Another regulatory reference, in case it helps: Canada: Cryptographic algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B information - ITSP.40.111 - Canadian Centre for Cyber Security<https://www.cyber.gc.ca/en/guidance/cryptographic-algorithms-unclassified-protected-protected-b-information-itsp40111>
________________________________ From: Ben Schwartz <[email protected]> Sent: Thursday, February 12, 2026 11:45 AM To: Andrei Popov <[email protected]>; Joseph Salowey <[email protected]>; <[email protected]> <[email protected]> Subject: Re: [EXTERNAL] [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27) Thanks for that reference. CNSA 2.0 seems like an important reference point here, but I don't think it's really a "regulatory framework". Updated text: "Use cases include compliance with policies that require standalone post-quantum key establishment (e.g. [CNSA20]), ..." --Ben Schwartz ________________________________ From: Andrei Popov <[email protected]> Sent: Thursday, February 12, 2026 2:26 PM To: Ben Schwartz <[email protected]>; Joseph Salowey <[email protected]>; <[email protected]> <[email protected]> Subject: Re: [EXTERNAL] [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27) . . . but are there any active or anticipated regulatory frameworks that impose such a requirement? CNSA: https: //datatracker. ietf. org/doc/draft-becker-cnsa2-tls-profile/ Cheers, Andrei From: Ben Schwartz <bemasc=40meta. com@ dmarc. ietf. org> * ...but are there any active or anticipated regulatory frameworks that impose such a requirement? CNSA: https://datatracker.ietf.org/doc/draft-becker-cnsa2-tls-profile/<https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-becker-cnsa2-tls-profile/__;!!Bt8RZUm9aw!6PTLzdFdLSNUl84Z-amiRyhvVmFgJdJLnbEwhFtRA6MF5MaOpgJuU0R3nk0D6zJRW5p2n20yRAP1ZjOPDW-v80kswa0$> Cheers, Andrei ________________________________ From: Ben Schwartz <[email protected]> Sent: Thursday, February 12, 2026 11:23 AM To: Joseph Salowey <[email protected]>; <[email protected]> <[email protected]> Subject: [EXTERNAL] [TLS] Re: WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27) The Motivation section says "Use cases include regulatory frameworks that require standalone post-quantum key establishment". I know this has been discussed ad nauseam, but are there any active or anticipated regulatory frameworks that impose such a requirement? I am not aware of any. If there are regulatory requirements of this kind, I would like to see them included as references for this sentence. Otherwise, this point should be removed. Also, as a clarification, I would like to see the following change to the abstract: Before: "to achieve post-quantum (PQ) key establishment" After: "to provide post-quantum-only (PQ-only) key agreement" (This will not be the first proposed standard for PQ key agreement, but it may be the first for PQ-only.) Finally, the title mentions "Key Agreement", but the text only uses the term "Key Establishment". (RFC 9794 is similarly mixed up.) Perhaps we can settle on one term or the other. --Ben Schwartz ________________________________ From: Joseph Salowey <[email protected]> Sent: Thursday, February 12, 2026 2:05 PM To: <[email protected]> <[email protected]> Subject: [TLS] WG Last Call: draft-ietf-tls-mlkem-05 (Ends 2026-02-27) This message starts the second Working Group Last Call for the pure ML-KEM document (draft-ietf-tls-mlkem-07). The file can be retrieved from: https: //datatracker. ietf. org/doc/draft-ietf-tls-mlkem/ The diff with the previous WGLC draft (-05) This message starts the second Working Group Last Call for the pure ML-KEM document (draft-ietf-tls-mlkem-07). The file can be retrieved from: https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/<https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/__;!!Bt8RZUm9aw!-_8yM4LiMEqSGuZhY9-gAKTLSdNcbFyFvPQR521wj9mcZiDU4GsBuZynatVvc7avWv4fvQdm$> The diff with the previous WGLC draft (-05) is here: https://author-tools.ietf.org/iddiff?url1=draft-ietf-tls-mlkem-05&url2=draft-ietf-tls-mlkem-07&difftype=--html<https://urldefense.com/v3/__https://author-tools.ietf.org/iddiff?url1=draft-ietf-tls-mlkem-05&url2=draft-ietf-tls-mlkem-06&difftype=--html__;!!Bt8RZUm9aw!-_8yM4LiMEqSGuZhY9-gAKTLSdNcbFyFvPQR521wj9mcZiDU4GsBuZynatVvc7avWiBixrEa$> The main focus of this WGLC is to review new text providing more context around the use of pure ML-KEM. For those who indicated they wanted this text, please let us know if the new text satisfies you and if you support publication. This working group last call will end on February 27, 2026. Thank You.
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
