[Rpm-maint] [rpm-software-management/rpm] Add new signature headers for Post Quantum Signatures (Issue #3363)
Simo Sorce
notifications at github.com
Tue Oct 8 17:39:29 UTC 2024
Cryptographic support will not be an issue, we already have support in OpenSSL via liboqs+oqs-provider and OpenSSL will natively integrate ML-KEM / ML-DSA / SLH-DSA in due time.
Nettle has a ML-KEM implementation and is receiving a ML-DSA one.
We will need two distinct signature packets to make the packages usable on older systems that do not have support for the newest v6 formats, while allowing to add PQ signatures for those that can use them.
The classic signature will need to continue using the current v4 format to attain this goal. Binding the signatures is not a goal.
SLH-DSA is attractive because the math is solid and it is less "risky", but we'll need to be flexible, and may even need to add multiple PQ signatures for wider compatibility and risk management.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3363#issuecomment-2400457593
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/3363/2400457593 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241008/0d575d05/attachment.html>
More information about the Rpm-maint
mailing list