Status of TLS 1.3 Hybrid Key Exchange (JDK-8314323)

Sean Mullan sean.mullan at oracle.com
Wed May 21 13:40:01 UTC 2025 


On 5/21/25 2:56 AM, Stian Thorgersen wrote:
> Thanks,
> 
> Are there also plans to add X25519MLKEM768, SecP256r1MLKEM768, and 
> SecP384r1MLKEM1024 hybrid key agreements from https:// 
> datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/ <https:// 
> datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/>?

Yes.

> 
>  From what I know Google, Firefox, CloudFlare, and OpenSSL have all 
> implemented the draft, and there may not be many changes to the RFC once 
> it's been published.
> 
> Sounds like then potentially we're looking at OpenJDK 26 in march next 
> year? Is there a potential that it would be backported and delivered to 
> OpenJDK 25 earlier than that?

No, new features like this typically go into a JDK feature release first.

--Sean

> 
> On Wed, 21 May 2025 at 01:11, Sean Mullan <sean.mullan at oracle.com 
> <mailto:sean.mullan at oracle.com>> wrote:
> 
>     Hi,
> 
>     Thanks for your message and interest in Java Security.
> 
>     We are currently working on an implementation of Hybrid Key Exchange in
>     TLS 1.3 [1]. It will not be in JDK 25 as the release is entering
>     rampdown phase 1 soon.
> 
>     Although we can't commit to a target release at this time, we hope to
>     deliver it in a timely manner after the RFC has been published.
>     Potential backports will be determined at a later date.
> 
>     --Sean
> 
>     [1] https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/
>     <https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/>
> 
> 
>     On 5/20/25 4:07 AM, Stian Thorgersen wrote:
>      > Hi,
>      >
>      > I've been trying to find out when OpenJDK will have support for
>     hybrid
>      > key exchange in TLS 1.3.
>      >
>      > I've found the corresponding issue: https://bugs.openjdk.org/
>     browse/ <https://bugs.openjdk.org/browse/>
>      > JDK-8314323 <https://bugs.openjdk.org/browse/JDK-8314323
>     <https://bugs.openjdk.org/browse/JDK-8314323>>, but not able
>      > to find any information on the status of this work, nor what OpenJDK
>      > releases it targets.
>      >
>      > Is this planned for OpenJDK 25? Are there considerations to back-
>     port to
>      > older releases?
>

More information about the security-dev mailing list