> I saw an "and and", which should probably just an "and".
Fixed: https://github.com/tlswg/draft-ietf-tls-mlkem/commit/7d823d27ef341ee79af3a910e5327ef8ebcfad61 On Wed, Jun 24, 2026 at 12:04 PM Schäfer, Pascal < [email protected]> wrote: > I support the publication of this document. > > Only one editorial comment beside of the other mentioned editorial > comments: > In the abstract I saw an "and and", which should probably just an "and". > > > -----Original Message----- > From: Joseph Salowey via Datatracker <[email protected]> > Sent: Mittwoch, 24. Juni 2026 17:00 > To: [email protected]; [email protected]; [email protected] > Subject: [External] [TLS] WG Last Call: draft-ietf-tls-mlkem-08 (Ends > 2026-07-08) > > WARNING: External email. Be vigilant with links, attachments, and requests. > > This message initiates a new Working Group Last Call for > draft-ietf-tls-mlkem[1], which defines standalone ML-KEM key establishment > for TLS 1.3. The main question before the working group is: "Should the > working group publish a document specifying stand alone ML-KEM?". If there > is rough consensus then we will push to refine and publish the document; > otherwise, we will stop discussing the draft and not progress it. Please > respond to this call indicating whether you support publishing a document > specifying a stand alone ML-KEM. Please refrain from further discussion on > this topic as most arguments have been discussed multiple times. > > Why are we holding this consensus call now? > > Significant developments have occurred both within this document and in > the broader TLS ecosystem to address the concerns raised in the last WGLC. > Therefore, the third consensus call is warranted. We ask the working group > to consider document publication in light of these recent changes: > > - Promotion of Hybrids in draft-ietf-tls-ecdhe-mlkem: Following a separate > consensus call, the WG agreed to promote the X25519MLKEM768 hybrid group to > Recommended: Y in the IANA registry. Consequently, the IANA registry will > reflect a clear community preference for a hybrid because Recommended: Y > clearly indicates this while the standalone ML-KEM groups defined in this > draft remain Recommended: N. The updated security considerations in [1] > reference the IANA registry to emphasize this preference. > > - Key Share Reuse Prohibited in draft-ietf-tls-rfc8446bis: The WG recently > reached consensus to explicitly prohibit key share reuse across connections > in TLS 1.3. The new text changes the guidance from SHOULD NOT to a strict > MUST NOT. This resolves the concerns regarding static key reuse and its > associated privacy and forward-secrecy risks for ML-KEM. > > - Nadim updated the ProVerif model of TLS 1.3 to evaluate KEM and hybrid > KEM groups in TLS 1.3. This supports other results which show that KEMs are > secure when used in TLS 1.3 and that hybrid groups are secure even if one > of the components is compromised. > > - Liaisons: We received liaison statements from multiple SDOs including > O-RAN[2], IEEE 802.11[4] and from 3GPP[3] expressing support for the > publication of draft-ietf-tls-mlkem as an RFC as they rely on the IETF to > provide a stable normative reference. > > Please note that a third-party IPR disclosure exists [5] against this > document regarding patents related to the underlying ML-KEM algorithm. This > IPR declaration has not changed since the last WGLC. As a reminder, per BCP > 79, the IETF takes no stance on the validity of patent claims, and the > working group may decide to proceed with a technology despite IPR > disclosures if it decides that such use is warranted. > > Conduct Reminder: Given the heated nature of previous discussions on this > topic, participants are strongly reminded to adhere to the IETF Code of > Conduct (BCP 54) and the TLS WG's Mail List Procedures. Keep feedback > professional, technical, and focused on the document's text. > > This working group last call will end on 2026-07-08. > > Joe and Sean > > [1] > https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7Xp19ojzQ$ > [2] > https://urldefense.com/v3/__https://datatracker.ietf.org/liaison/2198/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7UVzVFYJQ$ > [3] > https://urldefense.com/v3/__https://datatracker.ietf.org/liaison/2151/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7V-27j4vg$ > [4] > https://urldefense.com/v3/__https://datatracker.ietf.org/liaison/2148/__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7VaUHPDRw$ > [5] > https://urldefense.com/v3/__https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-tls-mlkem__;!!OrxsNty6D4my!6IJnS7RUmoEUptkioAYza6Ne1ruwc-jgBR1Opv9lUfXct3Vb7BGgc4NmlSdoEg7PhZRHWLPUQGPQD7XeMmnQZw$ > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > ________________________________ > > This message is for the designated recipient only and may contain > privileged, proprietary, or otherwise confidential information. If you have > received it in error, please notify the sender immediately and delete the > original. Any other use of the e-mail by you is prohibited. Where allowed > by local law, electronic communications with Accenture and its affiliates, > including e-mail and instant messaging (including content), may be scanned > by our systems for the purposes of information security, AI-powered support > capabilities, and assessment of internal compliance with Accenture policy. > Your privacy is important to us. Accenture uses your personal data only in > compliance with data protection laws. For further information on how > Accenture processes your personal data, please see our privacy statement at > https://www.accenture.com/us-en/privacy-policy. > > ______________________________________________________________________________________ > > www.accenture.com >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
