMSTdOMOGQTgDxVRDDolRIqSf6T/4v7Rkly9QsFVCl5z5ad59YWuIjdOhvXHbSpx
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR4P281MB4396
X-OriginatorOrg: aisec.fraunhofer.de
Message-ID-Hash: OOFDT4WTY2CKJRWFPMX7VG6VXW3FW37L
X-Message-ID-Hash: OOFDT4WTY2CKJRWFPMX7VG6VXW3FW37L
X-MailFrom: thomas.bellebaum@aisec.fraunhofer.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Working group last call for the deprecation experimental code points in ECDHE-ML-KEM
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/laLRGHbv5UtNJ2QmmRsffTud3ks>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

> > added to the TLS registry as X25519Kyber768Draft00 (25497) and
> > SecP256r1Kyber768Draft00 (25498). This document obsoletes these entries.
> > IANA is instructed to modify the recommended field to 'D' and update the
> > reference to this [ this RFC ].  The comment fields for 25497 and 25498 are
> > updated to "obsoleted by [ this RFC ]"

To be clear: We are not freeing the registry from these entries, but just warn against interop problems because everyone is supposed to use the new code points?

So the WG rejects "D" as a means to warn against non-hybrids with some resoning that D is only "for weak cryptographic algorithms" [1], and would group it "with NULL ciphers, RC4, DES, EXPORT ciphers, MD5, etc" [2].
Yet, for some reason we are more flexible here?

Normally I would welcome the above measures, but the picture it paints is that there are already some hybrids with "D" yet there are non-hybrids with "N", so "_surely_ hybrids are less safe", which (putting aside the important technical debate on this) is definitely not true for reasons of code point allocation.

I oppose this change until the comment fields are made more descriptive. Something like "Concluded experiment, refer to [ new equivalent code point ] for standard ML-KEM" would suffice.

-- TBB

[1] https://mailarchive.ietf.org/arch/msg/tls/bULX8Y0mPdmW5_d5Q5VTdupR4nY/
[2] https://youtu.be/zTAuEx9Otys?si=5hllRBXbjkkG1E8o&t=1909

v2.35.0 | Report a Bug | By Email | System Status