Security issue notifications
If you discover a potential security issue in s2n-quic we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
Our PQ support is currently gated behind an unstable flag. We might not need this anymore, at this point MLKEM has become the standard PQ encryption algorithm, so there's less of a concern for API breakage these days. Also s2n-tls supports PQ be default, so we should as well.
Need By Date:
N/A
Solution:
Evaluate our PQ support, what was the exact reason we put it behind an unstable flag in the first place? Maybe it's time to remove that.
Requirements / Acceptance Criteria:
Out of scope:
Security issue notifications
If you discover a potential security issue in s2n-quic we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
Our PQ support is currently gated behind an unstable flag. We might not need this anymore, at this point MLKEM has become the standard PQ encryption algorithm, so there's less of a concern for API breakage these days. Also s2n-tls supports PQ be default, so we should as well.
Need By Date:
N/A
Solution:
Evaluate our PQ support, what was the exact reason we put it behind an unstable flag in the first place? Maybe it's time to remove that.
Requirements / Acceptance Criteria:
Out of scope: