Thanks Daniel. https://github.com/tlswg/tls-mldsa/pull/26
On Fri, Apr 10, 2026 at 5:21 AM Daniel Van Geest <daniel.vangeest= [email protected]> wrote: > I have read the draft. > > I have one pedantic request: > > 3.2. Handshake signature > > When one of those SignatureScheme values is used in a > CertificateVerify message, then the signature MUST be computed and > verified as specified in Section 4.4.3 of [RFC8446], and the > corresponding end-entity certificate MUST use the corresponding > AlgorithmIdentifier from Table 1. > > > The corresponding end-entity certificate is using the corresponding > AlgorithmIdentifier **in the SubjectPublicKeyInfo** (because whether it's > used as the signatureAlgorithm is orthogonal to the handshake signature), > but I think this text should be explicit. > > I suppose this same comment applies to the heading row of Table 1, > "Certificate AlgorithmIdentifier" could be "Certificate SPKI > AlgorithmIdentifier". > > ML-DSA uses the same OID for public keys as for signature algorithms, so > it is important to specify which is being referred to. > > Apart from this, I think the draft is ready for publication. > > Daniel > > ------------------------------ > *From:* Sean Turner <[email protected]> > *Sent:* Thursday, April 9, 2026 8:30 PM > *To:* TLS List <[email protected]> > *Subject:* [TLS] Working Group Last Call for Use of ML-DSA in TLS 1.3 > > This is the working group last call for Use of ML-DSA in TLS 1.3. Please > review draft-ietf-tls-mldsa [1] and reply to this thread indicating if you > think it is ready for publication or not. If you do not think it is ready > please indicate why. This call will end on April 23, 2026. > > REMINDER: If you have not done so recently, review the TLS WG's Mail List > Procedures; see [2]. > > The Chairs, > Deirdre, Joe, and Sean > > [1] https://datatracker.ietf.org/doc/draft-ietf-tls-mldsa/ > [2] https://mailarchive.ietf.org/arch/msg/tls/ucdImHExlbOf4Q3BCG81gjzi2xE/ > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
