Mohamed Boucadair has entered the following ballot position for draft-ietf-tls-ecdhe-mlkem-03: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Hi Kris, Panos, Bas, and Douglas, Thank you for the effort put into this specification. I have a straightforward discussion point: # [hybrid] This is needed to assess the security analysis in the spec per the following: CURRENT: The same security considerations as those described in [hybrid] apply to the approach used by this document. .. All groups defined in this document use and generate fixed-length public keys, ciphertexts, and shared secrets, which complies with the requirements described in Section 6 of [hybrid]. I think we need to list [hybrid] as normative. Please note that this may require adding [hybrid] as a downref. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # I wonder whether we need to remind the implications on the message size (e.g., a pointer to Section 4 of draft-ietf-tls-hybrid-design). As a side note, how current servers/middleboxes handle ClientHello that don’t fit in a single packet that might be observed if these groups are used? Are there any operational issues to take into account here? Cheers, Med _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
