31 Mar
2026
31 Mar
'26
3:43 a.m.
Hi all,
I have just released the "tls" library version 2.3.1. As I said before, this version uses ML-KEM (Post-Quantum Cryptography) by default. Since no changes to the existing code are necessary, I released this as a minor version.
However, ClientHello and ServerHello become larger by more than 1000 bytes. If the world breaks down, I will deprecate v2.3.1 and re-release a major version.
It appeared that v2.3.1 breaks the "quic" library. ML-KEM is irrelevant; this is a consequence of storing secrets in ScrubbedBytes. I believed that they are internal stuffs but actually exposed. I have released tls v2.4.0. --Kazu