Hi all, We have posted -10 of draft-reddy-tls-composite-mldsa to address comments from the WG: https://author-tools.ietf.org/iddiff?url2=draft-reddy-tls-composite-mldsa-10
Main changes from -09: - Clarified that composite ML-DSA is treated as an opaque signature algorithm by TLS. The SignatureScheme names mirror the algorithm names in draft-ietf-lamps-pq-composite-sigs; TLS implementers do not need to be aware of the internal composite construction details. - Added Appendix A explaining why code point registration alone is insufficient. - Added Appendix B addressing the API complexity concern. Further comments and suggestions are welcome. Best Regards, -Tiru ---------- Forwarded message --------- From: <[email protected]> Date: Thu, 14 May 2026 at 12:21 Subject: New Version Notification for draft-reddy-tls-composite-mldsa-10.txt To: Tirumaleswar Reddy.K <[email protected]>, Daniel Van Geest < [email protected]>, John Gray <[email protected]>, Scott Fluhrer <[email protected]>, Timothy Hollebeek < [email protected]> A new version of Internet-Draft draft-reddy-tls-composite-mldsa-10.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-reddy-tls-composite-mldsa Revision: 10 Title: Use of Composite ML-DSA in TLS 1.3 Date: 2026-05-14 Group: Individual Submission Pages: 14 URL: https://www.ietf.org/archive/id/draft-reddy-tls-composite-mldsa-10.txt Status: https://datatracker.ietf.org/doc/draft-reddy-tls-composite-mldsa/ HTML: https://www.ietf.org/archive/id/draft-reddy-tls-composite-mldsa-10.html HTMLized: https://datatracker.ietf.org/doc/html/draft-reddy-tls-composite-mldsa Diff: https://author-tools.ietf.org/iddiff?url2=draft-reddy-tls-composite-mldsa-10 Abstract: Compositing the post-quantum ML-DSA signature with traditional signature algorithms provides protection against potential breaks or critical bugs in ML-DSA or the ML-DSA implementation. This document specifies how such a composite signature can be formed using ML-DSA with RSA-PKCS#1 v1.5, RSA-PSS, ECDSA, Ed25519, and Ed448 to provide authentication in TLS 1.3, including use in certificates. The IETF Secretariat
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
