-
Type:
Enhancement
-
Resolution: Unresolved
-
Priority:
P3
-
None
-
Affects Version/s: None
-
Component/s: security-libs
Implement the ML-KEM named groups in accordance with the ML-KEM Post-Quantum Key Agreement for TLS 1.3 [1] specification. This feature will deliver 3 new named groups:
* MLKEM512 (ID: 512)
* MLKEM768 (ID: 513)
* MLKEM1024 (ID: 514)
Whether these named groups will be part of the default set of named groups and their position in the list is TBD. As with other named groups, they can be added/removed via the jdk.tls.namedGroups [2] System property or via the SSLParameters::setNamedGroups [3] method.
[1]: https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/
[2]: https://docs.oracle.com/en/java/javase/25/security/java-secure-socket-extension-jsse-reference-guide.html#JSSEC-GUID-59D7B06D-5EA4-49EC-9B13-AD7BB166CA45
[3]: https://docs.oracle.com/en/java/javase/25/docs/api/java.base/javax/net/ssl/SSLParameters.html#setNamedGroups(java.lang.String%5B%5D)
* MLKEM512 (ID: 512)
* MLKEM768 (ID: 513)
* MLKEM1024 (ID: 514)
Whether these named groups will be part of the default set of named groups and their position in the list is TBD. As with other named groups, they can be added/removed via the jdk.tls.namedGroups [2] System property or via the SSLParameters::setNamedGroups [3] method.
[1]: https://datatracker.ietf.org/doc/draft-ietf-tls-mlkem/
[2]: https://docs.oracle.com/en/java/javase/25/security/java-secure-socket-extension-jsse-reference-guide.html#JSSEC-GUID-59D7B06D-5EA4-49EC-9B13-AD7BB166CA45
[3]: https://docs.oracle.com/en/java/javase/25/docs/api/java.base/javax/net/ssl/SSLParameters.html#setNamedGroups(java.lang.String%5B%5D)
- is blocked by
-
-
- In Progress
-