I strongly agree with Fabiana's message, and think that Uri's message is flawed in that it completely ignores the security benefits of compositional security guarantees, which have been amply discussed over and over on this list.
On Wed, Feb 25, 2026, at 6:10 PM, Blumenthal, Uri - 0553 - MITLL wrote: > Because the common good sense says that the assurance of the ‘“old” good > crypto’ is over, which is the whole point of this exercise. > > When your data has a long life - only PQ part matters, otherwise it’s just > whether it will be compromised even sooner. When your data is short-lived - > you don’t need the PQ part, and may not care if it’s present, weak, or > whatever. > — > Regards, > Uri > > Secure Resilient Systems and Technologies > MIT Lincoln Laboratory > >> On Feb 25, 2026, at 11:50, DA PIEVE Fabiana >> <[email protected]> wrote: >> >> In my personal capacity, I have to say that in all this discussion it is not >> clear to me yet the main issue - the reason why we would go for a path that >> is not based on a common good sense, by removing the assurance of security >> given by “old” >> ZjQcmQRYFpfptBannerStart >> This Message Is From an External Sender >> This message came from outside the Laboratory. >> >> ZjQcmQRYFpfptBannerEnd >> In my personal capacity, I have to say that in all this discussion it is not >> clear to me yet the main issue - the reason why we would go for a path that >> is not based on a common good sense, by removing the assurance of security >> given by “old” good crypto. This adds up to the fact that the cost of >> keeping it is actually cheap, and to the fact that an outstanding work has >> been done already to deploy hybrid ML-KEM in TLS. Hybrid ML-KEM is such a >> cheap way to reduce risks. So, overall, I still cannot crystallize in my >> head what is the advantage in security and costs in throwing away ECC and >> how to reconcile this with what is pushed in my own part of the world. Not >> sure what would be the advantage in fragmenting things now. I would like to >> invite all EU researchers or anyway all those with whom I am contact to >> write to me to help me increasing my understanding of the exceptional need >> for all this, and eventually share their technical concerns, to see if they >> overlap with mine, in case you would have time and you would be willing to >> do so. I thank everybody here for the discussion. >> >> *Fabiana Da Pieve* >> Program Manager >> >> >> <image001.gif> >> >> >> >> *European Commission* >> DG Communications Networks, Content and Technology >> Unit C4 – Emerging & Disruptive Technologies >> >> _______________________________________________ >> TLS mailing list -- [email protected] >> To unsubscribe send an email to [email protected] > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > *Attachments:* > • smime.p7s Nadim Kobeissi Symbolic Software • https://symbolic.software
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
