IETF Logo Mail Archive

[TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)

Izzy Grosof <izzy.grosof@northwestern.edu> Fri, 20 February 2026 04:37 UTC

Return-Path: <izzy.grosof@northwestern.edu>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 0B6D9BA402F5 for <tls@mail2.ietf.org>; Thu, 19 Feb 2026 20:37:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.396
X-Spam-Level:
X-Spam-Status: No, score=-4.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=northwestern.edu header.b="nmOQ6uQX"; dkim=pass (1024-bit key) header.d=northwestern.edu header.b="fweo9DNc"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rt6Q-P-XZC2V for <tls@mail2.ietf.org>; Thu, 19 Feb 2026 20:37:34 -0800 (PST)
Received: from evcspprf11.ads.northwestern.edu (evcspprf11.ads.northwestern.edu [165.124.82.242]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 557FDBA402EE for <tls@ietf.org>; Thu, 19 Feb 2026 20:37:34 -0800 (PST)
Received: from pps.filterd (evcspprf11.ads.northwestern.edu [127.0.0.1]) by evcspprf11.ads.northwestern.edu (8.18.1.7/8.18.1.7) with ESMTP id 61K4ScGQ027599 for <tls@ietf.org>; Thu, 19 Feb 2026 22:37:28 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= northwestern.edu; h=content-type:date:from:message-id :mime-version:subject:to; s=proofpoint; bh=G85I1Um1pKa1Be6aC971l T/a/qzeq458tOefgOSNXAE=; b=nmOQ6uQXhIa4xjYj5bJZdfUAQLk6Nur9pcOjb UyAsAMi8aKR0JvI11FG1H25u9Jpq1va7gHx9ddTVgu96Sds/7LLEIwWtfjrHfLZl yZWaaNvp6FqVLA3q3UYZJHWx6qAM0SXaCS5nu/yNbBnyY7v9qmm/xKqhf4wTkyBD 9pZKymNQMBvZ3ek1upnIxE8FWzEnDBP4JUnALzj8J3I1Q0qNV0nbPWXZpQa2wQHB Mvxxo8SpFE8yYdqftLFaBCpnYfYsrdr/7RsI0hKUnkXOPK+KiGtHOcsReF6gjeav HSTlV072ztJhtMJ/aSl6xSWT56e/MVUgRycwfZ3J863E8/LNw==
Received: from ch1pr05cu001.outbound.protection.outlook.com (mail-northcentralusazon11020072.outbound.protection.outlook.com [52.101.193.72]) by evcspprf11.ads.northwestern.edu (PPS) with ESMTPS id 4cd660jaqt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Thu, 19 Feb 2026 22:37:28 -0600 (CST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=BJeGkZ5mIAFfCwO7W1f9eEzYD9ktdcZ2JuKoEeqd05Cl1g5fl3aZCIR5IUevaYwHQ65cmPiTe42W/OpEeEWVVrtQ8+plbE9ggikzs6szSkBwOrUvT8Ms/mZPYTMrgFKdGFwciOuaMTKeEOfH0Zz8v6EQlPWUcLlArPvkRPuTlbQCO8zujYWQdJCGowPYPsu45l59R+Nt26zpPMLHKI7DKEhC6qNxYEPiyhgoBSxkiK9p4A7Jd2CdoxlB5QCxhORnjcue6EezLRNjAXYzbgPlgv+QT1EdTsLtIEURrXgu6dSFc+9PskZrcdH21J5vnw1/cNCXEcl0L2tQ2cET1QY/Yw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=G85I1Um1pKa1Be6aC971lT/a/qzeq458tOefgOSNXAE=; b=j2wvfqj9rFP0rFHWYcBJ4zHtRuBS4Nbvy3RW752ycO9s/Wk7A0ZAZJZ2rPknJVmsbLbEBpNWicdNmCPdYtZsfjj9UTESvYm5Is1gdTraYsh5Jv1aIR+aCdnLp/OMKOOdp90tj33W9EPo7u7ln11L5q0jwrofpsL69fIZz4jOssEjA194QsDqIU9XEywPHjcR9uomZ88U0RzFhyGaD7glSaXJBHP+LmxFXqm++QbQ+rXTL01bxRXbAJ6cngTMjbhFPtIj6XpjMIBCO/pehmE5jpLHN50izPAW5tUITNtGR2g3wiUwvBLilJz109r52uYr0kYAku649DaKIqx7TOFXag==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=northwestern.edu; dmarc=pass action=none header.from=northwestern.edu; dkim=pass header.d=northwestern.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=northwestern.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=G85I1Um1pKa1Be6aC971lT/a/qzeq458tOefgOSNXAE=; b=fweo9DNc0rXw4H0yJPGAM0zjFYKufBYBo8iRWB+bfxmqwqajzIjI1Os8yqaFmQFYoCCWEBttwtkwJFoyNLBpI24oYCjVv6ZZxF7hZRGk8Lz9aB3Ifu7fdGPC+WFY0dalpy03IBi0ce5CvRza/QMvRUh+a78GCmMXcPzkrC1tXFY=
