Hi all, The draft https://datatracker.ietf.org/doc/draft-yusef-tls-pqt-dual-certs/ has been revised to address the comments received from the WG during the presentation at IETF-123.
The draft no longer defines any new TLS extension. Dual authentication is signaled entirely through new SignatureScheme code points, negotiated with the existing signature_algorithms extension; the negotiated code point determines how the existing Certificate and CertificateVerify messages carry the two chains and two signatures. Further comments and suggestions are welcome. Regards, -Tiru ---------- Forwarded message --------- From: <[email protected]> Date: Wed, 24 Jun 2026 at 13:59 Subject: New Version Notification for draft-yusef-tls-pqt-dual-certs-02.txt To: Tirumaleswar Reddy.K <[email protected]>, Hannes Tschofenig < [email protected]>, Hannes Tschofenig <[email protected]>, Mike Ounsworth <[email protected]>, Rifaat Shekh-Yusef < [email protected]>, Yaroslav Rosomakho <[email protected]> A new version of Internet-Draft draft-yusef-tls-pqt-dual-certs-02.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-yusef-tls-pqt-dual-certs Revision: 02 Title: Post-Quantum Traditional (PQ/T) Hybrid Authentication with Dual Certificates in TLS 1.3 Date: 2026-06-24 Group: Individual Submission Pages: 20 URL: https://www.ietf.org/archive/id/draft-yusef-tls-pqt-dual-certs-02.txt Status: https://datatracker.ietf.org/doc/draft-yusef-tls-pqt-dual-certs/ HTML: https://www.ietf.org/archive/id/draft-yusef-tls-pqt-dual-certs-02.html HTMLized: https://datatracker.ietf.org/doc/html/draft-yusef-tls-pqt-dual-certs Diff: https://author-tools.ietf.org/iddiff?url2=draft-yusef-tls-pqt-dual-certs-02 Abstract: The anticipated emergence of cryptographically relevant quantum computers (CRQCs) poses a threat to the authentication mechanisms used in TLS 1.3. This document defines a hybrid authentication mechanism that uses two independent certificates, one traditional and one post-quantum, ensuring that an attacker must break both algorithms to compromise a TLS connection. The two certificate chains are carried in a single Certificate message and two independent signatures are encoded in the CertificateVerify message. The IETF Secretariat
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
