Hello,
I don't think we should go back to signing with PKCS#1 v1.5 in TLSv1.3.
I'm opposed to including those two IDs:
mldsa44_rsa_pkcs1_sha256 (0x090C),
mldsa65_rsa_pkcs1_sha384 (0x090D),
Theoretically we could require the RSA part to still make PSS signatures
but I think that would be rather hard on the cryptographic backends...
So I'd rather not have them.
On Sunday, 3 November 2024 01:07:34 CET, tirumal reddy wrote:
Hi all,
The draft
https://datatracker.ietf.org/doc/draft-tls-reddy-composite-mldsa/
specifies how ML-DSA in combination with traditional algorithms
can be used for authentication in TLS 1.3.
Comments and suggestions are welcome.
Regards,
- Tiru
---------- Forwarded message ---------
From: <internet-dra...@ietf.org>
Date: Sun, 3 Nov 2024 at 05:33
Subject: New Version Notification for draft-tls-reddy-composite-mldsa-00.txt
To: Tirumaleswar Reddy.K <kond...@gmail.com>, John Gray
<john.g...@entrust.com>, Scott Fluhrer <sfluh...@cisco.com>,
Timothy Hollebeek <tim.holleb...@digicert.com>
A new version of Internet-Draft draft-tls-reddy-composite-mldsa-00.txt has
been successfully submitted by Tirumaleswar Reddy and posted to the
IETF repository.
Name: draft-tls-reddy-composite-mldsa
Revision: 00
Title: Use of Composite ML-DSA in TLS 1.3
Date: 2024-11-02
Group: Individual Submission
Pages: 8
URL:
https://www.ietf.org/archive/id/draft-tls-reddy-composite-mldsa-00.txt
Status: https://datatracker.ietf.org/doc/draft-tls-reddy-composite-mldsa/
HTML:
https://www.ietf.org/archive/id/draft-tls-reddy-composite-mldsa-00.html
HTMLized:
https://datatracker.ietf.org/doc/html/draft-tls-reddy-composite-mldsa
Abstract:
This document specifies how the post-quantum signature scheme ML-DSA
[FIPS204], in combination with traditional algorithms RSA-
PKCS#1v1.5,RSA-PSS, ECDSA, Ed25519, and Ed448 can be used for
authentication in TLS 1.3. The composite ML-DSA approach is
beneficial in deployments where operators seek additional protection
against potential breaks or catastrophic bugs in ML-DSA.
The IETF Secretariat
--
Regards,
Alicja (nee Hubert) Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org