IETF Logo Mail Archive

[TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)

Keegan Dasilva Barbosa <keegan.db.cccs@gmail.com> Fri, 20 February 2026 20:38 UTC

Return-Path: <keegan.db.cccs@gmail.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id DA331BAC1EFD for <tls@mail2.ietf.org>; Fri, 20 Feb 2026 12:38:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tI7bQFG0Icbt for <tls@mail2.ietf.org>; Fri, 20 Feb 2026 12:38:12 -0800 (PST)
Received: from mail-oi1-x233.google.com (mail-oi1-x233.google.com [IPv6:2607:f8b0:4864:20::233]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 08E84BAC1EC8 for <tls@ietf.org>; Fri, 20 Feb 2026 12:38:12 -0800 (PST)
Received: by mail-oi1-x233.google.com with SMTP id 5614622812f47-463b3697846so2168720b6e.0 for <tls@ietf.org>; Fri, 20 Feb 2026 12:38:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1771619891; cv=none; d=google.com; s=arc-20240605; b=b9zsEsvAmMQsIchYgMwDsmdeIUCXJhqowmvlfc/taysZ4rHUMbYWgbk0Jd6ecV2AEE V6/zbn03wJZYIMxzx8AnasTHBVO/kyUWx1X7yJNtWwRjOIU7q3jvlWP2dLBS/o3QW/xd PFScRBC0TRpTF0M/m1rIdADg4+rlL6KPcg3OfP+7p17hbI2mXXq5JrlQplKY7SAcdzIE D6KitWm1f9YkRxgR5iE+DE4O62MRABSgUOfii9yuGlASJ1YjgHJl/3/Aq9SevqCQ5Rz2 8JZboa3cBFRupA6R0TivwpAT5KKQDY0gnA1gK9tbv/IjoR44kBkyW1olT7ZrQwiChw7/ G8+A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=AoP1L4LgvubNJCVM2QiNxvPDU5BiVbB+kmuRW32YmSQ=; fh=xAG10IiJPP4GOmlOfCntepTVUPXOLNYiPXFwzwy9dzI=; b=O+lx3CngGkonSR7rR3P/2TQqZGFh9yVXdFoMwk9/V75436UIY0n5dTQ0liLRcUF+YP hDM+r155WKlQKdzWRPrsHyPdGfeBTZj9arY8U1hX5qoYGYQeXJ5E7oJZ8vqob4JGG7va q5TrTQnMg7VoI6isfG//NS9dH5xZABRPgdoNpmOFSAHQPeyMEsYFGvLQ4wouI7HWTmVG Parh0YjIWGbnInb8uY/MrQaRp+Pc4/+bRp+MYlSmIUBVLQC3hHl/z5lUfaY8dVrdmUrp G0roWHNNSr64s3NFr1jj+1KYK1SkEsJBOy2OIdzK2kcRrDozUcc+T+wAhhRrHxjdTm9A mmew==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1771619891; x=1772224691; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=AoP1L4LgvubNJCVM2QiNxvPDU5BiVbB+kmuRW32YmSQ=; b=OmBaYaMQQUq6C9jVex4ovfM0x56RpLyRqb59tZq9uHbReRYzLTV1UxZXE9jnxgArSM R9IyJvtUPfTMVW2ZKr0OrBKFNaLlqOqPkjV3fsUgT2wZFxBnH5ao27AcyRR4vhPr4MLJ eu8Xk1LZLoxKe58vIL7cim9LQJzYCxQOTqL3UM+tHtvGLzVE7g/Jk4IS5G5aA1n62WHw 9uKWm2eMIwW5GCx37LrZD8mbYMMMR3ntB6a6L20z8kAMAkJPwX3hYp3OqZr3VNsloSU4 PEYPRpUEDKXjkkzAkKfTiNMiaPFlSWTREuaTpJ0rnJGosAnHI0/yRKTjBCZSN4ounwlD ArBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771619891; x=1772224691; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=AoP1L4LgvubNJCVM2QiNxvPDU5BiVbB+kmuRW32YmSQ=; b=XNBAyPfDCRMUEA2XTCRBaLP0pVf0w73mzioc42nV7dmnJkPorAoNimTCFZMkxXEvLQ Vk/IZx9KNYX6ncn1Cp9wOfcjSZX6/p2ZQn/oPjyJUAHSjU4F9azgQNEwDcvKU318y7Bq zrzd6LPTbvPkJotiDXFkVuoUdE6VC411SYN7+FCGFxlvVgyw0N2SLOCfjOyE06Nc6sqJ 0m/CMOXR9SSIEeD/8y1/A5od4tKiCcQyz4FNed5kQELXhBK042b4JR6R/ZqjswhIine9 a8WEe4CAt4VVFa3w/OZZ0ExJzncpUwKLdSkod3L4TVtvc9fRBaIrHc463U3/i4zmwjNZ sp2A==
