Missing MLDSA44_BrainPool256 from algorithm combinations

lamps-wg / draft-composite-sigs

IETF Internet-Draft about X.509 certificates with composite keys and signatures.

Other

3 stars 1 forks source link

Missing MLDSA44_BrainPool256 from algorithm combinations #62

Closed opencrypto closed 4 weeks ago

opencrypto commented 1 month ago

In the latest version of the draft where RSA4096 was added seems to be missing the low-level combination for BrainPool curves (MLDSA44 with BrainPool256R1). Shall it be added back?

opencrypto commented 1 month ago

Also the corresponding domain separator is missing.

danvangeest commented 1 month ago

Neither BSI nor ANSSI approve MLDSA44 for use. If I understand correctly, BrainPool is included for them. So if MLDSA44 with BrainPool256R1 is added I don't think it will be used.

janklaussner commented 4 weeks ago

I agree with @danvangeest, and also look at openpgp wg: https://datatracker.ietf.org/meeting/120/materials/slides-120-openpgp-pqc-with-nist-and-brainpool-curves-00.pdf

johngray-dev commented 4 weeks ago

Based on the comments, I don't think we need this. We want to align as much with others as possible, and adding another combination means more OIDs and no point adding it unless we know someone that wants this one.

johngray-dev commented 4 weeks ago

Group agreed to close... We will not add this combination