Received: from MWHPR05MB3647.namprd05.prod.outlook.com (2603:10b6:301:3d::21) by PH7PR05MB9260.namprd05.prod.outlook.com (2603:10b6:510:1aa::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.13; Fri, 20 Feb 2026 04:37:25 +0000
Received: from MWHPR05MB3647.namprd05.prod.outlook.com ([fe80::7483:c8cb:66:f057]) by MWHPR05MB3647.namprd05.prod.outlook.com ([fe80::7483:c8cb:66:f057%4]) with mapi id 15.20.9632.010; Fri, 20 Feb 2026 04:37:25 +0000
From: Izzy Grosof <izzy.grosof@northwestern.edu>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)
Thread-Index: AQHcoiKcIPjcFObJJ0W2izD7vQRQsQ==
Date: Fri, 20 Feb 2026 04:37:25 +0000
Message-ID: <4f0a9258-8d66-4573-a0b6-2f35e03972d7@email.android.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MWHPR05MB3647:EE_|PH7PR05MB9260:EE_
x-ms-office365-filtering-correlation-id: d3f9c81d-3690-470a-f630-08de7039bef0
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|376014|786006|38070700021|8096899003;
x-microsoft-antispam-message-info: W7lA1ON6fD9FF4JedmtmzgddN2eeYsV7Zr+G0WuWjwBTxyVfo37c/nclyjit6JuebJWXPF6KbbnbExCCEh6PpnlwQLckiAqgvNNTpNZJMRkoRp/tx+Xp9MaxQl7eJOEgfOsdOIpdamTyyBFLDOIE7GT4vDfjskDqrym+En5jBVLcIwh8Pmi/FmoQyc6zfJxMBrx8yfsYZgHjTdN3lPtPC2XWJRH6Pyq6ucBSJPEsKNtr7aEm8KTKrojrLJxwqwP+xSqcA9DkGMoHYS0E4ev5kWuyDn0oCPgDG5B82GLFkvsnSW4nK5oJm0YIX8O10CHZArdS2d3C4BNhLWTsH043jMMTJ4psdWYFFvHVfgwjQZ3k/HF+K+4ppYxJA83ucjDqQpEdSWFMUQscIZ/cr+JkvIqRyhmeVPb48DLTPM3j8ceYKMh6N+ctoPMsbgEla9zTAICr7i0yBFpmlT+r0fC+pga2Qm6qJKFm+PJ/uZHDLb54b1/GhwFqPW186A51BzyV8zgmFQB95Z3LCimveehuIv++MmqB7mZR33Zveda1eUBcN1wwen8TZqeRHoL8n/8oZlHTsBUNas54vkIXK3wuj4WMdgtqtuyhYrUiy3F7otcURqCFbVyEhcesR3yH9k/5jq5RkDE5+Tr9cchOCLV+J9yRWQc9+cm5a4DgHlNsMHy8ylH0YBvDrBrEpv6O1dmZZldo5MhkI3xFULNYZ96vmPXk3DaVs+deEW/JVy0suxH2eh9vCd/mHWvCfqQ53AeNtGhR7EKGnF53kvr5eBYjDLG6nOvm+e9eyZVdZcvjnSR+7cSQ45Q1e9dsiCurUK3KEhRcJ7NSmv2x10N/10+6dgmsTw3JqJpwoCUt6iaLCeFHuSxU6fVb2srkGewM72yJm7Ta6TNwqv6ZwFHEqxJCEFWu0UNr+FMwA5kjhMpduEbxwhFJHQL/VXJsC8+GIXkExHVaAytu1CZJxCIj01X0ZlMsZoQSC5Lfbe13yliy7P+SPdff1zU4Of3h/j3TXdq+kinYSQ63XaVjOqRklSK+okkT+zb/+qG9+4VpMYxtrTTmSxuSyKs9Wzd2MIA7DWYrVf2fFyu07Y1IewxhAg2xlKBYRsOTZlrrOUzodNMJsobQV5KN1jIar5Vr9Zx6DSiRYrO1wLPSk3B/SS1dAHbMH0aDHMUewOT96JQQBRXsiZsZ1gsXJzExaBsaBwN2cdIolFapZtkaZC2ty0EOgptvW+AiuUUORE0IQMv0buAGeUsahSarjwxbAQJawIQd3anAw+NIJnfuymLfvGWgj4YPTmeExAtBlyQTQhgmYYEwY60TJH0BP4cat3O+QzrPEFIlRCwhqw41S2W5Y8TpNj7B8trvlIsv3kKebO5nc4Ym/F12btzlH4z/msN1BtAt5a1qijRF9QKADkhDbejnRXjBuQ2aJ+irMbaoUlO5r/Uo9s/xE0x9CvdJekZqj8Owmvfl2CHoeQWMQobIG3l5Oz+QxSUvq9ucbc0cYpZn7F1NO4HsOgtm7oMWLeac5C5InPdkZi5kysfS3/dLfoMrR5avC8Evw/XUF2xPzaiHStI/7MGSI4KXOvwRAh7a6jkJukCuSQbam+160ZabR3+kjuCv9C2yhGjOWNCQC+oHLmB5BJc=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR05MB3647.namprd05.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(786006)(38070700021)(8096899003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Ojr2u2h5BeGYmz4bJNLFGpJSbKAjhglNpD5kjiGvcsPuhfhFFkGRim7w42PLktrs9u15QPtF7FY0RutniumnDXhe9AOKBGaLycIXl7c1CwoznoTbgnORqn042pUvuV8AuaPK4nK1DWwQR0Al83jSRb1h/sCW7b65Kf4BvJ/Bzz8vOJvzskiS9z+JF25zdwKEQdB1Tl3+4mo8YtyQUOV/7VjomYwhpAe1lOzsHQ/EzZ7ZxEMvhNuDkTdMscRE7uA6KlaXdYLeEMRbYHd3yugI+FOGZWoHfKVZiPLhc4dvMh4UC6Be+XlKt4iNzBPVqlSeqXq5i5Z0jy4/6qPNaYakqmVFARWv4rxoxI8eJVCzeEFBGZcwfCRDP3dv33QDtRU2qPazFBC9y1/Y64Slu5NT78/2PS14Eg2O3Ei