Hi all,

The draft https://datatracker.ietf.org/doc/draft-yusef-tls-pqt-dual-certs/
has been revised to address the comments received from the WG during the
presentation at IETF-123.

The draft no longer defines any new TLS extension.  Dual authentication is
signaled entirely through new SignatureScheme code points, negotiated with
the existing signature_algorithms extension; the negotiated code point
determines how the existing Certificate and CertificateVerify messages
carry the two chains and two signatures.

Further comments and suggestions are welcome.

Regards,
-Tiru

---------- Forwarded message ---------
From: <[email protected]>
Date: Wed, 24 Jun 2026 at 13:59
Subject: New Version Notification for draft-yusef-tls-pqt-dual-certs-02.txt
To: Tirumaleswar Reddy.K <[email protected]>, Hannes Tschofenig <
[email protected]>, Hannes Tschofenig <[email protected]>,
Mike Ounsworth <[email protected]>, Rifaat Shekh-Yusef <
[email protected]>, Yaroslav Rosomakho <[email protected]>


A new version of Internet-Draft draft-yusef-tls-pqt-dual-certs-02.txt has
been
successfully submitted by Tirumaleswar Reddy and posted to the
IETF repository.

Name:     draft-yusef-tls-pqt-dual-certs
Revision: 02
Title:    Post-Quantum Traditional (PQ/T) Hybrid Authentication with Dual
Certificates in TLS 1.3
Date:     2026-06-24
Group:    Individual Submission
Pages:    20
URL:
https://www.ietf.org/archive/id/draft-yusef-tls-pqt-dual-certs-02.txt
Status:   https://datatracker.ietf.org/doc/draft-yusef-tls-pqt-dual-certs/
HTML:
https://www.ietf.org/archive/id/draft-yusef-tls-pqt-dual-certs-02.html
HTMLized:
https://datatracker.ietf.org/doc/html/draft-yusef-tls-pqt-dual-certs
Diff:
https://author-tools.ietf.org/iddiff?url2=draft-yusef-tls-pqt-dual-certs-02

Abstract:

   The anticipated emergence of cryptographically relevant quantum
   computers (CRQCs) poses a threat to the authentication mechanisms
   used in TLS 1.3.  This document defines a hybrid authentication
   mechanism that uses two independent certificates, one traditional and
   one post-quantum, ensuring that an attacker must break both
   algorithms to compromise a TLS connection.  The two certificate
   chains are carried in a single Certificate message and two
   independent signatures are encoded in the CertificateVerify message.



The IETF Secretariat
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to