diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml
index 031ed0344d..4c652235d2 100644
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -13380,7 +13380,7 @@
   mirror: always
   rust: true
 
-# Whether to send a Xyber768 key share in HTTP/3 TLS handshakes.
+# Whether to send an mlkem768x25519 key share in HTTP/3 TLS handshakes.
 # Has no effect unless security.tls.enable_kyber is true.
 - name: network.http.http3.enable_kyber
   type: RelaxedAtomicBool
diff --git a/netwerk/socket/neqo_glue/src/lib.rs b/netwerk/socket/neqo_glue/src/lib.rs
index 9d1fa68ed2..216a95553c 100644
--- a/netwerk/socket/neqo_glue/src/lib.rs
+++ b/netwerk/socket/neqo_glue/src/lib.rs
@@ -202,7 +202,7 @@ impl NeqoHttp3Conn {
         {
             // These operations are infallible when conn.state == State::Init.
             let _ = conn.set_groups(&[
-                neqo_crypto::TLS_GRP_KEM_XYBER768D00,
+                neqo_crypto::TLS_GRP_KEM_MLKEM768X25519,
                 neqo_crypto::TLS_GRP_EC_X25519,
                 neqo_crypto::TLS_GRP_EC_SECP256R1,
                 neqo_crypto::TLS_GRP_EC_SECP384R1,
diff --git a/netwerk/test/unit/test_http3_kyber.js b/netwerk/test/unit/test_http3_kyber.js
index 4b3f1cbc50..e3b77cce9b 100644
--- a/netwerk/test/unit/test_http3_kyber.js
+++ b/netwerk/test/unit/test_http3_kyber.js
@@ -62,7 +62,11 @@ function makeChan(uri) {
 
 add_task(async function test_kyber_success() {
   let listener = new Http3Listener();
-  listener.expectedKeaGroup = "xyber768d00";
+  // Bug 1918532: change this from x25519 to mlkem768x25519.
+  // neqo_glue currently tries to negotiate xyber768d00, which is
+  // disabled by NSS policy. As such we expect to receive x25519
+  // here.
+  listener.expectedKeaGroup = "x25519";
   let chan = makeChan("https://foo.example.com");
   await chanPromise(chan, listener);
 });
diff --git a/security/manager/ssl/NSSSocketControl.cpp b/security/manager/ssl/NSSSocketControl.cpp
index 64c999701a..c7abe78da8 100644
--- a/security/manager/ssl/NSSSocketControl.cpp
+++ b/security/manager/ssl/NSSSocketControl.cpp
@@ -39,7 +39,7 @@ NSSSocketControl::NSSSocketControl(const nsCString& aHostName, int32_t aPort,
       mIsFullHandshake(false),
       mNotedTimeUntilReady(false),
       mEchExtensionStatus(EchExtensionStatus::kNotPresent),
-      mSentXyberShare(false),
+      mSentMlkemShare(false),
       mHasTls13HandshakeSecrets(false),
       mIsShortWritePending(false),
       mShortWritePendingByte(0),
diff --git a/security/manager/ssl/NSSSocketControl.h b/security/manager/ssl/NSSSocketControl.h
index 9afae1926c..2701b7346e 100644
--- a/security/manager/ssl/NSSSocketControl.h
+++ b/security/manager/ssl/NSSSocketControl.h
@@ -117,14 +117,14 @@ class NSSSocketControl final : public CommonSocketControl {
     return mEchExtensionStatus;
   }
 
-  void WillSendXyberShare() {
+  void WillSendMlkemShare() {
     COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
-    mSentXyberShare = true;
+    mSentMlkemShare = true;
   }
 
-  bool SentXyberShare() {
+  bool SentMlkemShare() {
     COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
-    return mSentXyberShare;
+    return mSentMlkemShare;
   }
 
   void SetHasTls13HandshakeSecrets() {
@@ -307,7 +307,7 @@ class NSSSocketControl final : public CommonSocketControl {
   bool mIsFullHandshake;
   bool mNotedTimeUntilReady;
   EchExtensionStatus mEchExtensionStatus;  // Currently only used for telemetry.
-  bool mSentXyberShare;
+  bool mSentMlkemShare;
   bool mHasTls13HandshakeSecrets;
 
   // True when SSL layer has indicated an "SSL short write", i.e. need
diff --git a/security/manager/ssl/metrics.yaml b/security/manager/ssl/metrics.yaml
index e25ab6a7e5..ce0177b384 100644
--- a/security/manager/ssl/metrics.yaml
+++ b/security/manager/ssl/metrics.yaml
@@ -68,7 +68,7 @@ tls:
   xyber_intolerance_reason:
     type: labeled_counter
     description: >
-      The error that was returned from a failed TLS 1.3 handshake in which the client sent a Xyber key share (see tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp).
+      The error that was returned from a failed TLS 1.3 handshake in which the client sent a mlkem768x25519 key share (see tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp).
     data_sensitivity:
       - technical
     bugs:
diff --git a/security/manager/ssl/nsNSSCallbacks.cpp b/security/manager/ssl/nsNSSCallbacks.cpp
index c3a23213c5..cb37603782 100644
--- a/security/manager/ssl/nsNSSCallbacks.cpp
+++ b/security/manager/ssl/nsNSSCallbacks.cpp
@@ -656,8 +656,8 @@ nsCString getKeaGroupName(uint32_t aKeaGroup) {
     case ssl_grp_ec_curve25519:
       groupName = "x25519"_ns;
       break;
-    case ssl_grp_kem_xyber768d00:
-      groupName = "xyber768d00"_ns;
+    case ssl_grp_kem_mlkem768x25519:
+      groupName = "mlkem768x25519"_ns;
       break;
     case ssl_grp_ffdhe_2048:
       groupName = "FF 2048"_ns;
@@ -1045,7 +1045,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
                            channelInfo.keaKeyBits);
         break;
       case ssl_kea_ecdh_hybrid:
-        // Bug 1874963: Add probes for Xyber768d00
         break;
       default:
         MOZ_CRASH("impossible KEA");
@@ -1146,7 +1145,8 @@ void SecretCallback(PRFileDesc* fd, PRUint16 epoch, SSLSecretDirection dir,
   if (epoch == 2 && dir == ssl_secret_read) {
     // |secret| is the server_handshake_traffic_secret. Set a flag to indicate
     // that the Server Hello has been processed successfully. We use this when
-    // deciding whether to retry a connection in which a Xyber share was sent.
+    // deciding whether to retry a connection in which an mlkem768x25519 share
+    // was sent.
     infoObject->SetHasTls13HandshakeSecrets();
   }
 }
diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp
index 5f3792fd52..1fff6de2d6 100644
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -1084,9 +1084,9 @@ void SetDeprecatedTLS1CipherPrefs() {
 // static
 void SetKyberPolicy() {
   if (StaticPrefs::security_tls_enable_kyber()) {
-    NSS_SetAlgorithmPolicy(SEC_OID_XYBER768D00, NSS_USE_ALG_IN_SSL_KX, 0);
+    NSS_SetAlgorithmPolicy(SEC_OID_MLKEM768X25519, NSS_USE_ALG_IN_SSL_KX, 0);
   } else {
-    NSS_SetAlgorithmPolicy(SEC_OID_XYBER768D00, 0, NSS_USE_ALG_IN_SSL_KX);
+    NSS_SetAlgorithmPolicy(SEC_OID_MLKEM768X25519, 0, NSS_USE_ALG_IN_SSL_KX);
   }
 }
 
