Yes, you got that correct. The thing is that it seems to me (absolutely subjective) that there needs to be a definitely secure baseline due to the nature of humans.
Especially due to the fact that the hybrid implementations are slightly less performant - some might take this as an argument to say "We don't do hybrid here, look at the performance!" We all around this list know that these performance differences are absolutely negligible - but that may be not case everywhere. And, regarding the fact that the intended status of this draft is informational, in combination with a MTI hybrid and a currently secure baseline, I would support the publication of this draft. Kind regards Justin Am 30. Juni 2026 19:53:48 MESZ schrieb Eric Rescorla <[email protected]>: >On Tue, Jun 30, 2026 at 10:49 AM Justin Schnurbusch <schnurbusch.justin= >[email protected]> wrote: > >> I do not support the publication of this document as it seems to me that >> the implementations "in the field" need a currently secure baseline as a >> mandatory border. >> >> A more baseline-mandatory approach with an optional component seems more >> reasonable to me. >> > >I'd like to make sure I understand your position: Are you saying that if >some hybrid (e.g., X25519-MLKEM) were MTI, you would support this draft? > >-Ekr
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
