Hi all,I'd like to thank everyone who has given feedback on -06, which has helped make the draft more precise. In particular, I thank Ekr and David for the detailed feedback.
In general, ISTM that there were some misunderstandings of the FATT process, or the aspects of the real execution. I have tried to clarify it in -07.
In my understanding, /all/ the comments have been addressed in this version. If I have misunderstood something or you feel that it has not been addressed, please accept my apologies and let me know in more detail and more explicitly with reference to section numbers in this version.
# *Main changes*
Main changes are in:
1. Contacting FATT
* (NEW) Failure of current process: Sec. 3.2.1
* Solutions
o Mailing list: Sec. 4.1.1
o (NEW) "Lead FATT Person" for contact: Sec. 4.1.2
o (NEW) Students/researchers of FATT: Sec. 4.1.3
2. ML-KEM: FATT review (Sec. 3.3 and 4.2)
* Expected learning: Sec. 4.2.1
# *Feedback on #1 and #2*
To keep discussions organized, I'd request:
For discussion of #1, preferably please use the sub-thread: [0]
For discussion of #2, preferably please use the sub-thread: [1]
I would appreciate the WG's focus on these two specific points, and lead
them to some conclusion before jumping to other topics.
It's perfectly fine to be opposed but it would be helpful to mention the section numbers in your feedback for me to understand what you are opposed to -- and if possible why. Without knowing the latter, I probably can't do much.
# *FATT Review*I've requested chairs to get feedback of FATT. So you don't need to worry too much about their time etc. Please just focus your feedback on your own concerns.
# *General Feedback*If you prefer to give general feedback on the draft unrelated to #1 and #2, you are welcome to submit it in this thread. To keep process streamlined, I'll likely address it after #1 and #2.
# *Plans for ML-KEM*I'm planning to write a dedicated draft on the potential risks of standalone ML-KEM in TLS.
Thank you in advance for the feedback, and for your contributions in keeping the TLS formally and cryptographically secure.
Best regards, -Usama [0] https://mailarchive.ietf.org/arch/msg/tls/yWSZfeVE82xvtL3kPiGXEpsfUMU/ [1] https://mailarchive.ietf.org/arch/msg/tls/7lj6fYAweMBwNMxFerNl7xhY0pk/ -------- Forwarded Message --------Subject: New Version Notification for draft-usama-tls-fatt-extension-07.txt
Date: Sat, 02 May 2026 13:41:39 -0700 From: [email protected]To: Muhammad Sardar <[email protected]>, Muhammad Usama Sardar <[email protected]>
A new version of Internet-Draft draft-usama-tls-fatt-extension-07.txt has been
successfully submitted by Muhammad Usama Sardar and posted to the IETF repository. Name: draft-usama-tls-fatt-extension Revision: 07 Title: Extensions to TLS FATT Process Date: 2026-05-02 Group: Individual Submission Pages: 20 URL: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-07.txt Status: https://datatracker.ietf.org/doc/draft-usama-tls-fatt-extension/ HTML: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-07.htmlHTMLized: https://datatracker.ietf.org/doc/html/draft-usama-tls-fatt-extension Diff: https://author-tools.ietf.org/iddiff?url2=draft-usama-tls-fatt-extension-07
Abstract: This document applies only to non-trivial extensions of TLS, which require formal analysis. It proposes the authors specify a threat model and informal security goals in the Security Considerations section, as well as motivation and a protocol diagram in the draft. We also briefly present a few pain points of the team doing the formal analysis which -- we believe -- require refining the process: * Provide protection against FATT-bypass by other TLS-related WGs * Contacting FATT * ML-KEM * Understanding the opposing goals * Response within reasonable time frame The IETF Secretariat
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
