On Sun, Nov 30, 2025 at 5:08 AM Muhammad Usama Sardar < [email protected]> wrote:
> Super naive question: how critical is this "application profile standard" > discussion for MLKEM draft? IMHO, if it is orthogonal enough, maybe we can > move it over to a separate thread? > As best I can tell, not at all. -Ekr > On 30.11.25 09:57, John Mattsson wrote: > > If you interpret the word “standard” as defined in United Nations > A-HRC-53-42, > > "The term “standard” refers to an agreed norm defining a way of doing > something in a repeatable manner." > > Is this how most people in the IETF interpret this term? I don't think so > and the argument of mixing and matching definitions from outside applies > here as well. IMHO, we should attempt for complete definitions of our own, > rather than letting people import their desired definitions or > interpretations from outside. > > Besides, in my naive understanding (sincere apologies again if I am > missing/misunderstanding something), D. J. Bernstein's concern seems to be > on the word "profile", rather than "standard". > > In general, I think we agree that there is an ambiguity in "application > profile standard", and things are left over to interpretation, which is > leading to misunderstandings. > > IMHO, a collaborative way to solve this is to perhaps write a > clarification document addressing D. J. Bernstein's concerns. I would > assume that would need some lengthy debates. Perhaps that is too late to > make RFC8446bis wait for it to resolve? Hence, a proposal for a small new > draft. > > -Usama > > PS: While I am mostly in agreement with Ekr and John (except for the above > UN interpretation), having seen the notice of moderation of D. J. > Bernstein's posts and to be fair with him, personally I will not post on > this topic any further until one of his posts land in the mailing list to > give him equal opportunity to clarify/defend his perspective/position. > > PPS: I am not super invested in this topic in the long term. This is > probably not something I can formally prove to be correct or wrong. It is > most likely just a matter of definition: one can define it one way or the > other, leading to very different results. Nevertheless, I do believe it's > important to resolve for us to peacefully work towards the shared goal of > securing TLS rather than having to deal with appeals. So if that helps, I > am volunteering to initiate a draft to try to resolve any misunderstandings > and at some point in time, shift the draft over to one of you to move it > forward. >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
