Re: [lamps] Can ML-DSA be used in CMS?
Mike Ounsworth <Mike.Ounsworth@entrust.com> Tue, 13 February 2024 17:48 UTC
Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8CC7C15153F; Tue, 13 Feb 2024 09:48:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.705
X-Spam-Level:
X-Spam-Status: No, score=-2.705 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uhUZfyr_Au8H; Tue, 13 Feb 2024 09:48:07 -0800 (PST)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5C86C14F6BE; Tue, 13 Feb 2024 09:48:06 -0800 (PST)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 41DHRTaw006945; Tue, 13 Feb 2024 11:48:04 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=mail1; bh=LJCLqzdKilpD9zN6se4at7ZI AO2EAswVIiXxoNcXTYI=; b=jR9KK8hQV5s+lFdJ96WmhelTAVf193dEUjsGkBFr +YD8lOC2YVvglzeJc8xF2bN7wGWl2qWp+tO40A3R4JWH028cKKJ1ern1rWslC9Db MwkYhrj12BYqz4rh9sb8cme7s97EeEv/d1xnpJoNejZd4ZiKPzLHIIh1hkcamdO0 /2MaltjdtpbpsDaLyD6WFbCtWPa+rn6n+fN2Cn9PeXsQmpYA4VWkSY0QbXGKtioe 67EXlQZSvKQo1X1VQUgLstFeSfSczJOl9rOf0//HRk8k/7+8L20pIs8wBFUcubxy KpldMtoXTjWZVZF4i7rJldGM6aiFX8yiHbTrXuJ4UI3/8g==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2101.outbound.protection.outlook.com [104.47.58.101]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3w66q3gj9m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 13 Feb 2024 11:48:04 -0600 (CST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DGWRspDqzEQr/wQR6sg5kE4Df1pW7xlo7Yz4Je6CWvK0RUR0eZW5FdOTuH353LvmwNPTugHIXBvUtw/oEvPPYWVniW0AJjOxkaqMi0rw8ghuYS+kS0YkrjWZg/JmIdT5TLf+G99D2V1Ch7J7JgQKXp7UoTs3h6787YC88u+PnOVB9qCazjiVwo3K1ERavqnt5iQ7wwLePkV8/3GnK13y4+G4CflJ0s/rthoJFR4oXE/clT2D90DqOY4iOtnPyKnQZpcn8mZZftgRYxVX/A7irWD7kcxgpam7k2qFCrmVUYmQPPJhpHBOd1iqah+0vn2x/pJYRNSkpps/XaOMkSzpZw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H5oZPw4mtottubrFmjzvCZFvq/C715Pb3ACzqqhwTRk=; b=PQkJh7EaAnUI2QnRWniH0mi5ntxoUBaw4mfyrRc2sJXGUzkcFBhWdWiG3YVGsNmxmEPEQUBQT7PqSXnqJ4kQDMvD0u/GgcAk8cMNS/bAS2sRIm5Tk1V1hzibIXrZeg8AXNq///g5rVliejpHhftEFQxQ/IEtiIIXslLAoTj1StL2MsN7muoC40xYoKtKecq3ifijimxqhgGQGCYOYLEPjh0Wlu/CZUYPMjyq13i3ttwyAku04/G6s95NG2xgu+OZfth+YGMtcdzJjlX2IYcCddGbzDYr88Hg9NNY28vvj8ZBlq2W3rMsHnSyMTHhrkDCSvWt5cAEFyk1QK+LtONa7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by PH8PR11MB6999.namprd11.prod.outlook.com (2603:10b6:510:221::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7270.35; Tue, 13 Feb 2024 17:48:00 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::d401:ba56:87f2:7eb8]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::d401:ba56:87f2:7eb8%6]) with mapi id 15.20.7270.033; Tue, 13 Feb 2024 17:48:00 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Wai Choi <wchoi@us.ibm.com>, "draft-ietf-lamps-dilithium-certificates@ietf.org" <draft-ietf-lamps-dilithium-certificates@ietf.org>
CC: 'LAMPS' <spasm@ietf.org>
Thread-Topic: [lamps] Can ML-DSA be used in CMS?
