Andrew, With my AD hat on:
This is an explicit warning that making accusations about people's motivations is not acceptable on the TLS mailing list (see RFC 7154 section 2). Deb Cooley Sec AD On Fri, Jun 5, 2026 at 1:58 PM Andrew Lee <[email protected]> wrote: > > On Jun 4, 2026, at 1:21 PM, Salz, Rich <[email protected]> > wrote: > > > - we add a statement on preference of hybrids and refer to the paper > in the security considerations of draft-ietf-tls-mlkem. > > We already do that by marking the hybrid as RECOMMENDED=Y and the > pure-ML-KEM as RECOMMENDED=N > > > This happened after a significant amount of time and was deliberately > steered toward the opposite of said result before fury from outside of the > list (the greater internet) helped bring accountability to those who had > hoped for ML-KEM standalone. Interestingly, despite the availability of > scientific methods to identify the best path forward, as proven by Dr. > Kobeissi in this thread, there was no interest in treading this path prior > to making dangerous recommendations to the populace. > > While things turned out for the better in this case, thanks to Dr. > Bernstein and Dr. Kobeissi, and several other members here [1] who were > willing to speak up and go against the “false consensus,” [2] we cannot > rely on a few heroes to protect the global populace in the future. > > It may seem like we achieved a “win” here and even feel at peace and wish > to rest; this is not that time. Let’s not sweep this under the rug. > Consensus is broken in a way that allows bad actors to push questionable > security standards which makes every person in the world vulnerable. > > The IETF’s organization, and procedures therein, needs a serious refactor. > > Examples: > > 1) Consensus was declared by chairs although the overall group consensus > was that consensus hadn’t yet been achieved. > 2) IETF Chairs are participating in Lord of Flies style Piggy character > assassination on social media while pretending to be “unbiased” and > “mature." > > All of this said, the one thing that brings me solace is that it’s now > customary procedure in the IETF to perform verifications on things of this > nature, and any push for adoption, prior to, will absolutely be a signal > for nefarious activity going forward. > > *It would be a strong signal should the WG adopt this new custom as a > standard, go forward, requiring formal/symbolic analysis prior to making > any recommendations.* > > > [1] Thank you as well, Mr. Salz, sir, for all of your work foremost, and > also for your vote toward hybrid. > [2] There were most certainly bad actors [3] who voted for non-hybrid, > while some were likely not paying enough attention or perhaps > misinformed/under-briefed. > [3] People (or paid agents of some kind and from some state) working to > undermine global security. > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
