search

lamps-wg / dilithium-certificates

I-D that describes the algorithm identifiers for NIST's PQC ML-DSA for use in the Internet X.509 Public Key Infrastructure
Other
7 stars 7 forks source link

'88 or '21 ASN.1 #15

Closed seanturner closed 4 months ago

seanturner commented 4 months ago

In looking at the ML-KEM and ML-DSA I-Ds, they both include the AlgorithmIdentifier syntax for convenience. ML-DSA uses the '88 syntax and ML-KEM uses the '21 syntax:

ML-DSA:

 AlgorithmIdentifier  ::=  SEQUENCE  {
     algorithm   OBJECT IDENTIFIER,
     parameters  ANY DEFINED BY algorithm OPTIONAL
 }

ML-KEM:

AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::=
  SEQUENCE {
    algorithm   ALGORITHM-TYPE.&id({AlgorithmSet}),
    parameters  ALGORITHM-TYPE.
                &Params({AlgorithmSet}{@algorithm}) OPTIONAL
  }

We should pick one for both. I prefer the later syntax because '88 was almost 40 years ago.

jakemas commented 4 months ago

Merged in https://github.com/lamps-wg/dilithium-certificates/pull/16