The IESG has approved the following document:
- 'Use of ML-DSA in TLS 1.3'
  (draft-ietf-tls-mldsa-05.txt) as Informational RFC

This document is the product of the Transport Layer Security Working Group.

The IESG contact persons are Christopher Inacio and Deb Cooley.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-mldsa/




Technical Summary

   This memo specifies how the post-quantum signature scheme ML-DSA
   (FIPS 204) is used for authentication in TLS 1.3.

Working Group Summary

There is consensus to move this document forward - a ratio of 4:1. The message 
count 
is at ~275 messages. Some of those messages were off topic, there were many 
repeats, 
but a fair number of people expressed their views.

The controversy is related to the status of pure ML-DSA vs composite ML-DSA 
with ECC.  The
opinions included: 
 - we should not publish a pure ML-DSA specification, 
 - we should recommend composites over pure ML-DSA, 
 - we should publish the composite and pure specifications concurrently.

Appeals were both submitted and threatened.  The submitted appeal against 
publication was rejected 
due to a derivative work notice.  Private threats of appeal were made if the 
specification was not published.

IETF Last Call raised two additional opinions:
- improve the clarity of Security Considerations (done)
- publish an external guidance document explaining the issues (obviously out of 
scope)

Document Quality

No special reviews - MIB, Media Type, Yang, etc. are required.

Existing implementations include (but are not limited to):
- OpenSSL
- BoringSSL
- Rustls (via rustls-post-quantum)
- s2n-tls
- WolfSSL
- BouncyCastle
- GnuTLS

Currently, the I-D refers to RFC 8446, -rfc8446bis is currently in AUTH48 and
this document will be updated to refer to -rfc8446bis prior to publication.

Personnel

   The Document Shepherd for this document is Sean Turner. The Responsible
   Area Director is Deb Cooley.

_______________________________________________
IETF-Announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to