diff --git a/security/manager/ssl/nsNSSIOLayer.cpp b/security/manager/ssl/nsNSSIOLayer.cpp
index c31f3064ee..24ca99d0f4 100644
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -448,14 +448,15 @@ bool retryDueToTLSIntolerance(PRErrorCode err, NSSSocketControl* socketInfo) {
   }
 
   if (!socketInfo->IsPreliminaryHandshakeDone() &&
-      !socketInfo->HasTls13HandshakeSecrets() && socketInfo->SentXyberShare()) {
+      !socketInfo->HasTls13HandshakeSecrets() && socketInfo->SentMlkemShare()) {
     nsAutoCString errorName;
     const char* prErrorName = PR_ErrorToName(err);
     if (prErrorName) {
       errorName.AppendASCII(prErrorName);
     }
     mozilla::glean::tls::xyber_intolerance_reason.Get(errorName).Add(1);
-    // Don't record version intolerance if we sent Xyber, just force a retry.
+    // Don't record version intolerance if we sent mlkem768x25519, just force a
+    // retry.
     return true;
   }
 
@@ -1561,7 +1562,7 @@ static nsresult nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
       !(infoObject->GetProviderFlags() &
         (nsISocketProvider::BE_CONSERVATIVE | nsISocketProvider::IS_RETRY))) {
     const SSLNamedGroup namedGroups[] = {
-        ssl_grp_kem_xyber768d00, ssl_grp_ec_curve25519, ssl_grp_ec_secp256r1,
+        ssl_grp_kem_mlkem768x25519, ssl_grp_ec_curve25519, ssl_grp_ec_secp256r1,
         ssl_grp_ec_secp384r1,    ssl_grp_ec_secp521r1,  ssl_grp_ffdhe_2048,
         ssl_grp_ffdhe_3072};
     if (SECSuccess != SSL_NamedGroupConfig(fd, namedGroups,
@@ -1573,12 +1574,12 @@ static nsresult nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
     if (SECSuccess != SSL_SendAdditionalKeyShares(fd, 2)) {
       return NS_ERROR_FAILURE;
     }
-    infoObject->WillSendXyberShare();
+    infoObject->WillSendMlkemShare();
   } else {
     const SSLNamedGroup namedGroups[] = {
         ssl_grp_ec_curve25519, ssl_grp_ec_secp256r1, ssl_grp_ec_secp384r1,
         ssl_grp_ec_secp521r1,  ssl_grp_ffdhe_2048,   ssl_grp_ffdhe_3072};
-    // Skip the |ssl_grp_kem_xyber768d00| entry.
+    // Skip the |ssl_grp_kem_mlkem768x25519| entry.
     if (SECSuccess != SSL_NamedGroupConfig(fd, namedGroups,
                                            mozilla::ArrayLength(namedGroups))) {
       return NS_ERROR_FAILURE;
diff --git a/security/manager/ssl/tests/unit/test_faulty_server.js b/security/manager/ssl/tests/unit/test_faulty_server.js
index f617908e28..7e476a9688 100644
--- a/security/manager/ssl/tests/unit/test_faulty_server.js
+++ b/security/manager/ssl/tests/unit/test_faulty_server.js
@@ -72,28 +72,28 @@ add_task(
   {
     skip_if: () => AppConstants.MOZ_SYSTEM_NSS,
   },
-  async function testRetryXyber() {
-    const retryDomain = "xyber-net-interrupt.example.com";
+  async function testRetryMlkem768x25519() {
+    const retryDomain = "mlkem768x25519-net-interrupt.example.com";
 
     Services.prefs.setBoolPref("security.tls.enable_kyber", true);
     Services.prefs.setCharPref("network.dns.localDomains", [retryDomain]);
     Services.prefs.setIntPref("network.http.speculative-parallel-limit", 0);
 
-    // Get the number of xyber / x25519 callbacks prior to making the request
-    // ssl_grp_kem_xyber768d00 = 25497
+    // Get the number of mlkem768x25519 and x25519 callbacks prior to making the request
+    // ssl_grp_kem_mlkem768x25519 = 4588
     // ssl_grp_ec_curve25519 = 29
-    let countOfXyber = handlerCount("/callback/25497");
+    let countOfMlkem = handlerCount("/callback/4588");
     let countOfX25519 = handlerCount("/callback/29");
     let chan = makeChan(`https://${retryDomain}:8443`);
     let [, buf] = await channelOpenPromise(chan, CL_ALLOW_UNKNOWN_CL);
     ok(buf);
-    // The server will make a xyber768d00 callback for the initial request, and
+    // The server will make a mlkem768x25519 callback for the initial request, and
     // then an x25519 callback for the retry. Both callback counts should
     // increment by one.
     equal(
-      handlerCount("/callback/25497"),
-      countOfXyber + 1,
-      "negotiated xyber768d00"
+      handlerCount("/callback/4588"),
+      countOfMlkem + 1,
+      "negotiated mlkem768x25519"
     );
     equal(handlerCount("/callback/29"), countOfX25519 + 1, "negotiated x25519");
     if (!mozinfo.socketprocess_networking) {
@@ -111,27 +111,28 @@ add_task(
   {
     skip_if: () => AppConstants.MOZ_SYSTEM_NSS,
   },
-  async function testNoRetryXyber() {
-    const retryDomain = "xyber-alert-after-server-hello.example.com";
+  async function testNoRetryMlkem768x25519() {
+    const retryDomain = "mlkem768x25519-alert-after-server-hello.example.com";
 
     Services.prefs.setBoolPref("security.tls.enable_kyber", true);
     Services.prefs.setCharPref("network.dns.localDomains", [retryDomain]);
     Services.prefs.setIntPref("network.http.speculative-parallel-limit", 0);
 
-    // Get the number of xyber / x25519 / p256 callbacks prior to making the request
-    // ssl_grp_kem_xyber768d00 = 25497
+    // Get the number of mlkem768x25519 and x25519 callbacks prior to making
+    // the request
+    // ssl_grp_kem_mlkem768x25519 = 4588
     // ssl_grp_ec_curve25519 = 29
-    let countOfXyber = handlerCount("/callback/25497");
+    let countOfMlkem = handlerCount("/callback/4588");
     let countOfX25519 = handlerCount("/callback/29");
     let chan = makeChan(`https://${retryDomain}:8443`);
     let [req] = await channelOpenPromise(chan, CL_EXPECT_FAILURE);
     equal(req.status, 0x805a2f4d); // psm::GetXPCOMFromNSSError(SSL_ERROR_HANDSHAKE_FAILED)
-    // The server will make a xyber768d00 callback for the initial request and
+    // The server will make a mlkem768x25519 callback for the initial request and
     // the client should not retry.
     equal(
-      handlerCount("/callback/25497"),
-      countOfXyber + 1,
-      "negotiated xyber768d00"
+      handlerCount("/callback/4588"),
+      countOfMlkem + 1,
+      "negotiated mlkem768x25519"
     );
     equal(
       handlerCount("/callback/29"),
diff --git a/security/manager/ssl/tests/unit/tlsserver/cmd/FaultyServer.cpp b/security/manager/ssl/tests/unit/tlsserver/cmd/FaultyServer.cpp
index 4764ed921d..ba48016f58 100644
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/FaultyServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/FaultyServer.cpp
@@ -21,7 +21,7 @@ enum FaultType {
   None = 0,
   ZeroRtt,
   UnknownSNI,
-  Xyber,
+  Mlkem768x25519,
 };
 
 struct FaultyServerHost {
@@ -38,9 +38,10 @@ const char* kHostZeroRttAlertVersion =
 const char* kHostZeroRttAlertUnexpected = "0rtt-alert-unexpected.example.com";
 const char* kHostZeroRttAlertDowngrade = "0rtt-alert-downgrade.example.com";
 
