On Sat, Jun 6, 2026 at 3:16 PM Salz, Rich <[email protected]> wrote:
> On 6/6/26, 5:57 AM, "Nadim Kobeissi" <[email protected]> wrote: > > - Yes, exactly. I believe that Andrew is referring to the fact that > hybrids aren't RECOMMENDED=Y which is silly, and the impetus behind Bas’s > recent effort: > > https://datatracker.ietf.org/doc/draft-westerbaan-tls-keyshare-recommendations/ > > > Andrew should speak for himself, but when I read his message (and when > Dierdre read it, and EKR read it), it seemed like he was making the point > that a bunch of non-IETF folks swarmed the group and “saved” something by > causing ML-KEM to not be RECOMMENDED. This is just wrong. > > If Andrew meant something else, I hope he will clarify. > I was referring to the fact that hybrids were not RECOMMENDED=Y until much later and only after a number of revisions and real efforts including, what some may consider personal and professional risk, mainly from research driven proof from philanthropic members of this list and dissemination and egress of discussions happening, outward! I really appreciate Dr. Bernstein, Dr. Kobeissi, Mr. Sardar, Mr. Westerbaan, Mr. Salz and everyone else who helped get this right. And separately, you're right; the process is working, but it should still be refactored to include research, safety and efficiency.
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
