My opinion of this document remains largely unchanged: I do not think it is a good basis for contemplating revisions to the FATT process. I also don't think it's a good use of energy -- either yours or the WG's -- to continue to debate and/or refine specific points in this document at this time.
As David Benjamin said earlier, It's possible that a much skinnier document that was *just* about refining the process of WG communication with the FATT would be worth pursuing, but I'd first want to see some significant enthusiasm from other WG members and especially existing FATT members. -Ekr On Sat, May 2, 2026 at 2:58 PM Muhammad Usama Sardar < [email protected]> wrote: > Hi all, > > I'd like to thank everyone who has given feedback on -06, which has helped > make the draft more precise. In particular, I thank Ekr and David for the > detailed feedback. > > In general, ISTM that there were some misunderstandings of the FATT > process, or the aspects of the real execution. I have tried to clarify it > in -07. > > In my understanding, *all* the comments have been addressed in this > version. If I have misunderstood something or you feel that it has not been > addressed, please accept my apologies and let me know in more detail and > more explicitly with reference to section numbers in this version. > > # *Main changes* > > Main changes are in: > > 1. Contacting FATT > - (NEW) Failure of current process: Sec. 3.2.1 > - Solutions > - Mailing list: Sec. 4.1.1 > - (NEW) "Lead FATT Person" for contact: Sec. 4.1.2 > - (NEW) Students/researchers of FATT: Sec. 4.1.3 > 2. ML-KEM: FATT review (Sec. 3.3 and 4.2) > - Expected learning: Sec. 4.2.1 > > # *Feedback on #1 and #2* > > To keep discussions organized, I'd request: > > For discussion of #1, preferably please use the sub-thread: [0] > > For discussion of #2, preferably please use the sub-thread: [1] > > I would appreciate the WG's focus on these two specific points, and lead > them to some conclusion before jumping to other topics. > > It's perfectly fine to be opposed but it would be helpful to mention the > section numbers in your feedback for me to understand what you are opposed > to -- and if possible why. Without knowing the latter, I probably can't do > much. > > # *FATT Review* > I've requested chairs to get feedback of FATT. So you don't need to worry > too much about their time etc. Please just focus your feedback on your own > concerns. > > # *General Feedback* > If you prefer to give general feedback on the draft unrelated to #1 and > #2, you are welcome to submit it in this thread. To keep process > streamlined, I'll likely address it after #1 and #2. > > # *Plans for ML-KEM* > I'm planning to write a dedicated draft on the potential risks of > standalone ML-KEM in TLS. > > Thank you in advance for the feedback, and for your contributions in > keeping the TLS formally and cryptographically secure. > > Best regards, > -Usama > > > [0] https://mailarchive.ietf.org/arch/msg/tls/yWSZfeVE82xvtL3kPiGXEpsfUMU/ > [1] https://mailarchive.ietf.org/arch/msg/tls/7lj6fYAweMBwNMxFerNl7xhY0pk/ > > > -------- Forwarded Message -------- > Subject: New Version Notification for > draft-usama-tls-fatt-extension-07.txt > Date: Sat, 02 May 2026 13:41:39 -0700 > From: [email protected] > To: Muhammad Sardar <[email protected]> > <[email protected]>, Muhammad Usama Sardar > <[email protected]> > <[email protected]> > > A new version of Internet-Draft draft-usama-tls-fatt-extension-07.txt has > been > successfully submitted by Muhammad Usama Sardar and posted to the > IETF repository. > > Name: draft-usama-tls-fatt-extension > Revision: 07 > Title: Extensions to TLS FATT Process > Date: 2026-05-02 > Group: Individual Submission > Pages: 20 > URL: https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-07.txt > Status: https://datatracker.ietf.org/doc/draft-usama-tls-fatt-extension/ > HTML: > https://www.ietf.org/archive/id/draft-usama-tls-fatt-extension-07.html > HTMLized: > https://datatracker.ietf.org/doc/html/draft-usama-tls-fatt-extension > Diff: > https://author-tools.ietf.org/iddiff?url2=draft-usama-tls-fatt-extension-07 > > Abstract: > > This document applies only to non-trivial extensions of TLS, which > require formal analysis. It proposes the authors specify a threat > model and informal security goals in the Security Considerations > section, as well as motivation and a protocol diagram in the draft. > We also briefly present a few pain points of the team doing the > formal analysis which -- we believe -- require refining the process: > > * Provide protection against FATT-bypass by other TLS-related WGs > > * Contacting FATT > > * ML-KEM > > * Understanding the opposing goals > > * Response within reasonable time frame > > > > The IETF Secretariat > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
