IETF Logo Mail Archive

[TLS] Re: Composite ML-DSA

"Salz, Rich" <rsalz@akamai.com> Wed, 15 April 2026 14:40 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 082FADCD131F for <tls@mail2.ietf.org>; Wed, 15 Apr 2026 07:40:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1776264031; bh=Vbzfy5ePr33u8LXcaT66T2ZcekzSM4m3XY467VDQB+s=; h=From:To:Subject:Date:References:In-Reply-To; b=r+NXooSIT9G4uDJ/5Lgp8xDdskvAIeQ4wUnUMZlh6EE54xJP0Ut6WwONW9JeLhea1 uXMSt4coiqebN953FCb7PQIH40YVV+qNyHF3PxGsqn8UVtD0pTvz8rjuW1WRcEDseU /XJRt4jv7qMqLNR1imnFrhe1VEb8iOP4NOHAdJGI=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.794
X-Spam-Level:
X-Spam-Status: No, score=-2.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qi1MHF7Jj8cB for <tls@mail2.ietf.org>; Wed, 15 Apr 2026 07:40:30 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [67.231.157.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 936ECDCD11BE for <tls@ietf.org>; Wed, 15 Apr 2026 07:38:44 -0700 (PDT)
Received: from pps.filterd (m0122331.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 63F7RtDM836281 for <tls@ietf.org>; Wed, 15 Apr 2026 15:37:44 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h= content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=jan2016.eng; bh=0FAsp888XMVrdOyRX6E0ef ClWCetmQ+PrkphKRooZPM=; b=bB3KQJIeyIkik2H6AdP1ELQjaUoUaP9OrE4C8A M9EjDVXazUEdMm9fyUNRdaI0tUXm1P8iMExLgbRj8XRROxsXPCK/1Rl26qjswhqK ycQ8kuO6EYgX6qayHA+9BHoXA3a4p0xmqPe0ojqIVqE41mlMbidRLatDeg3zXUMI TBi31+Fxh8PNIxHy0Lcuzsdppgy0tBR1eHLfob1Wml8wk55gf2JFqs8IhRvvZjsA UpW0kaX9CwUIT459JRiQLJelqtUWGhKLuHCWXX4DsGJKKWGre/PGdHz5WKV0l3h6 4jTPD7tOw/7R3bqMRGAyMIZuYIjLQcKD4D6u6rx3f1u1FL3w==
Received: from prod-mail-ppoint1 (prod-mail-ppoint1.akamai.com [184.51.33.18]) by mx0b-00190b01.pphosted.com (PPS) with ESMTPS id 4dfedq9fam-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Wed, 15 Apr 2026 15:37:43 +0100 (BST)
Received: from pps.filterd (prod-mail-ppoint1.akamai.com [127.0.0.1]) by prod-mail-ppoint1.akamai.com (8.18.1.7/8.18.1.7) with ESMTP id 63FEQZd5004684 for <tls@ietf.org>; Wed, 15 Apr 2026 10:37:43 -0400
Received: from email.msg.corp.akamai.com ([172.27.91.41]) by prod-mail-ppoint1.akamai.com (PPS) with ESMTPS id 4dj2x52k21-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Wed, 15 Apr 2026 10:37:42 -0400 (EDT)
Received: from usma1ex-dag4mb7.msg.corp.akamai.com (172.27.91.26) by usma1ex-dag5mb2.msg.corp.akamai.com (172.27.91.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Wed, 15 Apr 2026 07:37:42 -0700
