Adds rationale for use of SHA512 with MLDSA-44 in CMS section.

Closes #98
lamps-wg · Jan 29, 2025 · 9de5130 · 9de5130
1 parent 6d0a5b8
commit 9de5130
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/draft-ietf-lamps-pq-composite-sigs.md b/draft-ietf-lamps-pq-composite-sigs.md
@@ -1218,7 +1218,7 @@ where:
 
 # Use in CMS
 
-\[EDNOTE: The convention in LAMPS is to specify algorithms and their CMS conventions in separate documents. Here we have presented them in the same document, but this section has been written so that it can easily be moved to a standalone document.\]
+\[EDNOTE: The convention in LAMPS is to specify algorithms and their CMS conventions in separate documents. Here we have presented them in the same document, but this section has been written so that it can easily be moved to a stand-alone document.\]
 
 Composite Signature algorithms MAY be employed for one or more recipients in the CMS signed-data content type [RFC5652].
 
@@ -1251,6 +1251,8 @@ where:
 
 * SHA2 instantiations are defined in [FIPS180].
 
+Note: The rationale for using SHA512 with id-MLDSA44-Ed25519 is that RFC8032 explicitly defines SHA512 as hash algorithm for Ed25519.
+
 Note:  The Hash ML-DSA Composite identifiers are not included in this list because the message content is already digested before being passed to the Composite-ML-DSA.Sign() function.
 
 ## SignedData Conventions