Summary: The NSA and co. continues to subvert committees like IETF by demanding implementations of unsafe standards in order to allow the government to award contracts to commercial companies (carrot). In this case they are forcing adoption of a (non-hybrid) pure PQ cipher instead of the recommended and widely accepted ECC+PQ combo that has acted as a safety net in the past when the PQ SIKE cipher was busted. ECC has marginal computation cost so the performance arguments vs just PQ makes no actual sense when quantified. Furthermore, NIST endorsed PQ systems like ML-KEM continue to face escalating cryptanalysis attacks. Most PQ ciphers in general are newer and have only gotten a fraction of te attention the classical systems have. Supporting both ECC+PQ & standalone PQ will only further complicate and add bugs to TLS implementations.
The troubling thing in this instance is the small group captured by adversarial interests in the IETF that have the power to censor concerns by cryptographers and are moving to formalize rotten specs despite significant objections.
***
Bonus: Peter Gutmann dissects the mechanism of industry-gov capture of IETF with real world examples. Cited by DJB’s posts above