Received: from usma1ex-exedge1.msg.corp.akamai.com (172.27.91.34) by usma1ex-dag4mb7.msg.corp.akamai.com (172.27.91.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Wed, 15 Apr 2026 10:37:41 -0400
Received: from SN1PR07CU001.outbound.protection.outlook.com (184.51.33.212) by usma1ex-exedge1.msg.corp.akamai.com (172.27.91.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.37 via Frontend Transport; Wed, 15 Apr 2026 10:37:41 -0400
Received: from MN2PR17MB4031.namprd17.prod.outlook.com (2603:10b6:208:200::22) by DS0PR17MB7558.namprd17.prod.outlook.com (2603:10b6:8:316::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.48; Wed, 15 Apr 2026 14:37:40 +0000
Received: from MN2PR17MB4031.namprd17.prod.outlook.com ([fe80::4b85:d514:5021:bba7]) by MN2PR17MB4031.namprd17.prod.outlook.com ([fe80::4b85:d514:5021:bba7%3]) with mapi id 15.20.9769.046; Wed, 15 Apr 2026 14:37:40 +0000
From: "Salz, Rich" <rsalz@akamai.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Re: Composite ML-DSA
Thread-Index: AQHczJtK9bJHtlYY5kGi1NWwhM0p9rXgEamAgAAURniAAAaSAIAAA6u7
Date: Wed, 15 Apr 2026 14:37:40 +0000
Message-ID: <MN2PR17MB40317F72E2F0E49EF11377BECD222@MN2PR17MB4031.namprd17.prod.outlook.com>
References: <DS4PPFA08475C7DBE27468E40C672197481C1242@DS4PPFA08475C7D.namprd11.prod.outlook.com> <LV0PR21MB6623B48B1F3A05D745F5A79D8C242@LV0PR21MB6623.namprd21.prod.outlook.com> <ad0svakv_WUM3btz@chardros.imrryr.org> <CAF8qwaBU_YHWX2MsWeeaOJ8sutR1wMozvbiTJF5kyvTE8YjWWA@mail.gmail.com> <CACsn0c=GDta824UF7uJ3nw_4U_rT=XhYOGHRemMWa+2AdbsiAg@mail.gmail.com> <3a16c7c4-345e-48ce-af70-a3bf503c8caf@app.fastmail.com> <CACf5n7_0hdeHJXXucva9pb=+pjhcgveHRpjA8XAcXB3LsYUvaw@mail.gmail.com> <CAFpG3gcC+UfO7E=ADGhwr2En5PwipZiq_r6_RdqvmT-5nnh2jw@mail.gmail.com> <d69ba150-0257-4e64-9abb-9229d03a03a6@app.fastmail.com> <87a4v42urw.fsf@josefsson.org> <ad-ebC8qSVHEgKcW@chardros.imrryr.org>
In-Reply-To: <ad-ebC8qSVHEgKcW@chardros.imrryr.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR17MB4031:EE_|DS0PR17MB7558:EE_
x-ms-office365-filtering-correlation-id: 613a8a5b-c05d-4b6e-7641-08de9afc8bd5
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|10070799003|38070700021|8096899003|22082099003|18002099003|56012099003;
