add implementation considerations section to address gap between seri…

…alization format and APIs in FIPS 203
lamps-wg · Nov 19, 2024 · 17e27cc · 17e27cc
1 parent 6d5894d
commit 17e27cc
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md
@@ -310,6 +310,14 @@ in this section.
 {{example-private}} contains examples for ML-KEM private keys
 encoded using the textual encoding defined in {{?RFC7468}}.
 
+# Implementation Considerations
+
+Though section 7.1 of {{FIPS203}} mentions the potential to save seed values for future expansion, Algorithm 19 does not make the seed values available to a caller for serialization.
+Similarly, the algorithm that expands seed values is not listed as one of the "main algorithms" and features "internal" in the name.
+Below are possible ways to extend the APIs defined in {{FIPS203}} to support serialization of seed values as private keys.
+
+To support serialization of seed values as private keys, Algorithm 19 in {{FIPS203}} should return (ek, dk, d, z) on line 7 and Algorithm 16 should be promoted to be a "main algorithm" for external use in expanding seed values.
+
 # Security Considerations
 
 The Security Considerations section of {{RFC5280}} applies to this