IETF Logo Mail Archive

[TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 17 April 2025 17:35 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 27CC31DB94F9 for <tls@mail2.ietf.org>; Thu, 17 Apr 2025 10:35:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UXZ0bJdL4ohW for <tls@mail2.ietf.org>; Thu, 17 Apr 2025 10:35:00 -0700 (PDT)
Received: from EUR02-AM0-obe.outbound.protection.outlook.com (mail-am0eur02on2109.outbound.protection.outlook.com [40.107.247.109]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id EF26A1DB938F for <tls@ietf.org>; Thu, 17 Apr 2025 10:34:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=TOrIkc2L9eohYSN21VsV+L4sJC5yh3x+UqliJO4K2G4Hjg6HZt+mtjgPvYPI0hpnLU7bIbucW33RoqMl1hW04DlMFxBWDtyIID8FsvBjHTtn0fklrriwisEHf0bCdaipZwSNx6kTJFMJF3A84ZAPPm4Lxa7cxX2R7dv8fSemxIeoo577ankaM1/BZ3Vei4jvAvAStp7BnAfaJSTZR9N/ZQmk1m9SLuljy9uTgu8HFpZMT9eWnxomSwNHppmprEr8G5LB9u/hK2RMIxQg73gy/NHwS34/JH5GnZvLsSEt+f9BUyJTzNzYSzEDMqFQynCtks2pFPxcmtQ39HyUpJYKEg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2cp+I0+SX8mH+LOUWJPdpJoFto3gQte32pMoUI2tiAQ=; b=l61BRF33px4QKgXfoB+IeWgb7NxrKHeIbIkHqPrB+0lzDek78zdjEzTdn6h/fNaXORzai4NnIsv+CKpkMfowgvOiI87oto3g28Dn4nr1Rq4deWNQLeEnTATV0Sxai/YpVsbPJ1EBwpwxRpeMhn0BF6OG6KpiLPaZt1nXVyWl75DjtmpskHUNmr6gG916g1QTwAuAYRaxMWMFpFXSZo2hSwWGVZVIxscZuYXJ+jTHmukbimwZBXmYBlXhmSp4cmML6GhPfMmDuCm5JVMQ4TiTVjnffP5MVx8qa4ozRTo/kXLcK0i15o3l5wqexQtrx4yPN7kD4slOnjYC07sSpk4x4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2cp+I0+SX8mH+LOUWJPdpJoFto3gQte32pMoUI2tiAQ=; b=Wu2gsyjs+tETm/N94Dt7y+N7RsYx4I5uNX69zWp/w/F0fxzPGZWFBz8cvPrtUejysE+l1EEwYB/bQtC9UJ1yK/jL1zemRg8aUzCa2y9MeukaOu41CLsEZiu8BPrJKvhc0hV99CIETeXrtd+KvioUYZ2DKSjVASY6rmyV7EIL9aYgTEyt7ga1Bi4GJXg5O5FvJEIlz5ygqqurw+RTdwC84zQAfpj9GPWrlqf185EjezEP6LxnZb/u3wVRzXILuDD4Y8U5m0dyVl9i6uZ2Vs0wPsoz4OvC8PjCMM4ix3JFjxmCl66HbdMM7UkaPcA+T4BEszeE6Wa0Svabtew/akRw3Q==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by AM7PR02MB6020.eurprd02.prod.outlook.com (2603:10a6:20b:1a4::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.26; Thu, 17 Apr 2025 17:34:40 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%6]) with mapi id 15.20.8655.025; Thu, 17 Apr 2025 17:34:39 +0000
Message-ID: <ca271cd7-1489-45a5-85b0-35dca4cbdddd@cs.tcd.ie>
Date: Thu, 17 Apr 2025 18:34:36 +0100
User-Agent: Mozilla Thunderbird
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, Loganaden Velvindron <loganaden@gmail.com>, "Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de>