x-microsoft-antispam-message-info: wjejEmNuBsYT4uQ47+nmsm4xNvcxtYkOJmmdr8rE01u0pAmIUZ5BMw68TxHEHUq6TQegJ3HuX1d0yJdXb8kXjgBweahlIYZxPs+DoSPzqW5Y3lWpnwo0ngLIZPxMy29O8PXc+XZYVJ+QprDSFJ/L5AvHFOQ1GpQkfBQeSZE8O93PxD2VFnJIxMGraB57ZzoA0LXBZEDSq4+a4qDawcCm70a0d5nJvHLWOs0Z23ueZfjsofwIY7SxXqSIf7keasolPqq6le0c0dWRuvSttQ1+dTm5lkWENk/ylQeFBzH1LeVoeS2Rh6uRTRKfWWAlECubk6oQ81+HoWTs/ROqd7YpI2UzOEhPf+DUrEU7oMR9Zxdh/KPi1nnoa12Ff47INgsaUTlwVwqlMiqOq93Nx90w3dIZuKI7BRa/Zo5ljVQSskg2K8VbaMqWJk2YfSwxHaHVkMjp6jp31xLQcRjL92wO12AFYTxx0oUjXHt0yRGbgDw/OgkootPmGiQLY9mPKAFYDYFyZqzyBJmGRx4lhV2FATsWAyi8+vmJmDqq9LS7mQpmSYR0fzDPAr0HOjZ0SuB6JfW2fmxxnxdXNJo3uD2REqoWH1SPHM1Y5Zv/cJRjsQpAK2wa9Dj+RZ/DL4Z29M99o5rSZtiZOwHhHjEEDMmI2TbzmJCB5QYObDU73oMf+n5bQuo8voHq/JNmTYvAsto1jfVHb2DdK2PeAT4NEaUzWtdTVgNyavITAFy7nlZMAmOrL8/uA/FzZAeIe4rkDT9TT9bFaMxQTPry01orAqELYu7OZaiGQNUnbjieKY9xATw=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR17MB4031.namprd17.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(10070799003)(38070700021)(8096899003)(22082099003)(18002099003)(56012099003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: B9xcZfXS6OQRQuegsEcdK6hgeOXL1NP4SzgSweWkP024rXPhHVoINjvKCGEtd+C0m2RRP0SNuxuHE3Zlixok54RM2aDp2BtMN43pW31RQNStnVVuSjK5mPvmODzw9rEyiXZ696SI5iNBTUZox7MPFJiOkB0ioZfkRBckeWfUw8W0GMguR3KaYBrsrfiogv5Z83h3ZkPqV1gSWblk7yGRxgF1PBr6xm8ZwZmswzlDARgCL8QcvdmkaB18zV1nhnw+ryG++CUT+kg+3kL+7fBsjTlVtxihtkFXYwmQVsI2tskjLcQzOndpstVXpPj8A3HdsMWWUw46QIgJ+9yljsWXKE6AdwD/Il4VtSB4Yus5ivIRW/Tc5x78FIWS0TBP6AT83dWDe67TqtPSo0wo4tRevHaSQ8k6cVLRoNUk8BJ3MR74QRMIyxhXmlaQD1bFSP0qiMWDgIJD0zYWP8vHRV+f5dGXzNH1GARKSKJ2DV8d4m3cGhY5snEbNiZli0rt4Nu6fek/HZzFjZ+1idzULXJT/1DtBvqkqTO/AlSavSXLC6ycfdsyLxgpnZNvbfWG/LPAO1RN1b8lZNwgxMq6NLWezLZRecG6USmvM4SZlseedCsKIZRDbpPWPMzwKzs2vJIQCtzjPNoh5YYRsvdeK0tlMbkY+MGBZESdQBlLywAoYKW7RCqyXAVxMsi4UqyaHrI1htszWtxQpRsn+xYxSRugIwrj4Nh9pv9jJlBGaIM9kT1TUv5jU9einavAxoP0TOnfMWCpflieio3kQuzK0IkYyiMcrlnyOHJcFEi5CvYdx4ZsTmJUT3jbOo9dbeqUoxi6tlefjFf3O1rBlT3OJk7P0JQdN7G4Si2bvBA3Cpyd+xY5s9U3xIywGxfsDks5bqXiT/8uK49Z8tGS5R+hEOhOBomk3JEdLPJjXtfqEp9cpvCg+FiWv1jge9Ro4MQLx+BA1owVCIpp1gMQ2ygcmPlY9DcCs8P1BC6Y+4O/qUGLfjPzkADrvNZHhN8q5dEslDDeuClgrE7NcmDwm7BOcLkCtlBtsnYiVlgLBph87l3hq1cM2W5HMdso9vXy+NhuqmuZ0Rga/pp84gWggh4E8ZNvXxn0xJh9UQQ/wezvRxDJteKdpj21b1ZHA3G0/hWGGgzI6m35L3Kh1LFbw3n6EhnwAwUZwWN+I5fUqCcMai1RkB6w7A5PwXxal8C9vyQk/BJYAv6kpEysUzuXPcGSFv9nJzgG2o+znu/ZRZUOC8bfuWwLHvLNXYpFLlofh6E/zsYPzbDFijRvoEaGL7RH5p+xJBd42bLapzNL636dxUkTNy2wmmDtVpJUNq8r0taICK/uKYWOFYadALaVdg0JJwQPnyM8w7OwQETOtQGHZzMo3RaFJsHtyc3ml6J2Fuay7g/aOpk0t0Cs16+liqYXgK4Z0uvHeuSsUpXCnT7f/hV2iT7GfKwHSRyCTYvFhPpNstFzkEkMh69Hro6RBmVOnsn4dbCz3u/mQSE8qB588ronV8nvRPqDVK3TpsOPYawwGFQv0nCVewWOtBX0v1DVmb44U6E/GGNEyOXgc9jNkeOktezPnRrbb47e7fEoIXcBf43DD1b9mZ7ZCGpZxMdQeqPyVsmez73YUz+4bVddhz3mtqPIGju50VmwKPL8GKVxFGzGJyien5VsLZxSDpsCsn65pA3PtrhZKfe74ctUcbEdev/c6O6FtsUK8HxPU9be+vEKNwKJEQBCxhB8uFU6Nop7I4pY5JDU5xbo3D4JokR7AFLnXrZqfsNVDuyrqe/JkJU0i/E0o8FB
