From 70ce429eb67d4a18eeafa8a0b887db8e49e4bd02 Mon Sep 17 00:00:00 2001 From: Sean Turner Date: Tue, 15 Oct 2024 14:30:00 -0400 Subject: [PATCH] Tweak Key Encoding Text Tweaking the key encoding text to match text from other LAMP I-Ds. --- draft-ietf-lamps-kyber-certificates.md | 30 +++++++++++++++----------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md index d1d4b7e..069b3cf 100644 --- a/draft-ietf-lamps-kyber-certificates.md +++ b/draft-ietf-lamps-kyber-certificates.md @@ -216,9 +216,21 @@ certificate extension MUST only contain keyEncipherment CERT-KEY-USAGE { keyEncipherment } --- PRIVATE-KEY no ASN.1 wrapping -- } + + ML-KEM-PublicKey ::= OCTET STRING + + ML-KEM-PrivateKey ::= OCTET STRING ~~~ +No additional encoding of the ML-KEM public key value is applied in +the SubjectPublicKeyInfo field of an X.509 certificate {{RFC5280}}. +However, whenever the ML-KEM public key value appears outside of a +certificate, it MAY be encoded as an OCTET STRING. +No additional encoding of the ML-KEM private key value is applied in +the PrivateKeyInfo field of an Asymmetric Key Package {{RFC5958}}. +However, whenever the ML-KEM private key value appears outside of a +Asymmetric Key Package, it MAY be encoded as an OCTET STRING.