-const char* kHostXyberNetInterrupt = "xyber-net-interrupt.example.com";
-const char* kHostXyberAlertAfterServerHello =
-    "xyber-alert-after-server-hello.example.com";
+const char* kHostMlkem768x25519NetInterrupt =
+    "mlkem768x25519-net-interrupt.example.com";
+const char* kHostMlkem768x25519AlertAfterServerHello =
+    "mlkem768x25519-alert-after-server-hello.example.com";
 
 const char* kCertWildcard = "default-ee";
 
@@ -55,8 +56,8 @@ const FaultyServerHost sFaultyServerHosts[]{
     {kHostZeroRttAlertVersion, kCertWildcard, ZeroRtt},
     {kHostZeroRttAlertUnexpected, kCertWildcard, ZeroRtt},
     {kHostZeroRttAlertDowngrade, kCertWildcard, ZeroRtt},
-    {kHostXyberNetInterrupt, kCertWildcard, Xyber},
-    {kHostXyberAlertAfterServerHello, kCertWildcard, Xyber},
+    {kHostMlkem768x25519NetInterrupt, kCertWildcard, Mlkem768x25519},
+    {kHostMlkem768x25519AlertAfterServerHello, kCertWildcard, Mlkem768x25519},
     {nullptr, nullptr},
 };
 
@@ -168,21 +169,22 @@ SECStatus FailingWriteCallback(PRFileDesc* fd, PRUint16 epoch,
   return SECFailure;
 }
 
-void SecretCallbackFailXyber(PRFileDesc* fd, PRUint16 epoch,
-                             SSLSecretDirection dir, PK11SymKey* secret,
-                             void* arg) {
-  fprintf(stderr, "Xyber handler epoch=%d dir=%d\n", epoch, (uint32_t)dir);
+void SecretCallbackFailMlkem768x25519(PRFileDesc* fd, PRUint16 epoch,
+                                      SSLSecretDirection dir,
+                                      PK11SymKey* secret, void* arg) {
+  fprintf(stderr, "Mlkem768x25519 handler epoch=%d dir=%d\n", epoch,
+          (uint32_t)dir);
   FaultyServerHost* host = static_cast<FaultyServerHost*>(arg);
 
   if (epoch == 2 && dir == ssl_secret_write) {
     sslSocket* ss = ssl_FindSocket(fd);
     if (!ss) {
-      fprintf(stderr, "Xyber handler, no ss!\n");
+      fprintf(stderr, "Mlkem768x25519 handler, no ss!\n");
       return;
     }
 
     if (!ss->sec.keaGroup) {
-      fprintf(stderr, "Xyber handler, no ss->sec.keaGroup!\n");
+      fprintf(stderr, "Mlkem768x25519 handler, no ss->sec.keaGroup!\n");
       return;
     }
 
@@ -190,17 +192,18 @@ void SecretCallbackFailXyber(PRFileDesc* fd, PRUint16 epoch,
     SprintfLiteral(path, "/callback/%u", ss->sec.keaGroup->name);
     DoCallback(path);
 
-    if (ss->sec.keaGroup->name != ssl_grp_kem_xyber768d00) {
+    if (ss->sec.keaGroup->name != ssl_grp_kem_mlkem768x25519) {
       return;
     }
 
-    fprintf(stderr, "Xyber handler, configuring alert\n");
-    if (strcmp(host->mHostName, kHostXyberNetInterrupt) == 0) {
+    fprintf(stderr, "Mlkem768x25519 handler, configuring alert\n");
+    if (strcmp(host->mHostName, kHostMlkem768x25519NetInterrupt) == 0) {
       // Install a record write callback that causes the next write to fail.
       // The client will see this as a PR_END_OF_FILE / NS_ERROR_NET_INTERRUPT
       // error.
       ss->recordWriteCallback = FailingWriteCallback;
-    } else if (!strcmp(host->mHostName, kHostXyberAlertAfterServerHello)) {
+    } else if (!strcmp(host->mHostName,
+                       kHostMlkem768x25519AlertAfterServerHello)) {
       SSL3_SendAlert(ss, alert_fatal, close_notify);
     }
   }
@@ -219,17 +222,17 @@ int32_t DoSNISocketConfig(PRFileDesc* aFd, const SECItem* aSrvNameArr,
     fprintf(stderr, "found pre-defined host '%s'\n", host->mHostName);
   }
 
-  const SSLNamedGroup xyberTestNamedGroups[] = {ssl_grp_kem_xyber768d00,
+  const SSLNamedGroup mlkemTestNamedGroups[] = {ssl_grp_kem_mlkem768x25519,
                                                 ssl_grp_ec_curve25519};
 
   switch (host->mFaultType) {
     case ZeroRtt:
       SSL_SecretCallback(aFd, &SecretCallbackFailZeroRtt, (void*)host);
       break;
-    case Xyber:
-      SSL_SecretCallback(aFd, &SecretCallbackFailXyber, (void*)host);
-      SSL_NamedGroupConfig(aFd, xyberTestNamedGroups,
-                           mozilla::ArrayLength(xyberTestNamedGroups));
+    case Mlkem768x25519:
+      SSL_SecretCallback(aFd, &SecretCallbackFailMlkem768x25519, (void*)host);
+      SSL_NamedGroupConfig(aFd, mlkemTestNamedGroups,
+                           mozilla::ArrayLength(mlkemTestNamedGroups));
       break;
     case None:
       break;
diff --git a/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.cpp b/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.cpp
index e4aeda0e82..401b982346 100644
--- a/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.cpp
@@ -553,8 +553,6 @@ int StartServer(int argc, char* argv[], SSLSNISocketConfig sniSocketConfig,
     return 1;
   }
 
