Hi All,
I do not support the publication of this document. Hybrid ECDHE-MLKEM
has already been published and implemented and if MLKEM is safe and
secure then that is too, only downsides come from having even an option
to do stand-alone MLKEM, with no upsides. Years of TLS experience have
proven more options are worse always, but plain common sense says they
aren't a good idea when there are no upsides. TLS 1.3 currently defines
a very small set of good options on purpose, don't ruin that by
publishing this document.
PS: New joiner to this mailing list, but old hand at creating internet
standards (so far a few XEPs at XMPP Standards Foundation), finding and
fixing security bugs and in open source projects, and
writing/contributing my own open source code.
Thanks much,
Travis Burtrum
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]