IETF Logo Mail Archive

[TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

Yaakov Stein <ystein@allot.com> Wed, 02 April 2025 08:42 UTC

Return-Path: <ystein@allot.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 62AC6164B4B3 for <tls@mail2.ietf.org>; Wed, 2 Apr 2025 01:42:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=allot.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0HU_BZr_E_KE for <tls@mail2.ietf.org>; Wed, 2 Apr 2025 01:42:54 -0700 (PDT)
Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazon11023129.outbound.protection.outlook.com [40.107.159.129]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id AD5A5164B4AE for <tls@ietf.org>; Wed, 2 Apr 2025 01:42:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=y2INKoNQxXBOPFqd8rZ07eo2/OYXakXmwmBXIhQUNvu6UmANb5ixJI+3+FXGaaA0SI9T9O8v2nKpz5QoP/i48G5Yi9NCjhi9C0alBd4QLcw63kGzs5bWMdB1p3p2zHPsLp+ToUtWA3S1YC4cBRq1M+KQM4qRQAhv7E3VI/fE9H38SYETz+GvDLBkv57Rd5O+mkYTQZrJUY4zh+G+64oRmthyQLlqU30B5WYwiM3sqaP7tlsKbY1ZMdRN4RA4MjyO3XXZiTgQN+ZVaHpHal+Di/69fFv8LX5mA4a3agdrm25rZyTaDrG62VpDju7OrFLbaIZXEUUeSLtzRycFE6JxNQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OZho/dFhRXYcWyQrs/JgEts+NKmk7Wg1F/rt0zBpvsE=; b=gn7NBV0c/L+syAbL7+8Epa7YaQakx0Xbwy4Fh4gb2lFUhjvjp1eqyoP/86P9HLjLDZGrOvZnf0HrS1yZfhTf+M+hOjdvMpxOA8OO78vl2DaxMFqJB5Fm2LZidHeTxMx8QAu1UhYEBjx5dQf+X1G3RMuEyMJ4jN9+z9JkIquoeWUk+DcWWcfX7iNInvd00GH+19BhuMdz6n6XDCiTt3CUJLV8qKFVPBgnMhwC9orI+dq3eiue4vmYG9eI6pEvcwXGxLKQ6m6NClgJgQ6gkoO9i3X8ax2O0e7TcOEEJe20rirAuKl2PbpmdWfdaI+jcz8/C0fq0olWYRv9X2iKh5y6FA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=allot.com; dmarc=pass action=none header.from=allot.com; dkim=pass header.d=allot.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=allot.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OZho/dFhRXYcWyQrs/JgEts+NKmk7Wg1F/rt0zBpvsE=; b=RUQhd/4Nad1gyN8VBCY8M6MXAmBfHIge+k8UBgVef48xlOVYGDms+1CRXgzQI15hx5/tDTJAWlm9oR+1xD8YfPjj23MZVssPzhmIGhm6mmhnfqEHmQoVsuc6+beDFFl+Soja7Zbzbmx4VyQLUEmJH1AmLN/hGushj+9RP7WceRw=
Received: from PA6PR08MB10707.eurprd08.prod.outlook.com (2603:10a6:102:3cb::5) by VI1PR08MB5501.eurprd08.prod.outlook.com (2603:10a6:803:138::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 2 Apr 2025 08:42:50 +0000
Received: from PA6PR08MB10707.eurprd08.prod.outlook.com ([fe80::ff02:9799:b729:ae6a]) by PA6PR08MB10707.eurprd08.prod.outlook.com ([fe80::ff02:9799:b729:ae6a%3]) with mapi id 15.20.8534.043; Wed, 2 Apr 2025 08:42:50 +0000
From: Yaakov Stein <ystein@allot.com>
To: TLS List <tls@ietf.org>