-  NSS_SetAlgorithmPolicy(SEC_OID_XYBER768D00, NSS_USE_ALG_IN_SSL_KX, 0);
-
   if (SSL_ConfigServerSessionIDCache(0, 0, 0, nullptr) != SECSuccess) {
     PrintPRError("SSL_ConfigServerSessionIDCache failed");
     return 1;
diff --git a/third_party/rust/neqo-crypto/.cargo-checksum.json b/third_party/rust/neqo-crypto/.cargo-checksum.json
index 188160d135..bea265565f 100644
--- a/third_party/rust/neqo-crypto/.cargo-checksum.json
+++ b/third_party/rust/neqo-crypto/.cargo-checksum.json
@@ -1 +1 @@
-{"files":{"Cargo.toml":"fa915d4cac0a051c77107dd6f74514915fe2924fe3eecaad10e995062767fbbb","bindings/bindings.toml":"56921b753535f899b8095df3e8af04b1dc2213c4808dfb39734a3c554454d01d","bindings/nspr_err.h":"2d5205d017b536c2d838bcf9bc4ec79f96dd50e7bb9b73892328781f1ee6629d","bindings/nspr_error.h":"e41c03c77b8c22046f8618832c9569fbcc7b26d8b9bbc35eea7168f35e346889","bindings/nspr_io.h":"085b289849ef0e77f88512a27b4d9bdc28252bd4d39c6a17303204e46ef45f72","bindings/nspr_time.h":"2e637fd338a5cf0fd3fb0070a47f474a34c2a7f4447f31b6875f5a9928d0a261","bindings/nss_ciphers.h":"95ec6344a607558b3c5ba8510f463b6295f3a2fb3f538a01410531045a5f62d1","bindings/nss_init.h":"ef49045063782fb612aff459172cc6a89340f15005808608ade5320ca9974310","bindings/nss_p11.h":"0b81e64fe6db49b2ecff94edd850be111ef99ec11220e88ceb1c67be90143a78","bindings/nss_secerr.h":"713e8368bdae5159af7893cfa517dabfe5103cede051dee9c9557c850a2defc6","bindings/nss_ssl.h":"af222fb957b989e392e762fa2125c82608a0053aff4fb97e556691646c88c335","bindings/nss_sslerr.h":"24b97f092183d8486f774cdaef5030d0249221c78343570d83a4ee5b594210ae","bindings/nss_sslopt.h":"b7807eb7abdad14db6ad7bc51048a46b065a0ea65a4508c95a12ce90e59d1eea","build.rs":"6c3e94359395cce5cb29bc0063ff930ffcd7edd50c040cb459acce6c80aa4ef4","min_version.txt":"7e98f86c69cddb4f65cf96a6de1f4297e3ce224a4c4628609e29042b6c4dcfb9","src/aead.rs":"fc42bc20b84d2e5ccfd56271ae2d2db082e55586ea2926470c102da177f22296","src/aead_null.rs":"3a553f21126c9ca0116c2be81e5a777011b33c159fd88c4f384614bbdb06bb2e","src/agent.rs":"0ef7b488480d12c01a122050e82809bc784443ef6277d75fce21d706fbf5eaaf","src/agentio.rs":"415f70b95312d3ee6d74ba6f28094246101ab6d535aa9df880c38d8bb5a9279e","src/auth.rs":"ced1a18f691894984244088020ea25dc1ee678603317f0c7dfc8b8842fa750b4","src/cert.rs":"8942cb3ce25a61f92b6ffc30fb286052ed6f56eeda3be12fd46ea76ceba6c1cf","src/constants.rs":"f5c779db128a8b0607841ca18c376971017eb327e102e5e6959a7d8effe4b3a6","src/ech.rs":"9d322fcc01c0886f1dfe9bb6273cb9f88a746452ac9a802761b1816a05930c1f","src/err.rs":"ae979f334604aba89640c4491262641910033f0bd790d58671f649f5039b291c","src/exp.rs":"cec59d61fc95914f9703d2fb6490a8507af993c9db710dde894f2f8fd38123c7","src/ext.rs":"cbf7d9f5ecabf4b8c9efd6c334637ab1596ec5266d38ab8d2d6ceae305283deb","src/hkdf.rs":"ef32f20e30a9bd7f094199536d19c87c4231b7fbbe4a9c54c70e84ca9c6575be","src/hp.rs":"644f1bed67f1c6189a67c8d02ab3358aaa7f63af4b913dd7395becbc01a84291","src/lib.rs":"1f2c171e76f353c99cebe66f9812d3021ab2914eb015fed6a07409b7cfa426e6","src/min_version.rs":"89b7ef6f9d2301db4f689f4d963b58375d577f705b92003a804048441e00cfd1","src/p11.rs":"704c5f164c4f195c8051c5bf1e69a912c34b613a8cf6bed5f577dc5674eea34e","src/prio.rs":"e5e169296c0ac69919c59fb6c1f8bd6bf079452eaa13d75da0edd41d435d3f6f","src/replay.rs":"96b7af8eff9e14313e79303092018b12e8834f780c96b8e247c497fdc680c696","src/result.rs":"0587cbb6aace71a7f9765ef7c01dcd9f73a49dcc6331e1d8fe4de2aef6ca65b6","src/secrets.rs":"4ffaa66f25df47dadf042063bff5953effa7bf2f4920cafe827757d6a659cb58","src/selfencrypt.rs":"b7cc1c896c7661c37461fc3a8bcbfdf2589433b907fa5f968ae4f6907704b441","src/ssl.rs":"c83baa5518b81dd06f2e4072ea3c2d666ccdeb8b1ff6e3746eea9f1af47023a6","src/time.rs":"c71a01ff8aa2c0e97fb16ad620df4ed6b7cc1819ff93f46634e2f1c9551627ec","tests/aead.rs":"e36ae77802df1ea6d17cfd1bd2178a3706089577d6fd1554ca86e748b8b235b9","tests/agent.rs":"824735f88e487a3748200844e9481e81a72163ad74d82faa9aa16594d9b9bb25","tests/ext.rs":"1b047d23d9b224ad06eb65d8f3a7b351e263774e404c79bbcbe8f43790e29c18","tests/handshake.rs":"e892a2839b31414be16e96cdf3b1a65978716094700c1a4989229f7edbf578a0","tests/hkdf.rs":"1d2098dc8398395864baf13e4886cfd1da6d36118727c3b264f457ee3da6b048","tests/hp.rs":"b24fec53771c169be788772532d2617a5349196cf87d6444dc74214f7c73e92c","tests/init.rs":"616313cb38eac44b8c71a1d23a52a7d7b4c7c07d4c20dc9ea6600c3317f92613","tests/selfencrypt.rs":"8d10840b41629bf449a6b3a551377315e8a05ca26c6b041548748196652c5909"},"package":null}
\ No newline at end of file
+{"files":{"Cargo.toml":"fa915d4cac0a051c77107dd6f74514915fe2924fe3eecaad10e995062767fbbb","bindings/bindings.toml":"56921b753535f899b8095df3e8af04b1dc2213c4808dfb39734a3c554454d01d","bindings/nspr_err.h":"2d5205d017b536c2d838bcf9bc4ec79f96dd50e7bb9b73892328781f1ee6629d","bindings/nspr_error.h":"e41c03c77b8c22046f8618832c9569fbcc7b26d8b9bbc35eea7168f35e346889","bindings/nspr_io.h":"085b289849ef0e77f88512a27b4d9bdc28252bd4d39c6a17303204e46ef45f72","bindings/nspr_time.h":"2e637fd338a5cf0fd3fb0070a47f474a34c2a7f4447f31b6875f5a9928d0a261","bindings/nss_ciphers.h":"95ec6344a607558b3c5ba8510f463b6295f3a2fb3f538a01410531045a5f62d1","bindings/nss_init.h":"ef49045063782fb612aff459172cc6a89340f15005808608ade5320ca9974310","bindings/nss_p11.h":"0b81e64fe6db49b2ecff94edd850be111ef99ec11220e88ceb1c67be90143a78","bindings/nss_secerr.h":"713e8368bdae5159af7893cfa517dabfe5103cede051dee9c9557c850a2defc6","bindings/nss_ssl.h":"af222fb957b989e392e762fa2125c82608a0053aff4fb97e556691646c88c335","bindings/nss_sslerr.h":"24b97f092183d8486f774cdaef5030d0249221c78343570d83a4ee5b594210ae","bindings/nss_sslopt.h":"b7807eb7abdad14db6ad7bc51048a46b065a0ea65a4508c95a12ce90e59d1eea","build.rs":"6c3e94359395cce5cb29bc0063ff930ffcd7edd50c040cb459acce6c80aa4ef4","min_version.txt":"7e98f86c69cddb4f65cf96a6de1f4297e3ce224a4c4628609e29042b6c4dcfb9","src/aead.rs":"fc42bc20b84d2e5ccfd56271ae2d2db082e55586ea2926470c102da177f22296","src/aead_null.rs":"3a553f21126c9ca0116c2be81e5a777011b33c159fd88c4f384614bbdb06bb2e","src/agent.rs":"0ef7b488480d12c01a122050e82809bc784443ef6277d75fce21d706fbf5eaaf","src/agentio.rs":"415f70b95312d3ee6d74ba6f28094246101ab6d535aa9df880c38d8bb5a9279e","src/auth.rs":"ced1a18f691894984244088020ea25dc1ee678603317f0c7dfc8b8842fa750b4","src/cert.rs":"8942cb3ce25a61f92b6ffc30fb286052ed6f56eeda3be12fd46ea76ceba6c1cf","src/constants.rs":"78df03f9209ff36279b75f88f6d3d15fed4a0fdd1f6edc8ea8100ed9ae34320f","src/ech.rs":"9d322fcc01c0886f1dfe9bb6273cb9f88a746452ac9a802761b1816a05930c1f","src/err.rs":"ae979f334604aba89640c4491262641910033f0bd790d58671f649f5039b291c","src/exp.rs":"cec59d61fc95914f9703d2fb6490a8507af993c9db710dde894f2f8fd38123c7","src/ext.rs":"cbf7d9f5ecabf4b8c9efd6c334637ab1596ec5266d38ab8d2d6ceae305283deb","src/hkdf.rs":"ef32f20e30a9bd7f094199536d19c87c4231b7fbbe4a9c54c70e84ca9c6575be","src/hp.rs":"644f1bed67f1c6189a67c8d02ab3358aaa7f63af4b913dd7395becbc01a84291","src/lib.rs":"f0d0b14c7330fa4040166953c4a428918ce78967fe500bfeaa5f2c10b64567b3","src/min_version.rs":"89b7ef6f9d2301db4f689f4d963b58375d577f705b92003a804048441e00cfd1","src/p11.rs":"704c5f164c4f195c8051c5bf1e69a912c34b613a8cf6bed5f577dc5674eea34e","src/prio.rs":"e5e169296c0ac69919c59fb6c1f8bd6bf079452eaa13d75da0edd41d435d3f6f","src/replay.rs":"96b7af8eff9e14313e79303092018b12e8834f780c96b8e247c497fdc680c696","src/result.rs":"0587cbb6aace71a7f9765ef7c01dcd9f73a49dcc6331e1d8fe4de2aef6ca65b6","src/secrets.rs":"4ffaa66f25df47dadf042063bff5953effa7bf2f4920cafe827757d6a659cb58","src/selfencrypt.rs":"b7cc1c896c7661c37461fc3a8bcbfdf2589433b907fa5f968ae4f6907704b441","src/ssl.rs":"c83baa5518b81dd06f2e4072ea3c2d666ccdeb8b1ff6e3746eea9f1af47023a6","src/time.rs":"c71a01ff8aa2c0e97fb16ad620df4ed6b7cc1819ff93f46634e2f1c9551627ec","tests/aead.rs":"e36ae77802df1ea6d17cfd1bd2178a3706089577d6fd1554ca86e748b8b235b9","tests/agent.rs":"824735f88e487a3748200844e9481e81a72163ad74d82faa9aa16594d9b9bb25","tests/ext.rs":"1b047d23d9b224ad06eb65d8f3a7b351e263774e404c79bbcbe8f43790e29c18","tests/handshake.rs":"e892a2839b31414be16e96cdf3b1a65978716094700c1a4989229f7edbf578a0","tests/hkdf.rs":"1d2098dc8398395864baf13e4886cfd1da6d36118727c3b264f457ee3da6b048","tests/hp.rs":"b24fec53771c169be788772532d2617a5349196cf87d6444dc74214f7c73e92c","tests/init.rs":"616313cb38eac44b8c71a1d23a52a7d7b4c7c07d4c20dc9ea6600c3317f92613","tests/selfencrypt.rs":"8d10840b41629bf449a6b3a551377315e8a05ca26c6b041548748196652c5909"},"package":null}
diff --git a/third_party/rust/neqo-crypto/src/constants.rs b/third_party/rust/neqo-crypto/src/constants.rs
index daef3d3c56..7e6823fd01 100644
--- a/third_party/rust/neqo-crypto/src/constants.rs
+++ b/third_party/rust/neqo-crypto/src/constants.rs
@@ -62,7 +62,7 @@ remap_enum! {
         TLS_GRP_EC_SECP384R1 = ssl_grp_ec_secp384r1,
         TLS_GRP_EC_SECP521R1 = ssl_grp_ec_secp521r1,
         TLS_GRP_EC_X25519 = ssl_grp_ec_curve25519,
-        TLS_GRP_KEM_XYBER768D00 = ssl_grp_kem_xyber768d00,
+        TLS_GRP_KEM_MLKEM768X25519 = ssl_grp_kem_mlkem768x25519,
     }
 }
 
