IETF Logo Mail Archive

[lamps] Re: WG Last Call: draft-ietf-lamps-pq-composite-sigs-08 (Ends 2025-10-06)

David Hook <dgh@bouncycastle.org> Tue, 21 October 2025 13:45 UTC

Return-Path: <dgh@bouncycastle.org>
X-Original-To: spasm@mail2.ietf.org
Delivered-To: spasm@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id A3E087985455 for <spasm@mail2.ietf.org>; Tue, 21 Oct 2025 06:45:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=bouncycastle.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sU_zfcNWi3Tz for <spasm@mail2.ietf.org>; Tue, 21 Oct 2025 06:45:47 -0700 (PDT)
Received: from h1.out3.mxs.au (h1.out3.mxs.au [110.232.143.237]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 6575D7985442 for <spasm@ietf.org>; Tue, 21 Oct 2025 06:45:46 -0700 (PDT)
Received: from s02ae.syd5.hostingplatform.net.au (s02ae.syd5.hostingplatform.net.au [43.250.142.130]) by out3.mxs.au (Halon) with ESMTPS (TLSv1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 id 33e2fcec-ae84-11f0-8a46-00163c573069 for <spasm@ietf.org>; Wed, 22 Oct 2025 00:45:27 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bouncycastle.org; s=default; h=In-Reply-To:From:References:To:Subject: MIME-Version:Date:Message-ID:Content-Type:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=C+2GdSRC5KjwKAQn/2zMY30h/l5ffEtGcdi0ih0bFOs=; b=Arn8DnJ6W0eINpD8f//OHk3x9p 0npSWp2qp2YxaIrMAVaa+w7tuSdWhSiFDqChYrAISR/tP31DWfmI4B0bqzebrDBaN8TZ/MaL2FXGh 0ZiJPrbPN4yLYcukHJ5We0enauS6D+hU27RmWZ7CuI3uGCxSuphrQ8MiaE/BRLsSfEXPelyXzwg48 DCb0mC8oBbXGB1yhBarMRenTLZef4mQ8aQdRchTxv1dLZNpJ2hi3ILH4ZzZSddKKknaXQPxwLnIQu RnB6VzBpRfsKoVkUYZQxQ2+6TklKTW9D29PgYyYY2n/0UyT1gjK5Xgq5nmlWdtNTGTLv976fUXfmo QK3eNwGA==;
Received: from [152.115.56.98] (port=47458 helo=[192.168.129.210]) by s02ae.syd5.hostingplatform.net.au with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.1) (envelope-from <dgh@bouncycastle.org>) id 1vBCg3-00000002d1V-0fud for spasm@ietf.org; Wed, 22 Oct 2025 00:45:27 +1100
Content-Type: multipart/alternative; boundary="------------IML3nCe3XAB8Vm645RyTtF3M"
Message-ID: <dd2732b8-7546-4a09-9143-dabe6e964ed1@bouncycastle.org>
Date: Wed, 22 Oct 2025 00:45:24 +1100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: spasm@ietf.org
References: <175855620751.648048.16646357165291761730@dt-datatracker-6c6cdf7f94-h6rnn> <A2A9D21F-EF4D-4F1F-81A2-7552A883BE4B@vigilsec.com> <C1ABC7C4-F718-4B12-8C1A-E1AA0135FC1B@vigilsec.com> <701BF3EE-57FC-4B17-80C2-30AA138836CB@vigilsec.com> <55bfe95f-9086-42d6-bbfd-005fbe783331@bouncycastle.org> <6708600F-60D6-4021-A53C-8C03478302B6@vigilsec.com> <2FADE50D-2A66-470C-B47A-EB823C1C5902@vigilsec.com> <CAKZgXHqgGJeXVJcYfvkKe1gSpDWyjsg6=2Pqq+NXHOpfhP-Rkg@mail.gmail.com> <04309dd9-5b00-4b7f-a3e8-f8a1c25a412c@amongbytes.com> <7A7CFE14-F909-4862-BD40-FC708161B2BD@redhoundsoftware.com> <CAKZgXHqWmz+CcdyuwphXuG3jjaLM1v+vZBP-ZhEn-=ozyutNFA@mail.gmail.com>
Content-Language: en-US
From: David Hook <dgh@bouncycastle.org>
In-Reply-To: <CAKZgXHqWmz+CcdyuwphXuG3jjaLM1v+vZBP-ZhEn-=ozyutNFA@mail.gmail.com>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - s02ae.syd5.hostingplatform.net.au
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bouncycastle.org
X-Get-Message-Sender-Via: s02ae.syd5.hostingplatform.net.au: authenticated_id: dgh@bouncycastle.org
X-Authenticated-Sender: s02ae.syd5.hostingplatform.net.au: dgh@bouncycastle.org
X-Source:
X-Source-Args:
X-Source-Dir:
Message-ID-Hash: PSHSETQ772LNQ6JP277G6XVTWWBWETTZ
X-Message-ID-Hash: PSHSETQ772LNQ6JP277G6XVTWWBWETTZ
X-MailFrom: dgh@bouncycastle.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-spasm.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [lamps] Re: WG Last Call: draft-ietf-lamps-pq-composite-sigs-08 (Ends 2025-10-06)
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/63rBAhvGnll5HNbt5y8L09Zky4Y>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Owner: <mailto:spasm-owner@ietf.org>
List-Post: <mailto:spasm@ietf.org>
List-Subscribe: <mailto:spasm-join@ietf.org>
List-Unsubscribe: <mailto:spasm-leave@ietf.org>