1mLvVHNyBeAmXD42S+CftI1Iua2E0R4TAZMZ5EOtnCV8ju9uE4qhCxImoJwBKNB82F5df0gsJshsXYHdWk3g1Qs/mWWVMj7uchA7C9kSIbqPCoJ1LrwhmY6vLwlJXUpFQGXaSEkZfxKt36QnVd0YHnRPsPEgAKkA4+aeNSGP+zTh89acKaqJ54Uo/Dwg4DIaFU2kHKL3XrcMd5/csO0QcKAH08mYMkPOAsqn05qhDQgtflTRN3dBLcS/HymGg2ZDoUcIhtPSEFMwz50e+pgvqGoaPbw8KBSUmP1q/T8781F690Wx7qRVOWNWIBOOWaP6KvQjw1ZHzfCxuUxYuyOywCe1W32e2Sum66N8M5ouZXVjjDKoZiMFP3fxzg3k0NVDHrU2szF2DBzCGnQF6jmimDbYEsVraCtLhfZltMCqzgvvmkL95SQoV2HVFQvf5wcJRNKOCb8q2zbEAHk/r5ADxr6xuobkan6pXqdQYsFkNSz0tOxJP9H1rfj1GDpGY8enYUBidu04OEWaDXalRiHmKCCGGoRyzKVA1Dt1sI2lvdwkwlsntCVmoF4xOrmZ53QIbmoYnZPb9Bia6LOuYQxVj/oYpwdRZS9eE32Zye/TVZ8wUM0Tv1FzuJa+0tz/u4CrF4U4z1nONwURfPcUC2utjBTGxqR6m+JRr17P14Q8gI4dzKf2mAC1rkYWOd3IGm4RpnpR9hTUmLl7toL1mPYlmZuIw/1m47gY3RKS6omBRfD0YxLoKXLY4eBBX88amdXyhxKpOZm2NSb9jQmiL0qDB21PVFPc82uHVNu5Zu5SP5w1pFfnESc364LisS2MJWeY4ET3wpyURi3+RAfOyq5IwjSj7zN/swGrvSFtX4oahohd6l4VM357aHci+xIUznUOtj21Ghp0z8+U3GH6Rl7CUJNqof/Mj9bO8CRmw2BkeI3YaOZzz7j1B9+mubE/m8g/y7qHNxLgVoVGE0tyfEiRmODqxFuAlPDYlKVchjNIGn47aJzk+3V0zRO/r6gKcVSfQwqZRqbhA83Ngi9UL9HcA0t3uUIQ5PKFz8cCIp8YFZvcW6cSPSKvFSfoft59cnaWq9cPR4Zvxlf7KK9NFV+swtkzUlAmboC4/wTMFU7NXeob06ZliHlYNC//pVb9/WuNxew4KNIDJxuCc6E6FC8Fi3MEu+KJjkYETnEDfK+sLA14p06Xx8Fpf21VI+fIIGYLeEJts54CdksGghTAoLIzmAEB1ZQ9TQaqEKkIwodGeQAd4rk1OrUPBZStUSq77DZdBFvcIaVCtV0wr90IOEhX4ZFcMpcRUzOLT8aQH4b4FxOWEAkewprZ3dbISn+irKl7uogNzxAQ=
Content-Type: multipart/alternative; boundary="_000_4f0a92588d664573a0b62f35e03972d7emailandroidcom_"
MIME-Version: 1.0
X-OriginatorOrg: northwestern.edu
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MWHPR05MB3647.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d3f9c81d-3690-470a-f630-08de7039bef0
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2026 04:37:25.1827 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 7d76d361-8277-4708-a477-64e8366cd1bc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cJ/JYRk6DUNvwIKVC5crCH+b2UuziqEbSoADUINqlcrDZ86vdcIxWn7pV7ligE02z5f+dkJR97niH3Wkk8xO9L67XEdHnyI2KnQrJ/xcqi0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR05MB9260
X-Proofpoint-ORIG-GUID: _7A1DCYhqkjykq4LGQtcVJvjm3RLH87w
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMjIwMDAzNiBTYWx0ZWRfX/ZyL0h/OGbch 0znrz/qUG2THtEEAu1GUsYQFazTLyU1Pp9F08aiWGoffgPzDiWG9CMAHu+/HTQw936Tp7KROUQO 1GFsQOSr9raB9BJAHgHYfboj/7X8bEd3nSw9HLOOylUPAIZu/fhmxNKJyXm82oeGXfSUmWk9Upn b76uaTOVBG1IJBfiXInl3NciV7EUnngGq/6oBsWjix2TPyToHEj1XBGiF0IqXncRjEGiBc4DUHO sj5QtzZXtzuXimOu72buqlAfftcjiC45zLA0jIGMO/PB0dGqjix8jJWrvNVO6Aej7FfOuVSscrg 7rrMOcYW8QUKr7N1mFk7P4GhXKkXHiGaJlBr7eOdEXYNidfQw6tnu2xMJqERf4rKELHs1zHbDpg dQ1HETFf
X-Proofpoint-GUID: _7A1DCYhqkjykq4LGQtcVJvjm3RLH87w
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-02-19_06,2026-02-19_03,2025-10-01_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 adultscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 impostorscore=0 mlxlogscore=657 phishscore=0 priorityscore=1501 spamscore=0 clxscore=1015 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2602130000 definitions=main-2602200036
Message-ID-Hash: 4DTE6CM3EXYNTPURES5RXYEC3T7WP2J6
X-Message-ID-Hash: 4DTE6CM3EXYNTPURES5RXYEC3T7WP2J6
X-MailFrom: izzy.grosof@northwestern.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ACw9YLxCqSQUOXUnw_4lbuqeuGw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