x-ms-exchange-antispam-messagedata-1: JrFQOhKoncQwCg==
arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KqF4S/DD1s+scrRLGaFDGaXJUs5dDU/lhV4b5amvy9JH6uGklg3YMpWnLCy8MEVzqzW8FU2/dG5GCvIzgp120I4dK2cvENtk3IAmtdnwsupMbzNBGsrF70xoms4R3waY5dMlCf8iMwbTEVEkCNTMAk48fhLeoL7dY1OBwns2HLuw1hJi9SpEF2PphGnYf4vgqZWa+/1xWEtXZw8PBSfrKT1CDdJrUggYob5kTSLvIT83k9foMyUxjthYX0/f0zSy5eD9F+9yMUX6YBnsRMVg9nwf16oUDrqAtRF00nbX5wy4A0kK9tRVX8j48R8i6ewscCpd8+7GSjcWwzA9IMZnxg==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=drHWggPjxjBsom1SZy6UOAPETczxuM0SnEwuCT2FPUs=; b=N3FYFFis/Fqb11pzWMP/kkwXMFek6GIMraNvQmKzn7i2WNwbGoQbnaEWTujETTETi2jRt81MrLB7wCS+aqIhzfsuOiBQ2Biwq4aR+3OvfEe+UbI+6bUi30bvClkIA5aJh03IfS7BDxGEbe+27tzTbXQ/uPgSavpzURqEYvO/MzrHBx/pfc8Kvl/LXRVNZnqMgMNMLE8YC3gpBoq54CCrRiH+pj6Hnzds4sk+TgtfygUwgVxIv/Ihl5xhEfa+KZZtgQzz2wdOjXRgnhXj5nSqDT6NY2kXk+mwP3P+Q4KrQIsPOnT4yYRz4IMQcUVkrS0bWu9yP0KK90YuLvoiIcug7w==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=akamai.com; dmarc=pass action=none header.from=akamai.com; dkim=pass header.d=akamai.com; arc=none
x-exchange-routingpolicychecked: PKuwvmoBhQpCrrjbNt1zB9zYUPJV4CN5FM1adzABH/HkJc0Lwr74es1J3BDSz1AMA2hBMgYldT2tSTWBG7asvXe1oPPxRlNulpdaLonr51nPb9Uzihpb7yXGSNdaYzUxlmK+nLqt5/Eeff23M87tgeKSlFGm6TCEYN26zERJ/1SGy+Y69KAwsl2DaZygL9pIHS2LWgvnPwEOJhDsbR+PFFEvILJCphqsW8G8lGdGVQ+D2W9IvsJ8bkfF6ytm7nRQeUV7plhBIQ1QwS9HUFraBfVjPlakh6AUp5OVJAw5uhD6Dxh6CnKvfBaL0wLOGheNJIdPeEIdIzHAls9unoRhhw==
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR17MB4031.namprd17.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 613a8a5b-c05d-4b6e-7641-08de9afc8bd5
x-ms-exchange-crosstenant-originalarrivaltime: 15 Apr 2026 14:37:40.1166 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 514876bd-5965-4b40-b0c8-e336cf72c743
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: izj64oZAOdDurNLPcwrBbdqmhofETet+3kTHlOjtxecwQdq9U0kQeTrwHGt4PNsc1V3JiUXTYrY3hmkkdAI5qw==
x-ms-exchange-transport-crosstenantheadersstamped: DS0PR17MB7558
Content-Type: multipart/alternative; boundary="_000_MN2PR17MB40317F72E2F0E49EF11377BECD222MN2PR17MB4031namp_"
MIME-Version: 1.0
X-OriginatorOrg: akamai.com
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-04-15_01,2026-04-13_04,2025-10-01_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 malwarescore=0 mlxscore=0 lowpriorityscore=0 phishscore=0 suspectscore=0 mlxlogscore=605 spamscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2604070000 definitions=main-2604150134
