IETF Logo Mail Archive

[TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2025-11-26)

Bob Beck <beck@obtuse.com> Mon, 24 November 2025 23:12 UTC

Return-Path: <beck@obtuse.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 55AFD8FD3A7F; Mon, 24 Nov 2025 15:12:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: 0.836
X-Spam-Level:
X-Spam-Status: No, score=0.836 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HELO_DYNAMIC_IPADDR=1.951, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RDNS_DYNAMIC=0.982, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=obtuse.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2V9wkS76Q-nR; Mon, 24 Nov 2025 15:12:34 -0800 (PST)
Received: from h198-166-139-10.ptr.cidc.telus.com (h198-166-139-10.ptr.cidc.telus.com [198.166.139.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id DBEEE8FD39EA; Mon, 24 Nov 2025 15:12:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=obtuse.com; s=20200401; t=1764025913; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=aZGzyxq7lDPYsH7jNvkSa988LJqCPBRyMJeT8vCNtyI=; b=y0sNM9qBr2q9//LjuIlSRfC5niiu/Y/fHn4fZyMsr9/e5m7uascoWgpO/O5OXYlgVZTVVI w468ynzs6fqUjv6/q1fTpCiHpq3qbgqL29gDS9oAgbv9Z2X1tw7IPR2hB8bohvMc9opF6r PxcaXjT1LLYvJEwCOdFve6wEnQnHygM=
Received: from smtpclient.apple (<unknown> [192.168.22.119]) by mail.obtuse.com (OpenSMTPD) with ESMTPSA id 37da97f4 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Mon, 24 Nov 2025 16:11:53 -0700 (MST)
From: Bob Beck <beck@obtuse.com>
Message-Id: <866CE221-4F3A-4E4F-BE5C-9CABB8A4D162@obtuse.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_B822C39F-6AD6-4924-B705-18857FAB72D2"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.600.51.1.1\))
Date: Mon, 24 Nov 2025 16:11:43 -0700
In-Reply-To: <MN2PR17MB403171D8DBF0652BEA0604ECCDD0A@MN2PR17MB4031.namprd17.prod.outlook.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
References: <176236867319.904123.10146982018394612684@dt-datatracker-5df8666cb-7l4w5> <CACsn0cnPz0njSct-FKGQrFJrMP2qQmKe2FU7WR_f5wzLYpff5g@mail.gmail.com> <MN2PR17MB403171D8DBF0652BEA0604ECCDD0A@MN2PR17MB4031.namprd17.prod.outlook.com>
X-Mailer: Apple Mail (2.3826.600.51.1.1)
Message-ID-Hash: EI6HZVPIDQQF7QOWWCTRI7V7B3UAYDNZ
X-Message-ID-Hash: EI6HZVPIDQQF7QOWWCTRI7V7B3UAYDNZ
X-MailFrom: beck@obtuse.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-tls-mlkem@ietf.org" <draft-ietf-tls-mlkem@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2025-11-26)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mxthhvgbgaayoIECrC04k37n_k4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>


> On Nov 24, 2025, at 08:55, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> wrote:
> 
> I’m not opposed to publication, especially since we are publishing the hybrid key exchange document. I would like to see this​ draft say something like “these algorithms are not recommended for general use” or similar words to explain and highlight that “Recommended N” is their entry. It could go as a single paragraph at the start of Section 5.
> 
> If we are publishing this as an RFC because we believe “the Industry” needs an RFC, we need to make it clear what THIS RFC says.

I am hearing a lot of this, So if this is the case, why are we suggesting this document get published from the TLS working group?

There already exists a path to publishing an RFC with Recommended N, such as has been done for https://www.rfc-editor.org/rfc/rfc8998.html

Section 4 has it right there, along with its IANA values.  “The Industry” can have an  RFC just as it has one when it needs to implement what is 8998 for “reasons”. 

(Or should we charter up Limited Additional Algorithms For TLS for such LAAFTy goals?)

> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org

v2.37.1 | Report a Bug | By Email | System Status