+1 to Tim - tell the reader explicitly that they will only ever get PQC w/ TLS 1.3 or higher.
Cheers, - Ira On Thu, Dec 21, 2023, 12:34 PM Tim Hollebeek <tim.hollebeek= [email protected]> wrote: > I personally think this point is important enough to be made explicitly > instead of implicitly. > > > > If we want to communicate loudly and clearly that post-quantum > cryptography is NEVER coming to TLS 1.2, we need to explicitly say that. > > > > Otherwise people will say “I know you said TLS 1.2 was frozen, but > post-quantum cryptography isn’t a feature, it’s a critical security > vulnerability that needs to be patched regardless of any freezes.” > > > > The answer will be and needs to be: “No, we told you clearly and > explicitly that post-quantum cryptography would require moving to TLS 1.3 > or later”. > > > > -Tim > > > > *From:* TLS <[email protected]> *On Behalf Of *Hannes Tschofenig > *Sent:* Monday, December 11, 2023 12:06 PM > *To:* Salz, Rich <[email protected]>; Hannes Tschofenig > <[email protected]>; Bas Westerbaan <bas= > [email protected]>; Deirdre Connolly < > [email protected]> > *Cc:* [email protected] > *Subject:* Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze' > > > > Hi Rich, > > > > that is implied by a "feature freeze". No reason to highlight PQC (even > though it is a hype topic right now). > > > > Ciao > > Hannes > > > > Am 11.12.2023 um 17:18 schrieb Salz, Rich: > > 1. I consider Section 3 "Implications for post-quantum > cryptography" misplaced. I suggest to delete the section > > 2. The motivation for the draft is unrelated to developments with > PQC. > > The point is to explain to people that we are going to need PQ crypto, and > it **will not be a 1.2 enhancement** > > > > > > _______________________________________________ > > TLS mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/tls > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