Thread-Topic: [TLS] WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
Thread-Index: AQHbo6s3mDypUkKteU+5iHMd8xnFaA==
Date: Wed, 02 Apr 2025 08:42:50 +0000
Message-ID: <PA6PR08MB10707BBF82063DD6A1779F5BED3AF2@PA6PR08MB10707.eurprd08.prod.outlook.com>
References: <582917A1-F936-4A15-AE9D-342076605BE7@sn3rd.com> <PH8PR09MB92940EF63867D4D964287F64FCAC2@PH8PR09MB9294.namprd09.prod.outlook.com>
In-Reply-To: <PH8PR09MB92940EF63867D4D964287F64FCAC2@PH8PR09MB9294.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-codetwoprocessed: true
x-codetwo-clientsignature-inserted: true
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=allot.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PA6PR08MB10707:EE_|VI1PR08MB5501:EE_
x-ms-office365-filtering-correlation-id: 9e92ed78-e552-4559-2812-08dd71c259f6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|4022899009|376014|366016|10070799003|1800799024|38070700018;
x-microsoft-antispam-message-info: jRN8rnR8F183GYiEi8tgyB7jqEzgSAvUbmu8uqtU6fddCCiEqVZ1wWpRjBPSlTPHPzJ3heCkTNr6Y4dB3fclzKkqixHY6xy7av08WS1CI/R0KrnoBZSNDC/l5o8V244jyt0p0LlOpsijuurq7KpbsbELCeWLzEYr/EsvXEYa+bmGe1yHWCguVC7Lpz0MrQ3io474bQMHai4JWa54Z7VGDbc6rL1Xle4iHt9OMR1xTuZyEZtOV5oMYxDolMwIwZJqWzouEKyQsEQWv3+RLKUwlcBp4zCkrY2L0DQxdRKRn2BWr1QPidOKXM+vDKi/JaCk8YfnxKw1AGh9c6EKsSBlVN2Hk3iyjbHqmF1od+H61iEmdHHIYk4eNauKbsMWw23cj1gFmdbKBLCLIkvl+jT5v7XlbJGHe1w1DbPH/51O54Vo9aMy8EZ5qCB9IXpvGHhCLCkC9UlIDz9ki3PbObSXANkzpw0cdUkGEY98KMfev73hT5NXikRS+4SgSrhOK8IdnWm62tUuDeQdIJwQAzXSqqKhEp1qk3TenQliwPJfOmC1ZTX3Im26SMrgItnGnNFuFYhQm2VPbR4o2WrJ7oYGtaGIqC8yACrMPsOj7h2XU5fr9wu/sJJaoSVSt5P2T0fENXyh+uBuYdtpvesAPld+DXE+MFpYSeUyHIBDFGB3vmwdoIlzd2Du/bXO1hJdAD+O1WPMzcNfDQv6P6h9jnZ27RMHyS/tzqt7Ay8Wj9TMoZ6RbvVzBFJ9i6Iq5uZBfney4Qvggw/rt8yJcF18Sq7xrt2p9n7hdQroOpCxf5BS2Kcu/vMpaiWuBRYjNuSd50VjR3RMnFCTq7JTqlJPMzKmUOD7E96tNyDRuXBXmHi1reOUM+XglB86MIlTwscBd3ixO+eX6EW3cC4ZsA2WNYd8EheMWIFPJNd+BmKkUt7FX8KqxZQ4iaUZIQc/PaMn9NSh1GVjXrHVVDuQvNl8gU+P0NA/dPeFKCrEEg282QpzbctZOAgYGEIk+MX+h1bYv1cSoAw6j6JaxxOFPhLxsT4g9Hya6VZaS2+LgmAdhKGwE/ci8lACDuZcxySAfeqybQU3diGbFDY7gkKlxkkOCZbESIFJEeUpALgKin2cg/t1oWnBsA4U/0ejoKDenvgI9vpmzEhicHVqNT/Py3Q0JSCYwW4qvddCGqvNiT0e6tSptnDd9KklV+kKtAv00MwwZQdpVY50Dl8z/3tXvFKZEOUsek5uVucnQBDQNaqMu4BG9NTTU7uEJvlrkxoRUYHkiyBlqfNzaHePWLLme0u4supxmksHvzYgQl7l14+rXyeFudS65q2xMhTRkKsZRab3jzKH6jF2T8ovmozbrSrgorVy2ybL4rtHhyBYPuNAEISRC47b68L7PK9Tt8UEplI57ovprkzXgB/YOr89FeAOkqcYRN9+/oE7bxq5l6rsGAgYOWza6vZK8jILjiqZrKS73Z37
