[Cryptography] NSA up to their old tricks - stuffing the IETF WGs with their supporters for weakened standards

Salz, Rich rsalz at akamai.com
Mon Oct 13 09:35:45 EDT 2025


  *
The problem in a nutshell. Surveillance agency NSA and its partner GCHQ
  *
are trying to have standards-development organizations endorse weakening
  *
ECC+PQ down to just PQ.

Maybe that’s what they want, but the IETF is not doing that, no matter what Dan writes. While there is a non-hybrid MLKEM draft in the TLS working group, it has seen zero uptake. Compared to the hybrid key exchange draft, which is widely deployed on the Web.  Signatures are another matter, as some argumentative folks delayed progress on the hybrid signature format for so long that industry might just have stopped waiting (cf ANSI X9 PKI).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20251013/b94eded6/attachment.htm>


More information about the cryptography mailing list