diff --git a/third_party/rust/neqo-crypto/src/lib.rs b/third_party/rust/neqo-crypto/src/lib.rs
index 9b8a478294..cb94d1f32b 100644
--- a/third_party/rust/neqo-crypto/src/lib.rs
+++ b/third_party/rust/neqo-crypto/src/lib.rs
@@ -122,13 +122,6 @@ pub fn init() -> Res<()> {
 
         secstatus_to_res(unsafe { nss::NSS_NoDB_Init(null()) })?;
         secstatus_to_res(unsafe { nss::NSS_SetDomesticPolicy() })?;
-        secstatus_to_res(unsafe {
-            p11::NSS_SetAlgorithmPolicy(
-                p11::SECOidTag::SEC_OID_XYBER768D00,
-                p11::NSS_USE_ALG_IN_SSL_KX,
-                0,
-            )
-        })?;
 
         Ok(NssLoaded::NoDb)
     });
diff --git a/third_party/rust/neqo-transport/.cargo-checksum.json b/third_party/rust/neqo-transport/.cargo-checksum.json
index 79d2126b4a..a67d56971b 100644
--- a/third_party/rust/neqo-transport/.cargo-checksum.json
+++ b/third_party/rust/neqo-transport/.cargo-checksum.json
@@ -1 +1 @@
-{"files":{"Cargo.toml":"2c18e43bca0b6e963cd3c169ed4b1dbf21de7e420b71be1d9cf1bf1bfcaa8d01","benches/range_tracker.rs":"590dd1f81c92e89ce28af1efdda583d85240438bd9c4c68767286d22a299ad4b","benches/rx_stream_orderer.rs":"53a008357703251a18100521a12d8fa9443c5601ddc3cbd1b3c2899074da4c4f","benches/transfer.rs":"94eb0ec1a0a7d0a4863ddc1c6d006521e52c1f2e7f03c69428b18f7eb827d33f","build.rs":"78ec79c93bf13c3a40ceef8bba1ea2eada61c8f2dfc15ea7bf117958d367949c","src/ackrate.rs":"4bb882e1069a0707dc85338b75327e2910c93ee5f36575767a0d58c4c41c9d4f","src/addr_valid.rs":"03c0b2ff85254179c5d425b12acfdcc6b1ea5735aeb0f604b9b3603451b3ef0a","src/cc/classic_cc.rs":"bd4999f21b6b7d754c8694345f40d0e99c1c3caba3d23a90bd9eb12798ef4979","src/cc/cubic.rs":"24c6913cc6346e5361007221c26e8096ece51583431fc3ab9c99e4ce4b0a9f5d","src/cc/mod.rs":"8031ed3d37bf780dd1364114149b1a1327656e7f481768548ad77db7006daf60","src/cc/new_reno.rs":"25d0921005688e0f0666efd0a4931b4f8cd44363587d98e5b6404818c5d05dd4","src/cc/tests/cubic.rs":"25ee2c60549bb8b3c1e9a915f148928a26b3f1c51e5f7fe6b646a437f520954c","src/cc/tests/mod.rs":"44f8df551e742ae1037cd1cdb85b2c1334c2e5ab3c23ed63d856dbc6b8743afc","src/cc/tests/new_reno.rs":"3cd7373063a3afecb6dfae7894edf959641d87d3de55d4abfa7742cd115fa358","src/cid.rs":"9686a3070c593cfca846d7549863728e31211b304b9fa876220f79bff5e24173","src/connection/dump.rs":"bd4fb55785fe42f5c94f7bcc14ccf4ae377d28b691fb55dbf1139ae9412b0ea9","src/connection/idle.rs":"6f588bab950620df322033abea5f8a731f5b6d88cbe68694b69ab8acea0745ae","src/connection/mod.rs":"72ab734a8d368b2f2d430899a65f5a8c64a21d797a0c3e6d3e53666ef8e0e740","src/connection/params.rs":"38e0b47c8cc5fbe602e3174d7a70df410829bc240b42f21cebd10818e606ef7c","src/connection/saved.rs":"97eb19792be3c4d721057021a43ea50a52f89a3cfa583d3d3dcf5d9144b332f5","src/connection/state.rs":"b1d4bdda3479e7957d1949a969281ecd8a3d88f4fbaff6dcf7ebbb576759339c","src/connection/test_internal.rs":"f3ebfe97b25c9c716d41406066295e5aff4e96a3051ef4e2b5fb258282bbc14c","src/connection/tests/ackrate.rs":"4a2b835575850ae4a14209d3e51883ecb1e69afb44ef91b5e13a5e6cb7174fab","src/connection/tests/cc.rs":"d9a0f00a8f439c4ea8d4b6fa689fbde8bd283256afdd68ec4a27f6638b729704","src/connection/tests/close.rs":"5f245fd134bc0759ef0c83a6d53e0a8d5a8e58dcdf203c750ec9121940272461","src/connection/tests/datagram.rs":"7d89e5293d5b50c7a54c9b48949c2c4c8ef5dc08f3e7e5f51654586578d65602","src/connection/tests/ecn.rs":"3ff05893154fb6a895fe4453db7cc54684ba3bdf268a36b69c36c4070768d7b4","src/connection/tests/handshake.rs":"67a6f090ed89ef6c63129f7e662dc1cfff3f291711a866dff3d779caa40e51c7","src/connection/tests/idle.rs":"2d588bd6570172ca08974931273b6c4645af3edca9ccac78499d7d2d5ecec86c","src/connection/tests/keys.rs":"7c58b255e9732711e13f2a3e1daa13ac9481d8c919a32ca62e70c850845a6b38","src/connection/tests/migration.rs":"40d4feba9957de7eef7391009996016af1a3052fabc7659680b64796cf9fb8bf","src/connection/tests/mod.rs":"43b7745e9722333f7bc851c70ccdfdd1dc4da3991a4b821fac677664719e760f","src/connection/tests/null.rs":"38f76a4ea15e6b11634d4374cb0f2a68bd250e5d35831edfce0fa48deeaa420d","src/connection/tests/priority.rs":"dd3504f52d3fce7a96441624bc1c82c733e6bb556b9b79d24d0f4fb4efaf5a9e","src/connection/tests/recovery.rs":"7f28767f3cca2ff60e3dcfa803e12ef043486a222f54681a8faf2ea2fee564a1","src/connection/tests/resumption.rs":"1a0de0993cd325224fc79a3c094d22636d5b122ab1123d16265d4fafb23574bd","src/connection/tests/stream.rs":"3a6b23be63e1901ea479749d8132db86959279329121fe5d51b34c3fef4d4d05","src/connection/tests/vn.rs":"92f61cfe4ccbb88f4f7c14f0e791bdece5368012922714d3dbd6a75bedb1b5a1","src/connection/tests/zerortt.rs":"139f25b992ee6f7e3cc31448f81e511386bb3b0e6691180c7f616b70c4864883","src/crypto.rs":"a0ff9053a13350e34aec02241eb2ae3e86d9f5af21065d5b8d71b7b229e00ced","src/ecn.rs":"2e54e0a57842070a80da61315b601085876351ef0272eaf65b8a59e32ecc4db8","src/events.rs":"3cdd7d5496b2745626db4ceb863b5a91ae943090a43a5816a1f9bcf873fba2be","src/fc.rs":"c8d10909912b6770e644aaec02cff6f89f557d5f40a246aa86654cf88c91d26e","src/frame.rs":"4262717662f155e62bb29c9f0cac295bbae96076eb2d92c27052a35f979aa196","src/lib.rs":"a8ab9b2204d50a3b6f6c1250ed0d47daafaef00c040b93dfa3c60195eeb07624","src/pace.rs":"86a674ac4d086148ea297214910458c3705918bd627b996ba8bbb12f2c4bf99e","src/packet/mod.rs":"16385a097363d3af6452c6dcb7f14fbd86e410dd42fa59435c5beea1699f77e9","src/packet/retry.rs":"d5f999485f21b388a7383cd011fc6e96109c1a9fb5aef79b19017df6844271ff","src/path.rs":"6a49a8a1cad609873f2cacca6489ba1a7a18cf238f7b8f6df2d0b0923edde3fd","src/qlog.rs":"07ea3a3e31ebf3819d40ff0dc4e4a88861db59f761542e9bc2e9e773eb555242","src/quic_datagrams.rs":"3d33ecb9e6e80c77b812e8260fc807352300fb2305a29b797259ae34c52b67c5","src/recovery/mod.rs":"4b1e45db1793785cda67fe804d1e6bc99b5f1a3ed3ff0f82e8164bc0aab11f8e","src/recovery/sent.rs":"959b70ed80b1061acf36bdd007f2b1baefbc8647c3a315d6fbd317884757beca","src/recovery/token.rs":"c1e4190c6733afd2bf5e60060d8ba3ab9fb136e02252e2480b281871a54d6066","src/recv_stream.rs":"f21ae0bb786901bb7d726a94cb3352607b0057128beaa331808137f2f57a330b","src/rtt.rs":"4635dc0c401b78a1fd9d34da6f9bf7f6e7f5be3a57ed9716e0efc8f0f94f1e47","src/send_stream.rs":"5b12a5543dd55d0d506eb64f828883b9761722a1558f16ecb90ce5a43587a2ff","src/sender.rs":"043be47e97d050532f12a564e78605cff7ff23e07639ea06059ebd85e0748f2f","src/server.rs":"3ededa0afd5e6b6888fc5ac9ce48e35e12974c338c7985f2b840e9dc76af0062","src/stats.rs":"257ab1242ea2e6bfac0900e6c4bdad794bc67b666930323d24e022e46b9be82b","src/stream_id.rs":"fd07cbb81709a54bdb0659f676ef851cd145c004b817044ede5b21e54fdb60e4","src/streams.rs":"f2e393dc73cc85c8339cb94daf6a09d3bde4d33d820fd6623ddd6b3d727d5fd5","src/tparams.rs":"592f29c9e2d2a63ff68b024ce23274896ed8ae83192b76b91f5e2991246682cd","src/tracking.rs":"c8581318cd7be3ca94ef4482341cfc1fdb70f934966c63a69335cb0bf5bd292a","src/version.rs":"182484ed9ecc2e17cab73cc61914a86a2d206936cab313825ae76fd37eeade77","tests/common/mod.rs":"7f9437d5efc38f4b9cabfece575e9168580e78e8638f46e538de58607f46ebb8","tests/conn_vectors.rs":"997702f4d8b8fa3b987b33077a0eb325e968b25b61fb4703532f8d97e1d4c98c","tests/connection.rs":"1c14853d61dad5f228a3e1a0becebb0c6826405de59ff601f43d5cb2fdb3f8ea","tests/network.rs":"04921aa5af583e842e6d2176a898fbfea747e831bbe292b5ef8441eaf546b93a","tests/retry.rs":"ace4a0baa36f7218c9942abc2b45b58f8c2dbd2b6004b469751e41b50f6f99d0","tests/server.rs":"9724460d7ac2f9d6af94baf6b3cf950900ae489412edc55d62609bacfcf02b09"},"package":null}
\ No newline at end of file
+{"files":{"Cargo.toml":"2c18e43bca0b6e963cd3c169ed4b1dbf21de7e420b71be1d9cf1bf1bfcaa8d01","benches/range_tracker.rs":"590dd1f81c92e89ce28af1efdda583d85240438bd9c4c68767286d22a299ad4b","benches/rx_stream_orderer.rs":"53a008357703251a18100521a12d8fa9443c5601ddc3cbd1b3c2899074da4c4f","benches/transfer.rs":"94eb0ec1a0a7d0a4863ddc1c6d006521e52c1f2e7f03c69428b18f7eb827d33f","build.rs":"78ec79c93bf13c3a40ceef8bba1ea2eada61c8f2dfc15ea7bf117958d367949c","src/ackrate.rs":"4bb882e1069a0707dc85338b75327e2910c93ee5f36575767a0d58c4c41c9d4f","src/addr_valid.rs":"03c0b2ff85254179c5d425b12acfdcc6b1ea5735aeb0f604b9b3603451b3ef0a","src/cc/classic_cc.rs":"bd4999f21b6b7d754c8694345f40d0e99c1c3caba3d23a90bd9eb12798ef4979","src/cc/cubic.rs":"24c6913cc6346e5361007221c26e8096ece51583431fc3ab9c99e4ce4b0a9f5d","src/cc/mod.rs":"8031ed3d37bf780dd1364114149b1a1327656e7f481768548ad77db7006daf60","src/cc/new_reno.rs":"25d0921005688e0f0666efd0a4931b4f8cd44363587d98e5b6404818c5d05dd4","src/cc/tests/cubic.rs":"25ee2c60549bb8b3c1e9a915f148928a26b3f1c51e5f7fe6b646a437f520954c","src/cc/tests/mod.rs":"44f8df551e742ae1037cd1cdb85b2c1334c2e5ab3c23ed63d856dbc6b8743afc","src/cc/tests/new_reno.rs":"3cd7373063a3afecb6dfae7894edf959641d87d3de55d4abfa7742cd115fa358","src/cid.rs":"9686a3070c593cfca846d7549863728e31211b304b9fa876220f79bff5e24173","src/connection/dump.rs":"bd4fb55785fe42f5c94f7bcc14ccf4ae377d28b691fb55dbf1139ae9412b0ea9","src/connection/idle.rs":"6f588bab950620df322033abea5f8a731f5b6d88cbe68694b69ab8acea0745ae","src/connection/mod.rs":"72ab734a8d368b2f2d430899a65f5a8c64a21d797a0c3e6d3e53666ef8e0e740","src/connection/params.rs":"38e0b47c8cc5fbe602e3174d7a70df410829bc240b42f21cebd10818e606ef7c","src/connection/saved.rs":"97eb19792be3c4d721057021a43ea50a52f89a3cfa583d3d3dcf5d9144b332f5","src/connection/state.rs":"b1d4bdda3479e7957d1949a969281ecd8a3d88f4fbaff6dcf7ebbb576759339c","src/connection/test_internal.rs":"f3ebfe97b25c9c716d41406066295e5aff4e96a3051ef4e2b5fb258282bbc14c","src/connection/tests/ackrate.rs":"4a2b835575850ae4a14209d3e51883ecb1e69afb44ef91b5e13a5e6cb7174fab","src/connection/tests/cc.rs":"d9a0f00a8f439c4ea8d4b6fa689fbde8bd283256afdd68ec4a27f6638b729704","src/connection/tests/close.rs":"5f245fd134bc0759ef0c83a6d53e0