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PA6PR08MB10707.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(376014)(366016)(10070799003)(1800799024)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: RyYty/DJ0Bfj4PmlBYnG2aYSDlE5JJ9GEIYnhwL5X9GNXp3XgXl1tYO33XJwjdYmdqhrECmGeIfGBMfZK7kBOK45q1hm7nGZ0JoTpQmYZZeaO5iP9oNBY794RkEZkdhkBCyLB2FdXml6DYW1mZp/CwoGle9gTFwO0KnTWZZdL8/7CANzEr8yqvaxwKDavSWWjNQMG/HmCM+vJlg/6FDgyP/03zjjSWxVjdoLvNjZv/Brhua85MD+JbV0ZkaUS/GRxQz87ylfsrL9+q5RjgJaIxgWUjxqXR9du/902tU7laN7BVPsf5AKVeQhyGkX3YYGuI+fWzNN/X1DFT/MWxcZYeaqyyXT9JzAlWK4PUWAVHrTJTYHBmREKR2MGHF7P389yiyH768CUz6Ge01TkLj3Y5bZ46QDcoRBsdehoNcslOvh+aDvnqv5giJ+pkOPPeFrKBuksDuKnTXx3ItFU3WLPwCTPGXYTCyNzng/Lvwoia/dYHVvcFSG5X5LAeTJ20qNeYxBMJN71pudH6iEP5+FaOMcXeNyJKC3vW5s8Ch24RR/no3ynCJ854e+KPwj6BVxc9Zzy7NLePoxiXRihkDFje5R1vImsaCyOwFD9TMI/PgrSGCA/bc33/TY/BeVtIoJUav2SbuwUjaGaaCBYnOY7WPJ11Bi6vJSuKRwVr+UKz2xMMVXjQuiLTBzmFTsQgi0dUSTLON+tvLOkM+QWiZ+uyDpisNMgl65sV8KBDyraP4mcR0jLFzfmAuW85H/nOzQRKLFljB2hE/Vn7aU9xpDDQ6BH6vlRIs5zsCnhqmltY+0t105NXkfxk9q//a7psurYVdkoWztPELiiC2D0gNmOyq5/aqwzEfLIrnai33b8I+VkjtyFLrWG7dg1/3QZuKOP+hmQX0MLxtJxdfQuebsJX3qNYhWi2Pcen0aoZqEF7a3a5uyktRH+tNmKl5l2Ao7yvC488dq05TvwKg66hmydUC6q/4UYFuPE3l0O2aJvPYtlRevwu0Ik80SXcno2ehU6eVOKx0Z5hJP9Nvso4frLhKf2093wkQHRVX3FqnwCrN/OVwlJ9ecTNP5mStxfSklBsS9+A56JY9i7HhEv3BM1MnG7cCxKzzksfpjTFkqA87aLUbH2ESn4oy5lprT0Hpvuq22xxhYteS5MVfBLrCHA6wDjo8CtX9caoGTDwdIrFWXud75mHwaGnuT+WDTiIOKwdN9+A8O3PUwe2kkYGA9/yJDNCylFqj4Sw+yJ229XzUAmanzTt5f1GuvzQqQk1Bgrk/+V1uSYQdpe1EWIPwgJ+7GExB7cVngTcd9mRA4LyfZX0V5GTuXym3g9P7xrq4uOqAl0YR/Hjt2abP5OdiJIBqjVUma48tjGNWPZItK/KlQKbhpvMt7H8RIyhYnh3MLRQrsg9yxkjF4PpqxBJTVhHaGngg/kkRwH/XmMQ38zW46xlS7kA16+rqGFqmIp0J3EthHkeaK4XJm/X5QdKvNTAq1K/A0FXqDuWjc9M6iV13okdJNLQY5TRInt8DtjJP8MSgtCgg2a4NjlKU65HoPlZAcsaolo3AP2WvZvhAyh8TW+btciX+/D3UjmhChVAjyLp5r6zsRtuQH7A337Cgks9LFpY56bHjzxT4qRfwdjY4=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: allot.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PA6PR08MB10707.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9e92ed78-e552-4559-2812-08dd71c259f6
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2025 08:42:50.3323 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 789e5ff8-0396-414e-803b-13a424e9f5d2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gUQJuOLBl4zk4cYJCyCrLw6/C9oNKFbJNQbH9/tBvXen5qR95jjcM69qgqvuGPiC6peOiTbpZAmy+zcMx2u88g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB5501
Message-ID-Hash: D25YNNG7B4CTLVJJQDUCHAW75ZLBPG6A
X-Message-ID-Hash: D25YNNG7B4CTLVJJQDUCHAW75ZLBPG6A
X-MailFrom: ystein@allot.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ppDcmr9twLRiMh-3hGYc0S_t66U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

