tireddy2
commented
8 months ago I see UTA WG documents providing such requirements, for example, see https://datatracker.ietf.org/doc/rfc9325/ and https://datatracker.ietf.org/doc/draft-ietf-uta-tls13-iot-profile/. I modified the text as follows: Applications that use (D)TLS and susceptible to CRQC attack MUST migrate to (D)TLS 1.3 and support the hybrid key exchange, as defined in {{!I-D.ietf-tls-hybrid-design}}.
Can UTA make such bold requirements?