**Session Date/Time:** 24 Jul 2024 20:00 ```markdown # TLS Working Group Session ## Summary This TLS working group session covered a variety of topics including ML-CHEM key agreement, hybrid key exchange, TLS 1.3 errata, a formal analysis triage process, encrypted client hello (ECH) key distribution, TLS 1.2 considerations, SSL key logging for ECH, extended key updates, and trust anchor negotiation. Discussions involved technical details, potential adoption of drafts, and the need for further analysis and transparency in certain processes. ## Key Discussion Points * **ML-CHEM Key Agreement:** Discussion around a document specifying how to do ML-CHEM based key agreement in TLS 1.3. Concerns raised regarding tying it to specific groups and the need for a generic mechanism. * **Hybrid Key Exchange:** Confirmation that the hybrid design document can move forward, and that any new code points will have their own individual documents. No MTI or recommendation will be part of this work. * **TLS 1.3 Errata:** Clarifications and proposed merge of queued PRs were discussed. A proposal to make X25519 a mandatory-to-implement algorithm in this context was rejected as inappropriate for an errata document. * **Formal Analysis Triage Team (FAT):** Discussion about a formal analysis triage process for TLS changes. Concerns regarding transparency, process execution, and the appropriate level of analysis were raised. Authors requested better communication and clarity in the feedback. The chairs committed to refining the process and improving communication. * **ECH Key Distribution:** Discussion about a draft for ECH key distribution. Questions regarding the architecture for intermediaries and the scope of the draft (ECH specific vs. generic) were raised. * **TLS 1.2 Considerations:** Presentation on a draft aiming to freeze evolution in TLS 1.2. * **SSL Key Log for ECH:** A proposal for adding new labels to SSL key log for troubleshooting and diagnostic capabilities for ECH. Concerns were raised if this is enabling easier breaking TLS in general. * **Extended Key Updates:** Update on a draft for extended key updates with forward secrecy, showing the progress with use of the key share extension, and requests feedback for the prospect of adopting this work. * **Trust Anchor Negotiation:** Presented and compared trust expressions and trust anchor identifiers, along with security considerations. Asked for feedback from working group for direction to adopt, and which to focus on. ## Decisions and Action Items * **ML-CHEM Key Agreement:** Author will split the document into two: one for the generic mechanism of using chems, and one for the specific ML-CHEM instantiation. * **Hybrid Key Exchange:** The generic Hybrid Key Exchange can move forward. * **TLS 1.3 Errata:** The PR making X25519 mandatory to implement will not be merged. * **Formal Analysis Triage Team (FAT):** Chairs will work with the authors of 8773 bis to determine the correct next steps. Process is to be further refined. * **ECH Key Distribution:** Change the title of draft, explore ALPN for other TLS use cases. * **Extended Key Updates:** A working group adoption call will be sent to the list for this draft. ## Next Steps * Authors to update drafts based on feedback from the working group. * Chairs to send out adoption calls for relevant drafts. * Chairs to refine the formal analysis triage process and ensure better communication. * Consider scheduling an interim meeting to discuss Trust Anchor Negotiation further.