Thanks, Are there also plans to add X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1MLKEM1024 hybrid key agreements from https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/?
>From what I know Google, Firefox, CloudFlare, and OpenSSL have all implemented the draft, and there may not be many changes to the RFC once it's been published. Sounds like then potentially we're looking at OpenJDK 26 in march next year? Is there a potential that it would be backported and delivered to OpenJDK 25 earlier than that? On Wed, 21 May 2025 at 01:11, Sean Mullan <sean.mul...@oracle.com> wrote: > Hi, > > Thanks for your message and interest in Java Security. > > We are currently working on an implementation of Hybrid Key Exchange in > TLS 1.3 [1]. It will not be in JDK 25 as the release is entering > rampdown phase 1 soon. > > Although we can't commit to a target release at this time, we hope to > deliver it in a timely manner after the RFC has been published. > Potential backports will be determined at a later date. > > --Sean > > [1] https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/ > > > On 5/20/25 4:07 AM, Stian Thorgersen wrote: > > Hi, > > > > I've been trying to find out when OpenJDK will have support for hybrid > > key exchange in TLS 1.3. > > > > I've found the corresponding issue: https://bugs.openjdk.org/browse/ > > JDK-8314323 <https://bugs.openjdk.org/browse/JDK-8314323>, but not able > > to find any information on the status of this work, nor what OpenJDK > > releases it targets. > > > > Is this planned for OpenJDK 25? Are there considerations to back-port to > > older releases? > >