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNDE1MDEzNiBTYWx0ZWRfX/+Q2+oDVduNN h9KKDyyhmDgBTm33fDztaGV86LXnkG0Hhs5kl45O9Pda9kDwDVu0BSMVLRfxkJ0djW+B2Tw38ZL d19AaYeZFYLyyzNAcNULfKffg8Q66On4Kx92TvI4TysymEBz7hffqvPpT7xxCm3UE79DE8W85DB gyYH5punjVhEdWVDkKo1qdZ8E7DY14uNIm9KRpkW3EBcsMjqDEvPRy6F3lwJanmoR4RPp1ge6H4 Dl37pgFQFdi8RAdD4YsZU10WByGswJOeS22sUKsgcSWQ2bhZogDI9aNXewITV917N6xKxiWUEnn 3TK+RnoeTXz3cpmcIPZfwoBR4kJ8RHaLJQvchP1AwHBOWtbuSXLm78UX+6QdrGtSlUO4vWZeyRu Hgiro/YrNlceT4BbtQug2bCx0AyRYw5rg/YpVjMVdF7SSkYgJQOV+r1x7tsLhoDcZxVVQ7e71EB ZEQWIkIyDLTwHpid62A==
X-Authority-Analysis: v=2.4 cv=KLJqylFo c=1 sm=1 tr=0 ts=69dfa2b7 cx=c_pps a=StLZT/nZ0R8Xs+spdojYmg==:117 a=StLZT/nZ0R8Xs+spdojYmg==:17 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=A5OVakUREuEA:10 a=VkNPw1HP01LnGYTKEx00:22 a=Ifg-1AOnLHOf1gn6spyb:22 a=VcQvXEo1OZcA_IiPcy3B:22 a=iI10h-CzvPE6X-kngH0A:9 a=pILNOxqGKmIA:10 a=1hxq9BbaR1o6bAkv:21 a=_W_S_7VecoQA:10
X-Proofpoint-GUID: Z6Yv7kIfDqAQYFAaNd0KuyHAuPGXto9r
X-Proofpoint-ORIG-GUID: Z6Yv7kIfDqAQYFAaNd0KuyHAuPGXto9r
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-04-15_01,2026-04-13_04,2025-10-01_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 clxscore=1015 priorityscore=1501 suspectscore=0 adultscore=0 lowpriorityscore=0 phishscore=0 bulkscore=0 impostorscore=0 spamscore=0 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2604070000 definitions=main-2604150136
Message-ID-Hash: QIP5KUWQPHASBDF7HPHUHFU57GZ26RIM
X-Message-ID-Hash: QIP5KUWQPHASBDF7HPHUHFU57GZ26RIM
X-MailFrom: rsalz@akamai.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Composite ML-DSA
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/6CuosVK9NJzNpRgvgT10PDcPYVM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

I am also opposed to composite signatures for TLS. I don’t see a need that justifies the enormous API complications that would ensue. And, frankly, much more likely to have implementation bugs for the first couple of years.

One correction tho:

> and no mainstream CA issues PQC certificates for TLS

Digicert runs the ANSI X.9 PQ PKI which is based on ML-DSA and several banks are in prototype phase, with a goal of moving to production next year. Other verticals, healthcare and hospitality are apparently also looking at this PKI.  Yes, it’s not the WebPKI, but Digicert is a mainstream CA :)

v2.40.4 | Report a Bug | By Email | System Status