Thread-Index: AdpegWJS6kfqw04TR4e1AUBBNJk9wgABOqaAAAQ7hZAAAx9kgAAADbCQ
Date: Tue, 13 Feb 2024 17:47:59 +0000
Message-ID: <CH0PR11MB57395631F1C3257E644A90399F4F2@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <CH0PR11MB5739AF8408E1669FB9EF912A9F4F2@CH0PR11MB5739.namprd11.prod.outlook.com> <MW3PR15MB404385AF5F6D6F86A030A200814F2@MW3PR15MB4043.namprd15.prod.outlook.com> <CH0PR11MB57397A403786F929D27312B69F4F2@CH0PR11MB5739.namprd11.prod.outlook.com> <MW3PR15MB40438805497E74A0B492960F814F2@MW3PR15MB4043.namprd15.prod.outlook.com>
In-Reply-To: <MW3PR15MB40438805497E74A0B492960F814F2@MW3PR15MB4043.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|PH8PR11MB6999:EE_
x-ms-office365-filtering-correlation-id: 6b30b27c-c2e3-4d7b-452e-08dc2cbbeb6d
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ZgHopY2qbDEIEyh+SKuHkKtlf7t+OpWssv2Of7QOU8/+jlZOyKQ30mMd6cIysugVBs6leK6qa672YX4alAmmihLrFUi1rwxJsRM3vsh3LjSmfb2SrmKZk9f5kek4RRpbPf2T0HgNSKoYlLjiqTQmeSxm5msGA5C1QewJRSzHbgtz/TEqLbw/MmYAFpwzOBPtuXwL9kih4TrtzmoRqCSOM1JL4crE98B2C+3NgvriJsutXO8hGpWfvnCr9j5Dzyv6vrdRfWPnEYlyr6Iii3w8c1vLt2aU136TDcKfDkJeXiZDi26ys49AB7+w41t8+z9XDylYlFg+4334jQeVVNHNpp60U79ymUVXTzYT2XvxUYpyfWQqdSglNRBHQNJXHa0++wspCgH3sRIjmppzw3VzNgdpIj5CcAHkZIpUiKQ59A8a5HpYh/wmCaKsDtcKLJIDppu/TyhNfigqu9LywsoFK/iGya6LCoz0wKpzotmM19HceQwH/x4087KOXpQy4RFU0zPre7tmk+PgVgOK1T4DBquMAj03A+8wXiVMlH0LmKeypffAMNQUgNngAXJkNC7mb41BL+S3A1h6keDfBNwDujHLs5OlGiu3WetQTFybybA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(39850400004)(376002)(396003)(136003)(366004)(346002)(230922051799003)(230273577357003)(186009)(64100799003)(451199024)(1800799012)(71200400001)(26005)(41300700001)(55016003)(5660300002)(2906002)(4326008)(66476007)(52536014)(66556008)(66946007)(66446008)(64756008)(8936002)(76116006)(8676002)(478600001)(110136005)(38070700009)(9686003)(53546011)(966005)(316002)(6506007)(7696005)(83380400001)(86362001)(38100700002)(122000001)(166002)(33656002)(99936003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wxo7AXx3iXBr9UlYGSnVhPj04g5XJP3Cb+FH1n2zvZcVXvEAcft8KkfemwgO3jqdR7erSJA3Gty6B4HaLtSsyxVn0fK2O1PI2TJiAT7iY7cf6d6e2upDDIEr9ov65H6PcAuI+qJJwfskU4IMuEa0OU0UFcP0dUrnep7wdg4h4XxgZLaNqTR7ZLBklxmB5CoHeLlcHu4KCML2nEiugKVO2ZX3AEGkvQDVNY+cr6p3i85zygyN5E5BjnuwgmP0NMQlgpM5PYLdxLVWTpLtROPdnVyAKTMrHm2jW2rwbPlONgUw23Ur88E3nTJZo50iWArIXXFcsuD4FepvBDY3j1MO/dZ2JwyqOfXoa1iBkCpEbpnuITOYwhKNIea+oK1B1dS5TFhy1fkNHss9+h7R3mAMWoN6Ll7HPs1xHn2yfp/VHX61fBbjZOIxI1UfePiDJQCtXrpVtW32Vopoxfc4d5YKouBxF2BBUDIo6onTPHkk98QBeLqBzpwaFO0gNLxmLA/qkr2CUaRjUDEDRXf6g+Gmm+T/AN76nuZHiclz9y12bs/Y2BwLDXGMfK31LibUI8R+LVcktioRewnzibB9a+uO0CtJo7S+NJCKHh/rfP4lxECL4Ia2J1iAZuIIKYwHcOF+kq5lLlHs1UAZFoT7lckGdUpDZgHqJl+xBxAU2Ma2E5vMwWWN/P0UX3upTl3f2L7uYsffwbKI6Zdir6wAvVTgcDA49YYqVtF6XZ+TvZAzYM2CHkronCcO/GaOfAYSDLCRhhZfUbM8BAgVKJd7Q+npXlN3BlMzkfZXxRDk7rZrbX9Toq4kKHf15u2SBNpE3+OHkgpjhLdfAEOA78uFOfbsFEKFpk+ibXE4UVPt6Pq9PYSk3VX7AHsnUxgvKF84mIBLPZAPqkIPs4AcEmtRG4BwRBIuu9D2Fr2ClQa6mAV3lfyXYUDDlwTmzwJLz2JmvfI247gA+Hxr