Thanks for publishing this draft, Orie. It makes it clear what the treatment
for ML-DSA would look like if we choose to support both the seed and expanded
private key representations.
I do question whether COSE and JOSE need both representations. What is the use
case for needing to support the expanded private key representation for COSE
and JOSE?
I know why LAMPS did it - for HSMs signing X.509 certificates. But that use
case doesn't apply to COSE or JOSE.
Should we back this out and support only the seed representation and have that
be the “priv” value, as it was in previous drafts?
Discussion requested.
Thanks,
-- Mike
From: Orie Steele <[email protected]>
Sent: Tuesday, April 1, 2025 11:13 AM
To: [email protected]
Subject: [COSE] Re: I-D Action: draft-ietf-cose-dilithium-06.txt
This version includes the changes to support both "seeds" and "expanded private
keys".
I have also updated the code that generates the examples to give a sense of
impact to implementations, have a look here:
https://github.com/cose-wg/draft-ietf-cose-dilithium/pull/18
Thanks to Ilari, Simo and Mike Jones for comments on this version.
I believe there are still some concerns regarding the proposed text, but having
-06 to argue over is better than looking at the editors draft in github.
Regards,
OS
On Tue, Apr 1, 2025 at 1:10 PM
<[email protected]<mailto:[email protected]>> wrote:
Internet-Draft draft-ietf-cose-dilithium-06.txt is now available. It is a work
item of the CBOR Object Signing and Encryption (COSE) WG of the IETF.
Title: ML-DSA for JOSE and COSE
Authors: Michael Prorock
Orie Steele
Rafael Misoczki
Michael Osborne
Christine Cloostermans
Name: draft-ietf-cose-dilithium-06.txt
Pages: 19
Dates: 2025-04-01
Abstract:
This document describes JSON Object Signing and Encryption (JOSE) and
CBOR Object Signing and Encryption (COSE) serializations for Module-
Lattice-Based Digital Signature Standard (ML-DSA), a Post-Quantum
Cryptography (PQC) digital signature scheme defined in FIPS 204.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-cose-dilithium/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-cose-dilithium-06.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-cose-dilithium-06
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
COSE mailing list -- [email protected]<mailto:[email protected]>
To unsubscribe send an email to [email protected]<mailto:[email protected]>
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