I support adoption of pure PQC KEMs drafts with Intended status: Informational
(meaning that the IETF is not recommending using).

Any IPR that can be asserted against Kyber can be asserted against already adopted hybrid methods incorporating Kyber.
If anything, one may attempt to argue that hybrids do not implement NIST's MLKEM scheme
and are thus not covered by the NIST licenses.

Y(J)S

-----Original Message-----
From: Sean Turner <sean@sn3rd.com>
Sent: Tuesday, April 1, 2025 8:58 AM
To: TLS List <tls@ietf.org>
Subject: [TLS] WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

We are continuing with our pre-announced tranche of WG adoption calls; see [0] for more information. This time we are issuing a WG adoption call for the ML-KEM Post-Quantum Key Agreement for TLS 1.3 I-D [1]. If you support adoption and are willing to review and contribute text, please send a message to the list. If you do not support adoption of this draft, please send a message to the list and indicate why. This call will close at 2359 UTC on 15 April 2025.

In response to other WG adoption calls, Dan Bernstein pointed out some potential IPR (see [2]), but no IPR disclosure has been made in accordance with BCP 79.  Additional information is provided here; see [3].

BCP 79 makes this important point:

  (b) The IETF, following normal processes, can decide to use
    technology for which IPR disclosures have been made if it decides
    that such a use is warranted.

WG members can take this information into account during this adoption call to determine if we should adopt these drafts.

Reminder:  This call for adoption has nothing to do with picking the mandatory-to-implement cipher suites in TLS.

Cheers,
Joe and Sean

[0] https://mailarchive.ietf.org/arch/msg/tls/KMOTm_lE5OIAKG8_chDlRKuav7c/
[1] https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/
[2] https://mailarchive.ietf.org/arch/msg/tls/mt4_p95NZv8duZIJvJPdZV90-ZU/
[3] https://mailarchive.ietf.org/arch/msg/spasm/GKFhHfBeCgf8hQQvhUcyOJ6M-kI/

_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-leave@ietf.org

_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-leave@ietf.org
This message is intended only for the designated recipient(s). It may contain confidential or proprietary information. If you are not the designated recipient, you may not review, copy or distribute this message. If you have mistakenly received this message, please notify the sender by a reply e-mail and delete this message. Thank you.

v2.30.2 | Report a Bug | By Email | System Status