#TLS
A set of research notes and deep dives focused on correctness, security, and operational evidence.
Best starting points
Hybrid Schemes and Protocol Agility
Deep dive (April 2026): hybrid key establishment is a narrow hedge (HNDL), not “post-quantum TLS”. The hard part is suite identity, transcript binding, and AND-semantics for dual signatures.
The Leaf Is the Hot Path: Signature Placement in Post-Quantum TLS (ML-DSA vs SLH-DSA)
Paper note (April 2026): experiments show SLH-DSA in the server leaf collapses TLS 1.3 handshakes by ~10^3×. PQ migration is a certificate-hierarchy and cost-concentration problem, not an algorithm swap.
Roadmap
- Start with assumptions and invariants
- Enumerate failure modes and attack surfaces
- Define what to monitor and how to roll back