5taNSLBs3nkS5KJtaKjQFrhlncdFeS23FyReihXW/qNDf4k32f60KoULeqP9v6tv19zAra6buMj4lJOIgbnK9ioIcO1aIo+p0zn9joepky3wIG9U7tOW/5VaVGb8X++6MLk3Gjbp8BEIwEbDIGyP0CmnESEjrb2pYUu+ETfC20N1lOdbijYj6gfASWo19I64GkrHfY5M6VnGIt5/UzmzigE8aPYgWdSNtBmxodBRkuznBHjkaUslUJLottND9arOs51lIDSIpTqONZnuhBotMbtG8AQ9eUBsFrQduIHc/b6DEVqfrj/gNvBcKdvq7wSIqzelUR3CetSpzzOrloIkqyMpRnnaLKvIArGqWXirt6PBizVIXa4X6MmNTUuAyp8QhF8Kkopwsln3G6eWA1wJ7ZUc0dTWeGGSu0pL8yeKgj4uXtF1J1MEies25xfaJW9Jf6hRsrtmDM2SM1NvcqQ/NxxX/6Dn9de2sVlEbjdFqOwbejlYXHYMus77Sc1AruHYsLEW9G25cxMPmeN4Q8b4yGkrWNso+b1DtLAUhGve2HZQWcn3yA8jnhAJhBQHe4cPk3Cn1wlBqk4PVxnYE9rIonVBjqN9gd29ZWZVe5r9ARpRG2TQJa1ys/sR
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_08F3_01DA5E72.7D695A30"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6b30b27c-c2e3-4d7b-452e-08dc2cbbeb6d
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Feb 2024 17:48:00.0022 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: BTtbzJdYa9jeve+2VpCSHT6o2Qo7wwEQ5qiPrqZ2KC2OQFIsb1fiJZxNgEwicSSa1bzwBqOSTIfU5DiuiSCtdwOxkvTINMdabwWWhdkXXWI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR11MB6999
X-Proofpoint-ORIG-GUID: Ar2ciOSvW2rM2xDWDSyxukQ5uKTUWjrS
X-Proofpoint-GUID: Ar2ciOSvW2rM2xDWDSyxukQ5uKTUWjrS
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-13_10,2024-02-12_03,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 phishscore=0 clxscore=1015 suspectscore=0 adultscore=0 malwarescore=0 impostorscore=0 priorityscore=1501 bulkscore=0 mlxscore=0 mlxlogscore=999 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2401310000 definitions=main-2402130140
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/UfqJ5vkYQVWRG2OsERKWwP4P2wE>
Subject: Re: [lamps] Can ML-DSA be used in CMS?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Feb 2024 17:48:11 -0000
Hi Wai Choi, Answers inline tagged with [[MO]]. --- Mike Ounsworth From: Wai Choi <wchoi@us.ibm.com> Sent: Tuesday, February 13, 2024 11:40 AM To: Mike Ounsworth <Mike.Ounsworth@entrust.com>; draft-ietf-lamps-dilithium-certificates@ietf.org Cc: 'LAMPS' <spasm@ietf.org> Subject: [EXTERNAL] RE: [lamps] Can ML-DSA be used in CMS? Mike, Thanks for the pointer to Kyber. My first question is: Can a certificate with PQ signature algorithm contains a non PQ public key, for example, signature is ML-DSA, but public key is X25519. Seems your answer is for self-signed certificate, Mike, Thanks for the pointer to Kyber. My first question is: Can a certificate with PQ signature algorithm contains a non PQ public key, for example, signature is ML-DSA, but public key is X25519. Seems your answer is for self-signed certificate, right? [[MO]] I think I misunderstood your question. I thought you were asking whether we would register separate OIDs for public key algorithms vs signature algorithms. [[MO]] RFC5280 does not require that SubjectPublicKeyInfo.algorithm and signatureAlgorithm be the same, and I am not aware of any other technical restriction that would prevent you