Hello, I would like to express my support for getting a codepoint for ML-KEM (the queue was closed quicker than I expected, so didn’t have a chance to do it at the meeting).
The motivation: * First of all the integration is rather straightforward. * MLKEM already got a large amount of research from the crypto community, from a large number of various research groups - theorists, designers, implementers as well as experts in side-channel protection. Deirdre mentioned that schemes were studied for the last 7 years, but it is worth remembering that Kyber is a modification of the LPR cryptosystem, introduced already in 2010. * There is a cost of 2-step migration (to hybrid and then pure PQ), I don’t believe it’s good to force you to pay the cost. Additionally, I think I would also get a codepoint for MLKEM-512. -- Kris Kwiatkowski Cryptography Dev _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls