NSA tries to weaken mlkem standardisation

SuperSandro20001 pts0 comments

Background

NSA's<br>SIGINT Enabling Project<br>includes sabotaging cryptographic standards.<br>NSA is now overtly paying<br>for standardization of "ietf-tls-mlkem", a<br>weakening<br>of the much more sensible "ietf-tls-ecdhe-mlkem".

After objections started appearing,<br>NSA's minions started switching from honest arguments along the lines of "NSA demands this so we should standardize it"<br>to fake technical arguments.<br>I have a<br>chart of the debate.

NSA lost the most recent mlkem vote<br>in the IETF TLS working group.<br>However,<br>they called another vote on 24 June 2026 and started packing the room.<br>For example, a positive vote appeared on 25 June 2026 from NSA's Mike Jenkins,<br>who has never shown up on the working-group mailing list before.<br>This is allowed under IETF rules,<br>which<br>say<br>that "There is no membership in the IETF"<br>and that "Anyone can participate by signing up to a working group mailing list".

Action

You can have your voice heard too.<br>All you have to do is<br>join the IETF TLS mailing list<br>and send a message to the mailing list<br>by 7 July 2026<br>under the subject line "Re: [TLS] WG Last Call: draft-ietf-tls-mlkem-08 (Ends 2026-07-08)"<br>saying that you do not support the publication of this document.

Please use your real name.<br>I know this is bad from a privacy perspective,<br>but the reality is that proponents will seize upon occasional pseudonyms as an excuse to ignore the entire opposition.

Examples

There have been more than 30 opposition statements as of 1 July 2026.<br>Here are links to some examples of different lengths:<br>Christian Grothoff.<br>Orr Dunkelman.<br>Simon Josefsson.<br>Yaakov Stein.<br>Peter Gutmann.<br>David Stainton.<br>Stephan Neuhaus.<br>Tanja Lange.<br>Bertrand Jacquin.

ietf mlkem mailing list started from

Related Articles