Thank you Russ and Mike.

So I've migrated, to the new set of test vectors on github, two things 
some of the vectors fail as they have the old OIDs.

They all seem to be in MLDSA65:

id-MLDSA65-RSA4096-PKCS15-SHA512
id-MLDSA65-ECDSA-P256-SHA512
id-MLDSA65-ECDSA-P384-SHA512
id-MLDSA65-ECDSA-brainpoolP256r1-SHA512

This one also fails:

id-MLDSA65-RSA4096-PSS-SHA512

it might be a label issue though (algorithm found, but test vector fails 
to verify).

One other thing I've noticed the naming for ECDSA for the labels is 
inconsistent between MLDSA44 and the others, with the others ECDSA is 
dropped from the label, should COMPSIG-MLDSA44-ECDSA-P256-SHA256 
actually be COMPSIG-MLDSA44-P256-SHA256? I wouldn't say it's a 
showstopper, just looks a bit odd with the others though.

Thanks,

David

On 22/10/25 00:27, Mike Ounsworth wrote:
> Thanks Watson, Kris, and Carl. Version -13 incoming.
>
> On Tue, 21 Oct 2025 at 08:15, Carl Wallace <carl@redhoundsoftware.com> 
> wrote:
>
>     FWIW, I verified the self-signed certs from the JSON test vectors
>     except for brainpool and ed448 artifacts.
>
>     *From: *Kris Kwiatkowski <kris=40amongbytes.com@dmarc.ietf.org>
>     *Date: *Tuesday, October 21, 2025 at 4:36 AM
>     *To: *<spasm@ietf.org>
>     *Subject: *[lamps] Re: WG Last Call:
>     draft-ietf-lamps-pq-composite-sigs-08 (Ends 2025-10-06)
>
>     Looks good,
>     Congrats!
>
>       ╭──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
>
>       │                                                                                                                                                                                          │
>
>       │ oid_verification.txt +25 -0                                                                                                                                                              │
>
>       │ /tmp                                                                                                                                                                                     │
>
>       │                                                                                                                                                                                          │
>
>       │  1 + OID VERIFICATION REPORT                                                                                                                                                             │
>
>       │  2 + ======================                                                                                                                                                              │
>
>       │  3 +                                                                                                                                                                                     │
>
>       │  4 + Russ's List vs. Draft Files Comparison:                                                                                                                                             │
>
>       │  5 +                                                                                                                                                                                     │
>
>       │  6 + 37    id-MLDSA44-RSA2048-PSS-SHA256✓ MATCH - algParams.md line 2, dumpasn1.cfg line 45                                                                                      │
>
>       │  7 + 38    id-MLDSA44-RSA2048-PKCS15-SHA256✓ MATCH - algParams.md line 12, dumpasn1.cfg line 49                                                                                      │
>
>       │  8 + 39    id-MLDSA44-Ed25519-SHA512✓ MATCH - algParams.md line 21, dumpasn1.cfg line 53                                                                                         │