a8d5a8e58dcdf203c750ec9121940272461","src/connection/tests/datagram.rs":"7d89e5293d5b50c7a54c9b48949c2c4c8ef5dc08f3e7e5f51654586578d65602","src/connection/tests/ecn.rs":"3ff05893154fb6a895fe4453db7cc54684ba3bdf268a36b69c36c4070768d7b4","src/connection/tests/handshake.rs":"67a6f090ed89ef6c63129f7e662dc1cfff3f291711a866dff3d779caa40e51c7","src/connection/tests/idle.rs":"2d588bd6570172ca08974931273b6c4645af3edca9ccac78499d7d2d5ecec86c","src/connection/tests/keys.rs":"7c58b255e9732711e13f2a3e1daa13ac9481d8c919a32ca62e70c850845a6b38","src/connection/tests/migration.rs":"40d4feba9957de7eef7391009996016af1a3052fabc7659680b64796cf9fb8bf","src/connection/tests/mod.rs":"43b7745e9722333f7bc851c70ccdfdd1dc4da3991a4b821fac677664719e760f","src/connection/tests/null.rs":"38f76a4ea15e6b11634d4374cb0f2a68bd250e5d35831edfce0fa48deeaa420d","src/connection/tests/priority.rs":"dd3504f52d3fce7a96441624bc1c82c733e6bb556b9b79d24d0f4fb4efaf5a9e","src/connection/tests/recovery.rs":"7f28767f3cca2ff60e3dcfa803e12ef043486a222f54681a8faf2ea2fee564a1","src/connection/tests/resumption.rs":"1a0de0993cd325224fc79a3c094d22636d5b122ab1123d16265d4fafb23574bd","src/connection/tests/stream.rs":"3a6b23be63e1901ea479749d8132db86959279329121fe5d51b34c3fef4d4d05","src/connection/tests/vn.rs":"92f61cfe4ccbb88f4f7c14f0e791bdece5368012922714d3dbd6a75bedb1b5a1","src/connection/tests/zerortt.rs":"139f25b992ee6f7e3cc31448f81e511386bb3b0e6691180c7f616b70c4864883","src/crypto.rs":"033db48824fa541db728b43f25d5852d4c4de735c35d89151336649dd8d2429a","src/ecn.rs":"2e54e0a57842070a80da61315b601085876351ef0272eaf65b8a59e32ecc4db8","src/events.rs":"3cdd7d5496b2745626db4ceb863b5a91ae943090a43a5816a1f9bcf873fba2be","src/fc.rs":"c8d10909912b6770e644aaec02cff6f89f557d5f40a246aa86654cf88c91d26e","src/frame.rs":"4262717662f155e62bb29c9f0cac295bbae96076eb2d92c27052a35f979aa196","src/lib.rs":"a8ab9b2204d50a3b6f6c1250ed0d47daafaef00c040b93dfa3c60195eeb07624","src/pace.rs":"86a674ac4d086148ea297214910458c3705918bd627b996ba8bbb12f2c4bf99e","src/packet/mod.rs":"16385a097363d3af6452c6dcb7f14fbd86e410dd42fa59435c5beea1699f77e9","src/packet/retry.rs":"d5f999485f21b388a7383cd011fc6e96109c1a9fb5aef79b19017df6844271ff","src/path.rs":"6a49a8a1cad609873f2cacca6489ba1a7a18cf238f7b8f6df2d0b0923edde3fd","src/qlog.rs":"07ea3a3e31ebf3819d40ff0dc4e4a88861db59f761542e9bc2e9e773eb555242","src/quic_datagrams.rs":"3d33ecb9e6e80c77b812e8260fc807352300fb2305a29b797259ae34c52b67c5","src/recovery/mod.rs":"4b1e45db1793785cda67fe804d1e6bc99b5f1a3ed3ff0f82e8164bc0aab11f8e","src/recovery/sent.rs":"959b70ed80b1061acf36bdd007f2b1baefbc8647c3a315d6fbd317884757beca","src/recovery/token.rs":"c1e4190c6733afd2bf5e60060d8ba3ab9fb136e02252e2480b281871a54d6066","src/recv_stream.rs":"f21ae0bb786901bb7d726a94cb3352607b0057128beaa331808137f2f57a330b","src/rtt.rs":"4635dc0c401b78a1fd9d34da6f9bf7f6e7f5be3a57ed9716e0efc8f0f94f1e47","src/send_stream.rs":"5b12a5543dd55d0d506eb64f828883b9761722a1558f16ecb90ce5a43587a2ff","src/sender.rs":"043be47e97d050532f12a564e78605cff7ff23e07639ea06059ebd85e0748f2f","src/server.rs":"3ededa0afd5e6b6888fc5ac9ce48e35e12974c338c7985f2b840e9dc76af0062","src/stats.rs":"257ab1242ea2e6bfac0900e6c4bdad794bc67b666930323d24e022e46b9be82b","src/stream_id.rs":"fd07cbb81709a54bdb0659f676ef851cd145c004b817044ede5b21e54fdb60e4","src/streams.rs":"f2e393dc73cc85c8339cb94daf6a09d3bde4d33d820fd6623ddd6b3d727d5fd5","src/tparams.rs":"592f29c9e2d2a63ff68b024ce23274896ed8ae83192b76b91f5e2991246682cd","src/tracking.rs":"c8581318cd7be3ca94ef4482341cfc1fdb70f934966c63a69335cb0bf5bd292a","src/version.rs":"182484ed9ecc2e17cab73cc61914a86a2d206936cab313825ae76fd37eeade77","tests/common/mod.rs":"7f9437d5efc38f4b9cabfece575e9168580e78e8638f46e538de58607f46ebb8","tests/conn_vectors.rs":"997702f4d8b8fa3b987b33077a0eb325e968b25b61fb4703532f8d97e1d4c98c","tests/connection.rs":"c6755968255fb68795d9f1ae4ece73d7b674d8616d3512757309efd2c42c39d1","tests/network.rs":"04921aa5af583e842e6d2176a898fbfea747e831bbe292b5ef8441eaf546b93a","tests/retry.rs":"ace4a0baa36f7218c9942abc2b45b58f8c2dbd2b6004b469751e41b50f6f99d0","tests/server.rs":"9724460d7ac2f9d6af94baf6b3cf950900ae489412edc55d62609bacfcf02b09"},"package":null}
diff --git a/third_party/rust/neqo-transport/src/crypto.rs b/third_party/rust/neqo-transport/src/crypto.rs
index aca76b8bb9..3bfe7057bc 100644
--- a/third_party/rust/neqo-transport/src/crypto.rs
+++ b/third_party/rust/neqo-transport/src/crypto.rs
@@ -21,7 +21,7 @@ use neqo_crypto::{
     TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_CT_HANDSHAKE,
     TLS_EPOCH_APPLICATION_DATA, TLS_EPOCH_HANDSHAKE, TLS_EPOCH_INITIAL, TLS_EPOCH_ZERO_RTT,
     TLS_GRP_EC_SECP256R1, TLS_GRP_EC_SECP384R1, TLS_GRP_EC_SECP521R1, TLS_GRP_EC_X25519,
-    TLS_GRP_KEM_XYBER768D00, TLS_VERSION_1_3,
+    TLS_GRP_KEM_MLKEM768X25519, TLS_VERSION_1_3,
 };
 
