From 9de51302a488459339b345aeebd14bbda8563396 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klau=C3=9Fner?= Date: Wed, 29 Jan 2025 11:29:14 +0100 Subject: [PATCH] Adds rationale for use of SHA512 with MLDSA-44 in CMS section. Closes #98 --- draft-ietf-lamps-pq-composite-sigs.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/draft-ietf-lamps-pq-composite-sigs.md b/draft-ietf-lamps-pq-composite-sigs.md index d12f4aa..e7397d5 100644 --- a/draft-ietf-lamps-pq-composite-sigs.md +++ b/draft-ietf-lamps-pq-composite-sigs.md @@ -1218,7 +1218,7 @@ where: # Use in CMS -\[EDNOTE: The convention in LAMPS is to specify algorithms and their CMS conventions in separate documents. Here we have presented them in the same document, but this section has been written so that it can easily be moved to a standalone document.\] +\[EDNOTE: The convention in LAMPS is to specify algorithms and their CMS conventions in separate documents. Here we have presented them in the same document, but this section has been written so that it can easily be moved to a stand-alone document.\] Composite Signature algorithms MAY be employed for one or more recipients in the CMS signed-data content type [RFC5652]. @@ -1251,6 +1251,8 @@ where: * SHA2 instantiations are defined in [FIPS180]. +Note: The rationale for using SHA512 with id-MLDSA44-Ed25519 is that RFC8032 explicitly defines SHA512 as hash algorithm for Ed25519. + Note: The Hash ML-DSA Composite identifiers are not included in this list because the message content is already digested before being passed to the Composite-ML-DSA.Sign() function. ## SignedData Conventions