>
>       │  9 + 40    id-MLDSA44-ECDSA-P256-SHA256✓ MATCH - algParams.md line 29, dumpasn1.cfg line 57                                                                                      │
>
>       │ 10 + 41    id-MLDSA65-RSA3072-PSS-SHA512✓ MATCH - algParams.md line 38, dumpasn1.cfg line 61                                                                                     │
>
>       │ 11 + 42    id-MLDSA65-RSA3072-PKCS15-SHA512✓ MATCH - algParams.md line 48, dumpasn1.cfg line 65                                                                                      │
>
>       │ 12 + 43    id-MLDSA65-RSA4096-PSS-SHA512✓ MATCH - algParams.md line 57, dumpasn1.cfg line 69                                                                                     │
>
>       │ 13 + 44    id-MLDSA65-RSA4096-PKCS15-SHA512✓ MATCH - algParams.md line 67, dumpasn1.cfg line 73                                                                                      │
>
>       │ 14 + 45    id-MLDSA65-ECDSA-P256-SHA512✓ MATCH - algParams.md line 76, dumpasn1.cfg line 77                                                                                      │
>
>       │ 15 + 46    id-MLDSA65-ECDSA-P384-SHA512✓ MATCH - algParams.md line 85, dumpasn1.cfg line 81                                                                                      │
>
>       │ 16 + 47    id-MLDSA65-ECDSA-brainpoolP256r1-SHA512✓ MATCH - algParams.md line 94, dumpasn1.cfg line 85                                                                               │
>
>       │ 17 + 48    id-MLDSA65-Ed25519-SHA512✓ MATCH - algParams.md line 103, dumpasn1.cfg line 89                                                                                        │
>
>       │ 18 + 49    id-MLDSA87-ECDSA-P384-SHA512✓ MATCH - algParams.md line 111, dumpasn1.cfg line 93                                                                                     │
>
>       │ 19 + 50    id-MLDSA87-ECDSA-brainpoolP384r1-SHA512✓ MATCH - algParams.md line 120, dumpasn1.cfg line 97                                                                              │
>
>       │ 20 + 51    id-MLDSA87-Ed448-SHAKE256✓ MATCH - algParams.md line 129, dumpasn1.cfg line 101                                                                                       │
>
>       │ 21 + 52    id-MLDSA87-RSA3072-PSS-SHA512✓ MATCH - algParams.md line 137, dumpasn1.cfg line 105                                                                                   │
>
>       │ 22 + 53    id-MLDSA87-RSA4096-PSS-SHA512✓ MATCH - algParams.md line 147, dumpasn1.cfg line 109                                                                                   │
>
>       │ 23 + 54    id-MLDSA87-ECDSA-P521-SHA512✓ MATCH - algParams.md line 157, dumpasn1.cfg line 113                                                                                    │
>
>       │ 24 +                                                                                                                                                                                     │
>
>       │ 25 + RESULT: ALL 18 OIDs FROM RUSS'S LIST ARE CORRECTLY PRESENT IN THE DRAFT FILES
>
>     _______________________________________________ Spasm mailing list
>     -- spasm@ietf.org To unsubscribe send an email to
>     spasm-leave@ietf.org
>
>     _______________________________________________
>     Spasm mailing list -- spasm@ietf.org
>     To unsubscribe send an email to spasm-leave@ietf.org
>
>
> _______________________________________________
> Spasm mailing list --spasm@ietf.org
> To unsubscribe send an email tospasm-leave@ietf.org

v2.37.1 | Report a Bug | By Email | System Status