Hi All,

I do not support the publication of this document. Hybrid ECDHE-MLKEM has already been published and implemented and if MLKEM is safe and secure then that is too, only downsides come from having even an option to do stand-alone MLKEM, with no upsides. Years of TLS experience have proven more options are worse always, but plain common sense says they aren't a good idea when there are no upsides. TLS 1.3 currently defines a very small set of good options on purpose, don't ruin that by publishing this document.

PS: New joiner to this mailing list, but old hand at creating internet standards (so far a few XEPs at XMPP Standards Foundation), finding and fixing security bugs and in open source projects, and writing/contributing my own open source code.

Thanks much,
Travis Burtrum

_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to