I would like to register my strong objection to this working group promoting the use of non-hybrid ML-KEM in any way, or any other non-hybrid post-quantum cryptosystem. The correct course of action is to recommend against such an ill-advised decision, not standardize and (implicitly) endorse its use by doing so. If someone wants a post-quantum cryptographic suite, we shouldn't place them in the position of having to weigh the pros and cons of hybridization, splitting the field in the process: instead, we should recommend a clear and universal standard, namely hybrid-only.

The performance improvements of a non-hybrid approach are trifling; the security risks are immense, given the breadth of attempted post-quantum cryptosystems that have fallen to classical attacks; and the argument of code simplicity in fact mediates in the opposite direction: in a non-hybrid system, a single bug anywhere in the program can ruin security, which is considerably alleviated by a hybrid approach.

Do not endorse or standardize any non-hybrid post-quantum cryptosystem, via this document or any other.

I have been following the debates of this working group from afar for a while, but I just joined the list because I needed to respond to this last call. I am baffled that so many people are taking a stand in favor of a non-hybrid system, which is transparently unwise.

For context, cryptography is not my area of research, but I did a master's degree in cryptography and have kept abreast of the major developments in the field over the intervening years.

Prof. Izzy Grosof (Isaac), they/she, Tech E280, isaacg1.github.io

v2.39.1 | Report a Bug | By Email | System Status