from signing the public key of one algorithm with a different algorithm (other than, as you note, the self-signed case). For the second question, I don't quite understand the example Root:LMS, ICA: Dilithium, EE: ECDSA. Are LMS, Dilithium, ECDSA referring to the signature algorithms on the Root, ICA, EE certificates respectively? If so, that implies the ICA has ECC key to create the ECDSA signature? In other words, this example illustrates ICA has low value since it does not use quantum safe key, and we can't tell whether EE has low value since we don't know what public key is on the certificate. [[MO]] Sorry for not being clear; I meant the SubjectPublicKeyInfo in the Root would be LMS; the SubjectPublicKeyInfo in the ICA would be Dilithium (and it would carry an LMS signature), and the SubjectPublicKeyInfo in the EE would be ECC and it would carry a Dilithium signature. [[MO]] Again, this is just an example of something that may make sense in some specific case, therefore, in my opinion, the IETF should not block it. Wai Choi From: Mike Ounsworth <Mike.Ounsworth@entrust.com <mailto:Mike.Ounsworth@entrust.com> > Sent: Tuesday, February 13, 2024 11:23 AM To: Wai Choi <wchoi@us.ibm.com <mailto:wchoi@us.ibm.com> >; draft-ietf-lamps-dilithium-certificates@ietf.org <mailto:draft-ietf-lamps-dilithium-certificates@ietf.org> Cc: 'LAMPS' <spasm@ietf.org <mailto:spasm@ietf.org> > Subject: [EXTERNAL] RE: [lamps] Can ML-DSA be used in CMS? Hi Wai Choi, We do already have a draft for Kyber in CMS. Please see: https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-kyber/ <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-ietf-lamp s-cms-kyber/__;!!FJ-Y8qCqXTj2!cMQNKvtV9_9h9onqgOmMtVPUsl0nmpi8Zv_QBBtPD_TnFV OXaisbzSIKbWEFaWjmRecuCVgkEE3qqkx9-Q$> (it is very out-of-date; we are working on a massive update and will have it published before 119). To your other questions: > 1. Although it makes sense to have PQ algorithms on both Signature Algorithm and Public key Algorithm, is it a MUST requirement? I think the approach that we are taking with the new PQC algorithms is to use the same OID for both the Public Key Algorithm, and for the Signature Algorithm. This approach worked will for Ed25519, E448, x25519, x448, and it avoids cross-protocol attacks where a single key can be used for multiple different cryptographic schemes. Was that your question? > 2. Does the whole chain of certificates need to use PQ algorithms? My personal opinion is that this is out-of-scope for IETF. I believe that IETF should specify the technical wire formats, and issue such as whether you are allowed to mix-and-match algorithms up a single certificate chain (and which algorithms are allowed to be mixed, and whether certificate lifetime comes into play, etc) are policy issues and thus outside the scope of IETF to specify. As an example, I could imagine PKI scenarios where the PKI as a whole has high value, but individual end entity keys