References: <5dd1e81a-c37a-ceff-b89e-b4335fca07b6@nohats.ca> <56e646395f67e27ff11a092d5989c1c85eba2563.camel@aisec.fraunhofer.de> <CAOp4FwSJpvn6f=3utd4yBE=ftkXQ4h38FT3VQ1XOhrubqgu0ng@mail.gmail.com> <BN0P110MB1419E8DB9B38B33F41A6234590BCA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <BN0P110MB1419E8DB9B38B33F41A6234590BCA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------0gh7jj5p5uq9UDGDTBloEvfo"
X-ClientProxiedBy: DU7PR01CA0040.eurprd01.prod.exchangelabs.com (2603:10a6:10:50e::23) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|AM7PR02MB6020:EE_
X-MS-Office365-Filtering-Correlation-Id: e5dc6f81-21e8-411c-3e62-08dd7dd621a4
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|10070799003|376014;
X-Microsoft-Antispam-Message-Info: +1M11MWauvr/VVpNYA8CCsLdvqPgroEYsOa2219txpUnXZD4jsK683qtMW833q8EuvlYqBq5avodptSi7OnFO/9t3RnsRVYNWxerhZVh2ylUjFCfBuone5s9QOdBR54o8fldPVvr68cohCwYccPnBAqmYQ/GZU4r0SX16dpicMqC3cCANlnNpJ0TtqWcyIL9AQ0EEKkBzJWFpRw16f7NEKvagebgQwHBu0g3GeLnPAP+or6xUkfnRSRNdXhZngP5AazRQOOLeY5huuYXhamhVlRzo2d4GpP9ioDauZf5c4kjfp1bACsk+l3p64/FAVGTrUHq08100vQzOb2FdA5m99LpARsXPMjGouORR54YfDyn3Dc3F1F5UAVYDhEvadtBNjSEAfY1UkK7Mrd5VImD3C0LjWu6okdLyQJAhAQquP66MoIDtC9znv0J4fG3keCEyczYj9rQMO9u2zcV5yst5UV5wPl3gw+rPHzrRVXLpQSIUZ5i0XQGV/fvjQFUNAQPAlhCMJ6QCCnBSs9YtFV4bmWTnQPuLz2xGlG9pXO0Z7dQFLAez5Uzr5I6xB1ySt6Crgy8Wfld6WP1EG9+v3SfS5DPL/5xP3xoxyn06WhOBk5q2uFRZumiihJjW7/lYnlVZurV8W0PgSut2ER/17GSUyhtAPYAQIg04RZDZFlsCfyn88QXUYvHTvOvLSB7tE9NZnqOyyrMXTEl2HJtygWR3fNkhxlDK0OIZBcYck/vOhidvAmtxdPh4+msk7dtYKYqlyh6dwSHqFFA5UF6vXdguyLU7wHqk++Y9LO7BcJ8WtByfz4HRH6fmrLmWdp7Sys3xiFgEGqLi+h64nO4npJH49p+DJ57lSJdW1OBVrFDuI/+6WyEry3rjDRXEs/exsQZ6bf57JIkeA7MN4P0Hfv+2+d6ZTdIeuSmRKzFGjwYldNRrUPPhBOj/h6RusFJqt0uwhMTlC2ZMT2elwxWa2rsWRtyRLjfzkKDY9uzcv8DcSU5VnGiFYzwlyLRWGRfv+peG7AqMfd7q4Z5Fq5jrDem/XzOMIz0eLf1H5D6InDuAdaUSAKgc9lVFKBwyh9h1ZX1syX7r2spXBf0Or9F5FpaFsGa4Ypq43KZurypw2o5U+UDDMw48Z4q6v6B39INRsXXObkFghVQhSsbKM5WjTrVvJjnyEtWfD7pkXO1NTlw/wfC+Sg60RmCW/abPDNdqrmOPhhrbUVkeHBmOdd+eIFobe1+NpvCBrWsN5cBOa84h3P56pqQxmpNsyEWHklMnLGsapetZhRFyuqzOBeDUDq9LRNEZDwo13V+TQt7vzR54xyk76eK7lE+mE326J3rpcdx6SfQnl8/Axj2lAcD1pB8VbmAPdnm8k/+hDJfUyF2ylNdJ4xjXEZ4Hgiyxsvv9FZkQEY7rw1P0AjHmKa+/aV3U9Eftsp0dU3SSu2yoCBWzfU=
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(10070799003)(376014);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: rc322k3z/Jmq23ADFxjC7AGU5z0NgSzG7SjRqMOabJS2JU0fgr5MBgcKZHqVXwfjP75bBS6iNka/Me07EJ/aCc9VxMwVKimUPLJMIJdUBKReDU1AzNim8OKaRnWmLxYNxFbu+zH7B7Ao2Mc+t4whIUg+8yBOF7svp+cU7fa4AlOYxAm2UbgpCAQyQSwHTzI0XRCib6QavC8N6K8PhEFHvg5KFiivPaj/Z44bnOprcdzU95EbNgvvhzTOOzZpW4rmFW/VZYqZNAn+KVwwDDsXF3ZeBdLWeu768ZfUN40ShKFB7Swwbn8qrA/SygJLyF3dgdhDbYTKA1Ojii4Sj7oOo/RiiTiP5nhKYlZpxYzacXHfhghQeY2Foo5xg8R6mEITjalovaNQinhL6J+RAIL9ydMs7ywUw0D5LwCUY4qNgR7UWeXO1XgfIvkcrSp3x6bKZfQQE4HyAp13jXHc9puFt9wkZroQ7lLAe5ns62Q3BR3Z7xv0K6sMo9a4S10rfMntnYgfQseJgsDANRBGGwfmWPp1oNezDDIoLfvxCUQieIjCmBSTeDDmyM4lqDh4sQ83J1Y+oRTkRpgIXud0KfkcqJwCxQUoM87efwfszjnHXgCceuw9R2UiHO4PjyQzo3IYRcQw1m2TWHi7KI4leUzNl0gwIM5Eis1zWYevaDgWemgdtQyNuVgQN+HdonYZg+I3PKhQDPKJdoagPQ1ObiT6NrLjvxIFCeAje5cq0XU2p2mBIvddozOCYGc0Wuuev8LrqJ3CPnNHMMe92Ao2b7/M5GfBcvNQwKpG1r+4DRp3S3LxdZ8XIo7RLPlcPKpSQIk1oOuwTkMuO+0T1OVk5yDdSwwvm+nYhJ3LWVocJkSCQQ29ssJzvmDMI/0eX9XXPfi0bcA4JvdtbWXyLpPSJo69TGZOCi2GSB+fJpLNsXWb3DuKiNcV2MkSpqJwNGJ+4q1mPjYKsVt3oCLB6XPrFmfhdiCJhVtr0NGFGrSqNqt6DMgzKeggCQnrDHAVzsaB7dhDYemXYtqQ2s8zHecRklnKsjd0uybqfhTvet13P2Yh6YlA5qSyIQ6pZoTT43qBNOhdyW+U+zaW4YVKzxhRTCcB0nMv5jAArjN9ixc8zgzhilOG9tSN3qjhS6CxQYw4OJNjEWhV+N/nyZQImloof6AL/yHw5d+2V1SLgL/XRw7nwXR4nNa5E+CIQ9zK0zqu57hoZhr8ACHEAy5c8bXd/GyWwKhMvmgCLbimf3zFAL8cgl13rc4zzp3toxdDLStB9IucTJjW57siQ/qOxkt8JbJ3+tAzUOQaPhFMDTXN12M1uWzacE23kfVXC6anXreoJMU251tvAczwQ/ENCYO132VuUTJ2xcKubK06BzuvxxV4wA7JdTAVljq+FKKZZ8q0vyEDknUBSLF7OZtiFw4PpFeFeakzELJ2Nj+VwaWTFE0rns3KPN2jsGTWPFGZ/a0wrivG+/PHbQwnBow3ph8qpjfc3GQONWnSYsxBa3kJktTQcyueo4vUextDzJ62CqQrCo+vFm21JRecDkt2Bqw5j2Qp6RvTAUWbRE/e9hPzw/G3yB+NSTAYKvbSq9gELfXNaqRobgC8EU5i+bGQAyMfA2FmJ3Uh6CfsvgJzc7seldX2f8mlHgueJsbt7re709wCEsAe
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: e5dc6f81-21e8-411c-3e62-08dd7dd621a4
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Apr 2025 17:34:39.8641 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: A8eaTNJz89wjRi6cLZeL58EcTFHvrp4gL2GVtfllUJp5Q0wH5t2clWiJfIi9mhjj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR02MB6020
Message-ID-Hash: Z5A72QAFR6DQYICPXRTVWXGNXDL3LY7T
X-Message-ID-Hash: Z5A72QAFR6DQYICPXRTVWXGNXDL3LY7T
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "paul.wouters@aiven.io" <paul.wouters@aiven.io>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXT] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vjcg6Z36_o2YNHbu7TCA_CmCtIQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>


On 17/04/2025 18:23, Blumenthal, Uri - 0553 - MITLL wrote:
> Don’t try to stuff your perception of risks and correctness into
> everybody else’s throat.

Aside from the needlessly accusatory phrasing above, seeking to
reach consensus on the comparative riskiness of these seems like
a good plan to me, and entirely doable, so I disagree with you.

I also note that you earlier declined to get into the gory
detail of why you consider hybrids more risky. Arguing for
inclusion of text reflecting the details (gory or otherwise)
that have been aired in public seems entirely reasonable to
me, so if people who prefer one position over another aren't
willing to say why, they should IMO expect their positions
to be less well reflected in draft/RFC text.

Cheers,
S.

v2.30.2 | Report a Bug | By Email | System Status