> I saw an "and and", which should probably just an "and".

Fixed:
https://github.com/tlswg/draft-ietf-tls-mlkem/commit/7d823d27ef341ee79af3a910e5327ef8ebcfad61

On Wed, Jun 24, 2026 at 12:04 PM Schäfer, Pascal <
[email protected]> wrote:

> I support the publication of this document.
>
> Only one editorial comment beside of the other mentioned editorial
> comments:
> In the abstract I saw an "and and", which should probably just an "and".
>
>
> -----Original Message-----
> From: Joseph Salowey via Datatracker <[email protected]>
> Sent: Mittwoch, 24. Juni 2026 17:00
> To: [email protected]; [email protected]; [email protected]
> Subject: [External] [TLS] WG Last Call: draft-ietf-tls-mlkem-08 (Ends
> 2026-07-08)
>
> WARNING: External email. Be vigilant with links, attachments, and requests.
>
> This message initiates a new Working Group Last Call for
> draft-ietf-tls-mlkem[1], which defines standalone ML-KEM key establishment
> for TLS 1.3. The main question before the working group is: "Should the
> working group publish a document specifying stand alone ML-KEM?". If there
> is rough consensus then we will push to refine and publish the document;
> otherwise, we will stop discussing the draft and not progress it. Please
> respond to this call indicating whether you support publishing a document
> specifying a stand alone ML-KEM. Please refrain from further discussion on
> this topic as most arguments have been discussed multiple times.
>
> Why are we holding this consensus call now?
>
> Significant developments have occurred both within this document and in
> the broader TLS ecosystem to address the concerns raised in the last WGLC.
> Therefore, the third consensus call is warranted. We ask the working group
> to consider document publication in light of these recent changes:
>
> - Promotion of Hybrids in draft-ietf-tls-ecdhe-mlkem: Following a separate
> consensus call, the WG agreed to promote the X25519MLKEM768 hybrid group to
> Recommended: Y in the IANA registry. Consequently, the IANA registry will
> reflect a clear community preference for a hybrid because Recommended: Y
> clearly indicates this while the standalone ML-KEM groups defined in this
> draft remain Recommended: N. The updated security considerations in [1]
> reference the IANA registry to emphasize this preference.
>
> - Key Share Reuse Prohibited in draft-ietf-tls-rfc8446bis: The WG recently
> reached consensus to explicitly prohibit key share reuse across connections
> in TLS 1.3. The new text changes the guidance from SHOULD NOT to a strict
> MUST NOT. This resolves the concerns regarding static key reuse and its
> associated privacy and forward-secrecy risks for ML-KEM.
>
> - Nadim updated the ProVerif model of TLS 1.3 to evaluate KEM and hybrid
> KEM groups in TLS 1.3. This supports other results which show that KEMs are
> secure when used in TLS 1.3 and that hybrid groups are secure even if one
> of the components is compromised.
>
> - Liaisons: We received liaison statements from multiple SDOs including
> O-RAN[2], IEEE 802.11[4] and from 3GPP[3]  expressing support for the
> publication of draft-ietf-tls-mlkem as an RFC as they rely on the IETF to
> provide a stable normative reference.
>
> Please note that a third-party IPR disclosure exists [5] against this
> document regarding patents related to the underlying ML-KEM algorithm. This
> IPR declaration has not changed since the last WGLC. As a reminder, per BCP
> 79, the IETF takes no stance on the validity of patent claims, and the
> working group may decide to proceed with a technology despite IPR
> disclosures if it decides that such use is warranted.
>
> Conduct Reminder: Given the heated nature of previous discussions on this
> topic, participants are strongly reminded to adhere to the IETF Code of
> Conduct (BCP 54) and the TLS WG's Mail List Procedures. Keep feedback
> professional, technical, and focused on the document's text.
>
> This working group last call will end on 2026-07-08.
>
> Joe and Sean
>
> [1]
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7Xp19ojzQ$
> [2]
> https://urldefense.com/v3/__https://datatracker.ietf.org/liaison/2198/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7UVzVFYJQ$
> [3]
> https://urldefense.com/v3/__https://datatracker.ietf.org/liaison/2151/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7V-27j4vg$
> [4]
> https://urldefense.com/v3/__https://datatracker.ietf.org/liaison/2148/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7VaUHPDRw$
> [5]
> https://urldefense.com/v3/__https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-tls-mlkem__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7XeMmnQZw$
>
> _______________________________________________
> TLS mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
>
> ________________________________
>
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise confidential information. If you have
> received it in error, please notify the sender immediately and delete the
> original. Any other use of the e-mail by you is prohibited. Where allowed
> by local law, electronic communications with Accenture and its affiliates,
> including e-mail and instant messaging (including content), may be scanned
> by our systems for the purposes of information security, AI-powered support
> capabilities, and assessment of internal compliance with Accenture policy.
> Your privacy is important to us. Accenture uses your personal data only in
> compliance with data protection laws. For further information on how
> Accenture processes your personal data, please see our privacy statement at
> https://www.accenture.com/us-en/privacy-policy.
>
> ______________________________________________________________________________________
>
> www.accenture.com
>
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to