SSLKEYLOGFILE doesn't contain any of the asymmetric keys, but just the computed symmetric keys.
However, because ML-KEM acts like ECDHE as far as TLS 1.3 is concerned, connections protected with ML-KEM or hybrid will also be decryptable via SSLKEYLOGFILE. -Ekr -Ekr On Tue, Apr 15, 2025 at 10:00 AM Sajeev S <[email protected]> wrote: > Hi All, > > What about new PQC algorithms ML-KEM decryption keys ? > > Regards, > Sajeev > > On Tue, Apr 15, 2025 at 9:51 PM The IESG <[email protected]> wrote: > >> >> The IESG has received a request from the Transport Layer Security WG >> (tls) to >> consider the following document: - 'The SSLKEYLOGFILE Format for TLS' >> <draft-ietf-tls-keylogfile-04.txt> as Informational RFC >> >> The IESG plans to make a decision in the next few weeks, and solicits >> final >> comments on this action. Please send substantive comments to the >> [email protected] mailing lists by 2025-05-07. Exceptionally, comments >> may >> be sent to [email protected] instead. In either case, please retain the >> beginning >> of the Subject line to allow automated sorting. >> >> Abstract >> >> >> A format that supports the logging information about the secrets used >> in a TLS connection is described. Recording secrets to a file in >> SSLKEYLOGFILE format allows diagnostic and logging tools that use >> this file to decrypt messages exchanged by TLS endpoints. >> >> >> >> >> The file can be obtained via >> https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/ >> >> >> >> No IPR declarations have been submitted directly on this I-D. >> >> >> >> >> >> _______________________________________________ >> TLS mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