X-Gm-Message-State: AOJu0YwTFsSd1YEe5Vjzh92C+EaWH4zRLUUfVGuaKrxBiRh9TCw1QpQf AudsaOFbGvPMS1cLy+CMdqPj34KeQ01yM3AsOElmKqqMttcrKxzOby3y6rvpBGmIrqXgswELY0U OfpTQ4CimNV4eCXJU17PSL+L+3ltACyQRsQ==
X-Gm-Gg: AZuq6aKIJ1DqbescMHvR/ufWVUNiQZOqyXrGgmCCIxjg4n6D7dlKv0SvjaOxclielSg QhOigGbaYIEJ7HAhd2UuYXiEsG8p5QJSjRxGzivU3VL84O2GFyj5o0dLxNqtOgXscbg1BNGmRAW WRFy1AeiQGaNicIMRZKaaTXp/PmuGwWlf4h2ea+X08LBmiIPUJ6td9PtAWkkQzSlDUPRtaWNRKa 9KsMXVC6XJtDCbRJZBi7S2PL4/P+ErwYAGNjI1gE3VfpYx+EePlTN/qE35aFkiOnL7W4lz4n1e4 4SPBlffp
X-Received: by 2002:a05:6808:10d6:b0:43f:28bb:2f85 with SMTP id 5614622812f47-46447066de8mr583570b6e.8.1771619891027; Fri, 20 Feb 2026 12:38:11 -0800 (PST)
MIME-Version: 1.0
References: <20260218194044.1135896.qmail@cr.yp.to> <7C9C99AA-42B0-4BC7-8F41-39F35754F1C4@vigilsec.com> <MN2PR17MB40310F0A2891942D76C43E60CD6BA@MN2PR17MB4031.namprd17.prod.outlook.com> <2caab265-00ba-4078-b6d0-3a178dabaa61@tu-dresden.de> <CAEEbLAbkV4YxN7cgggckpEp24MLtRZpzs6M4KemBatpzCCcs0A@mail.gmail.com> <MEAPR01MB3654415F735DE96CEE239C78EE68A@MEAPR01MB3654.ausprd01.prod.outlook.com> <aZfbhrFDBp7a0xHL@chardros.imrryr.org> <EB48AB24-A1A2-47C8-9C2C-47C93B9320E7@thomwiggers.nl> <93af0689-4bd3-4f6b-afaf-41869d27fa4d@app.fastmail.com> <CAMtubr3QcHbiP5guhBoiFbFh8tKSD6WNHBJkxxb_AM4Wy5i0=g@mail.gmail.com> <9b71e709-69a3-f3d9-4cbd-d4d521556c55@nohats.ca> <ee1be3a5-0e03-4976-8398-45c014c9dfcd@cs.tcd.ie> <MN2PR17MB40312E1668509F478EA89251CD68A@MN2PR17MB4031.namprd17.prod.outlook.com> <18AC90C3-007D-4B41-9B01-A0398EAA81B0@symbolic.software> <CACf5n78fNgGc5KnwDAEt821weeWbc9c434iQjv8pUC4hZGZehg@mail.gmail.com> <F8BDC225-82D3-402E-8B84-990E7F16E3D5@symbolic.software> <CACf5n79yzmE8ENGaMC8ExmZBq-GKDZdkag_AbLY+h5PHcUJ+ig@mail.gmail.com> <BN0P110MB14191F920FF5C39E310E88BA9068A@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
In-Reply-To: <BN0P110MB14191F920FF5C39E310E88BA9068A@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
From: Keegan Dasilva Barbosa <keegan.db.cccs@gmail.com>
Date: Fri, 20 Feb 2026 15:37:57 -0500
X-Gm-Features: AaiRm52xjLwyXsnmPNYoBNJaTCOzAU9CeDdwDVSj4_5m36aLKHa-zq0Ra9sH7TY
Message-ID: <CAOOb3P9mo=8nn_JRPAr=rLDPsC8rW6ahnuxfNVg72Yw7DEdD3g@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004824a6064b47664e"
Message-ID-Hash: 523SJ3WAXNLMJB45TVPZVMCCO2UPKUXB
X-Message-ID-Hash: 523SJ3WAXNLMJB45TVPZVMCCO2UPKUXB
X-MailFrom: keegan.db.cccs@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXT] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uOeM5IRcYYjpNFlRyxEfo91q29c>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hello,

To clarify the discussion related to the Canadian document ITSP.40.111, it
is just a list of cryptographic algorithms that the Cyber Centre recommends
for use. The document is not regulation nor currently referenced in
industry regulation to my knowledge.

I will reiterate my support for the publication of this draft, since we do
plan to include pure ML-KEM within our TLS guidance from the Cyber Centre.
However, I request that ITSP.40.111 is not cited in this draft in a manner
that could have it misinterpreted as a regulation/requirement.

Best,

Keegan Dasilva Barbosa
Canadian Centre for Cyber Security


On Fri, Feb 20, 2026 at 1:40 PM Blumenthal, Uri - 0553 - MITLL <
uri@ll.mit.edu> wrote:

> WGLC has happened already. Enough is enough. The fact that some people
> being more loud than others, shouldn’t impact the outcome.
>
> >> I was caught by surprise regarding the advanced nature of this
> controversial and likely harmful draft
> >
> > This simply furthers my point that the discussion in a potential third
> WGLC will likely
> > mirror that in the first two WGLCs and the adoption call.
>
> Agree 100%.
>
> >> and that a clean reset may be beneficial.
> >
> > There is no "clean reset" available. This WGLC was supposed to be a
> reset, and look where we are.
>
> Yes.
>
> > Any potential clean reset at this point is just an opportunity to
> relitigate previous discussions,
> > which is only beneficial to those who disagreed with the previous
> outcome.
>
> Again, completely agree.
>
> >My objection to doing yet another WGLC has nothing to do with any
> individuals,
> > and everything to do with running efficient decision processes and
> meetings.
>
> While my objection may have to with both — I think we agree in essence.
> WGLC has happened. Some liked the outcome, some didn’t.
>
>
>
> On Fri, Feb 20, 2026 at 12:02 PM Nadim Kobeissi <nadim@symbolic.software>
> wrote:
>
> Dear David,
>
> > This seems like a tremendous waste of time. The chairs should exclude
> from their consensus determination mail from people who are not limiting
> their comments to clarifying text and are instead relitigating the same
> previously discussed arguments. There is no reason to believe the same
> people going off topic now, will not simply go off topic on yet another
> WGLC.
>
> I’m surprised by the aggressive nature of this reaction. This is TLS we’re
> talking about; it’s important to do things right, especially when we risk
> adopting new functionality that could very well introduce a weaker mode of
> operation into the standard that encrypts the Internet.
>
> Furthermore, there’s no need to make negative assumptions about peoples’
> behavior!
>
> We’re all on the same team here, and we all want a more secure Internet!
> :-)
>
> I’m a cryptographer who did a bunch of work on TLS 1.3 and even I was
> caught by surprise regarding the advanced nature of this controversial and
> likely harmful draft. I think when Rich made his suggestion, he was doing
> so realizing that communication on this list regarding this particular
> topic has become conflated and a bit of a quagmire, and that a clean reset
> may be beneficial.
>
> Given the importance of this discussion’s target, its potential impact,
> and the historic nature of the decision, I think it’s important now more
> than ever to do things right. Otherwise, the WG opens itself up to
> criticism of having rammed this thing through despite a lack of clarity on
> consensus, impact and other elements.
>
> Nadim Kobeissi
> Symbolic Software • https://symbolic.software
>
> On 20 Feb 2026, at 5:43 PM, David Adrian <davadria@umich.edu> wrote:
>
> > I suggest that the current WGLC be scrapped.  Wait at least a week for
> the traffic to dry up. Then issue a new WGLC with a completely different
> subject line and point out that discussions on previous email threads do
> not count as part of determining consensus, if you can do that. Run that
> WGLC until the doc-cutoff for the IETF meeting, and put it on the agenda
> asking folks to not repeat what they’ve already posted.
>
> This seems like a tremendous waste of time. The chairs should exclude from
> their consensus determination mail from people who are not limiting their
> comments to clarifying text and are instead relitigating the same
> previously discussed arguments. There is no reason to believe the same
> people going off topic now, will not simply go off topic on yet another
> WGLC.
>
> On Fri, Feb 20, 2026 at 11:19 AM Nadim Kobeissi <nadim@symbolic.software>
> wrote:
>
> This seems wise to me, and a bare minimum indeed.
>
> Nadim Kobeissi
> Symbolic Software • https://symbolic.software
>
> On 20 Feb 2026, at 5:11 PM, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org>
> wrote:
>
>
>    - FWIW, I read that as meaning a fresh WGLC not one limited to the
>    - diff. And I think it'd be unwise to process this as if it weren't
>    - as controversial as it clearly is.
>
>
> I agree.
>
> I suggest that the current WGLC be scrapped.  Wait at least a week for the
> traffic to dry up. Then issue a new WGLC *with a completely different
> subject line *and point out that discussions on previous email threads do
> not count as part of determining consensus, if you can do that. Run that
> WGLC until the doc-cutoff for the IETF meeting, and put it on the agenda
> asking folks to not repeat what they’ve already posted.
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>

v2.39.1 | Report a Bug | By Email | System Status