Hello, To clarify the discussion related to the Canadian document ITSP.40.111, it is just a list of cryptographic algorithms that the Cyber Centre recommends for use. The document is not regulation nor currently referenced in industry regulation to my knowledge.
I will reiterate my support for the publication of this draft, since we do plan to include pure ML-KEM within our TLS guidance from the Cyber Centre. However, I request that ITSP.40.111 is not cited in this draft in a manner that could have it misinterpreted as a regulation/requirement. Best, Keegan Dasilva Barbosa Canadian Centre for Cyber Security On Fri, Feb 20, 2026 at 1:40 PM Blumenthal, Uri - 0553 - MITLL < [email protected]> wrote: > WGLC has happened already. Enough is enough. The fact that some people > being more loud than others, shouldn’t impact the outcome. > > >> I was caught by surprise regarding the advanced nature of this > controversial and likely harmful draft > > > > This simply furthers my point that the discussion in a potential third > WGLC will likely > > mirror that in the first two WGLCs and the adoption call. > > Agree 100%. > > >> and that a clean reset may be beneficial. > > > > There is no "clean reset" available. This WGLC was supposed to be a > reset, and look where we are. > > Yes. > > > Any potential clean reset at this point is just an opportunity to > relitigate previous discussions, > > which is only beneficial to those who disagreed with the previous > outcome. > > Again, completely agree. > > >My objection to doing yet another WGLC has nothing to do with any > individuals, > > and everything to do with running efficient decision processes and > meetings. > > While my objection may have to with both — I think we agree in essence. > WGLC has happened. Some liked the outcome, some didn’t. > > > > On Fri, Feb 20, 2026 at 12:02 PM Nadim Kobeissi <[email protected]> > wrote: > > Dear David, > > > This seems like a tremendous waste of time. The chairs should exclude > from their consensus determination mail from people who are not limiting > their comments to clarifying text and are instead relitigating the same > previously discussed arguments. There is no reason to believe the same > people going off topic now, will not simply go off topic on yet another > WGLC. > > I’m surprised by the aggressive nature of this reaction. This is TLS we’re > talking about; it’s important to do things right, especially when we risk > adopting new functionality that could very well introduce a weaker mode of > operation into the standard that encrypts the Internet. > > Furthermore, there’s no need to make negative assumptions about peoples’ > behavior! > > We’re all on the same team here, and we all want a more secure Internet! > :-) > > I’m a cryptographer who did a bunch of work on TLS 1.3 and even I was > caught by surprise regarding the advanced nature of this controversial and > likely harmful draft. I think when Rich made his suggestion, he was doing > so realizing that communication on this list regarding this particular > topic has become conflated and a bit of a quagmire, and that a clean reset > may be beneficial. > > Given the importance of this discussion’s target, its potential impact, > and the historic nature of the decision, I think it’s important now more > than ever to do things right. Otherwise, the WG opens itself up to > criticism of having rammed this thing through despite a lack of clarity on > consensus, impact and other elements. > > Nadim Kobeissi > Symbolic Software • https://symbolic.software > > On 20 Feb 2026, at 5:43 PM, David Adrian <[email protected]> wrote: > > > I suggest that the current WGLC be scrapped. Wait at least a week for > the traffic to dry up. Then issue a new WGLC with a completely different > subject line and point out that discussions on previous email threads do > not count as part of determining consensus, if you can do that. Run that > WGLC until the doc-cutoff for the IETF meeting, and put it on the agenda > asking folks to not repeat what they’ve already posted. > > This seems like a tremendous waste of time. The chairs should exclude from > their consensus determination mail from people who are not limiting their > comments to clarifying text and are instead relitigating the same > previously discussed arguments. There is no reason to believe the same > people going off topic now, will not simply go off topic on yet another > WGLC. > > On Fri, Feb 20, 2026 at 11:19 AM Nadim Kobeissi <[email protected]> > wrote: > > This seems wise to me, and a bare minimum indeed. > > Nadim Kobeissi > Symbolic Software • https://symbolic.software > > On 20 Feb 2026, at 5:11 PM, Salz, Rich <[email protected]> > wrote: > > > - FWIW, I read that as meaning a fresh WGLC not one limited to the > - diff. And I think it'd be unwise to process this as if it weren't > - as controversial as it clearly is. > > > I agree. > > I suggest that the current WGLC be scrapped. Wait at least a week for the > traffic to dry up. Then issue a new WGLC *with a completely different > subject line *and point out that discussions on previous email threads do > not count as part of determining consensus, if you can do that. Run that > WGLC until the doc-cutoff for the IETF meeting, and put it on the agenda > asking folks to not repeat what they’ve already posted. > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