have low value. For example smartcards serving as low-value gift cards for a restaurant chain, or a backend TLS deployment where TLS Client and Server certs renew every 7 days. In those scenarios, I think it could be totally reasonable to deploy a PKI as: Root: LMS, ICA: Dilithium, EE: ECDSA. So I don't think that the IETF should make any opinion here. --- Mike Ounsworth From: Wai Choi <wchoi@us.ibm.com <mailto:wchoi@us.ibm.com> > Sent: Tuesday, February 13, 2024 8:10 AM To: Mike Ounsworth <Mike.Ounsworth@entrust.com <mailto:Mike.Ounsworth@entrust.com> >; draft-ietf-lamps-dilithium-certificates@ietf.org <mailto:draft-ietf-lamps-dilithium-certificates@ietf.org> Cc: 'LAMPS' <spasm@ietf.org <mailto:spasm@ietf.org> > Subject: [EXTERNAL] RE: [lamps] Can ML-DSA be used in CMS? Do we need a draft to address how to use Kyber in X.509 certificate? While having a certificate used for signing is common, one used for email encryption is not rare. Wonder why all the discussion focuses on signing only. Other basic questions on PQ certificates: 1. Although it makes sense to have PQ algorithms on both Signature Algorithm and Public key Algorithm, is it a MUST requirement? 2. Does the whole chain of certificates need to use PQ algorithms? Wai Choi From: Mike Ounsworth <Mike.Ounsworth@entrust.com <mailto:Mike.Ounsworth@entrust.com> > Sent: Tuesday, February 13, 2024 8:37 AM To: draft-ietf-lamps-dilithium-certificates@ietf.org <mailto:draft-ietf-lamps-dilithium-certificates@ietf.org> Cc: 'LAMPS' <spasm@ietf.org <mailto:spasm@ietf.org> > Subject: [lamps] Can ML-DSA be used in CMS? The answer obviously is Yes, but draft-ietf-lamps-dilithium-certificates does not actually say this. I was reading a draft ICAO ePassport document yesterday that correctly points out that IETF has a draft for how to use ML-DSA into X.509 certificates, but no draft for how to use ML-DSA in CMS. Authors of draft-ietf-lamps-dilithium-certificates, if you add a section "Signed-data Conventions" modelled after RFC8419, then I think that saves us from needing a whole second ML-DSA draft. --- Mike Ounsworth Software Security Architect, Entrust
- [lamps] Can ML-DSA be used in CMS? Mike Ounsworth
- Re: [lamps] Can ML-DSA be used in CMS? Wai Choi
- Re: [lamps] Can ML-DSA be used in CMS? Mike Ounsworth
- Re: [lamps] Can ML-DSA be used in CMS? Wai Choi
- Re: [lamps] Can ML-DSA be used in CMS? Mike Ounsworth
- Re: [lamps] Can ML-DSA be used in CMS? Sean Turner
- Re: [lamps] Can ML-DSA be used in CMS? Wai Choi
- Re: [lamps] Can ML-DSA be used in CMS? Kampanakis, Panos
- Re: [lamps] Can ML-DSA be used in CMS? Mike Ounsworth
- [lamps] SLH-DSA in CMS/X.509 Daniel Van Geest
- Re: [lamps] [EXTERNAL] SLH-DSA in CMS/X.509 Mike Ounsworth
- Re: [lamps] [EXTERNAL] SLH-DSA in CMS/X.509 Ira McDonald
- Re: [lamps] [EXTERNAL] SLH-DSA in CMS/X.509 Kousidis, Stavros
- Re: [lamps] SLH-DSA in CMS/X.509 Kampanakis, Panos
- Re: [lamps] Can ML-DSA be used in CMS? Michael Prorock