 use crate::{
@@ -78,9 +78,10 @@ impl Crypto {
         ])?;
         match &mut agent {
             Agent::Server(c) => {
-                // Clients do not send xyber shares by default, but servers should accept them.
+                // Clients do not send mlkem768x25519 shares by default, but servers should accept
+                // them.
                 c.set_groups(&[
-                    TLS_GRP_KEM_XYBER768D00,
+                    TLS_GRP_KEM_MLKEM768X25519,
                     TLS_GRP_EC_X25519,
                     TLS_GRP_EC_SECP256R1,
                     TLS_GRP_EC_SECP384R1,
diff --git a/third_party/rust/neqo-transport/tests/connection.rs b/third_party/rust/neqo-transport/tests/connection.rs
index 35167d0abd..7f9304e9c8 100644
--- a/third_party/rust/neqo-transport/tests/connection.rs
+++ b/third_party/rust/neqo-transport/tests/connection.rs
@@ -279,12 +279,12 @@ fn overflow_crypto() {
 }
 
 #[test]
-fn test_handshake_xyber() {
+fn handshake_mlkem768x25519() {
     let mut client = default_client();
     let mut server = default_server();
 
     client
-        .set_groups(&[neqo_crypto::TLS_GRP_KEM_XYBER768D00])
+        .set_groups(&[neqo_crypto::TLS_GRP_KEM_MLKEM768X25519])
         .ok();
     client.send_additional_key_shares(0).ok();
 
@@ -293,10 +293,10 @@ fn test_handshake_xyber() {
     assert_eq!(*server.state(), State::Confirmed);
     assert_eq!(
         client.tls_info().unwrap().key_exchange(),
-        neqo_crypto::TLS_GRP_KEM_XYBER768D00
+        neqo_crypto::TLS_GRP_KEM_MLKEM768X25519
     );
     assert_eq!(
         server.tls_info().unwrap().key_exchange(),
-        neqo_crypto::TLS_GRP_KEM_XYBER768D00
+        neqo_crypto::TLS_GRP_KEM_MLKEM768X25519
     );
 }