This work is meant to provide an open standard for implementing composite keys and signatures that can be used to enhance current PKI deployments with multiple keys/algorithms in a single certificate and signatures created with the certificate.
One of the most pressing problems in today's cryptography is the possibility to combine algorithms to provide:
- a path to upgrade to "future" algorithms that can be deployed today to protect long-lived data (e.g., BlockChain, Firmware, Document Signing, Revocation Information, etc.)
- a way to combine different algorithms to leverage the security characteristics to provide more resiliant trust infrastructures that can withstand the test of time
- a framework that is capable of addressing today's and future needs (e.g., a required building block for the deployment of hybrid infrastructures that support "traditional" and "Quantum Resistant" algorithms)
This work is meant to provide an open standard for implementing composite keys and signatures that can be used to enhance current PKI deployments with multiple keys/algorithms in a single certificate and signatures created with the certificate.
In order to get involved, please write directly to the current maintainer of the repository. As soon as we will have other forums for the discussion (we plan to submit the document as an Internet Draft at the IETF), we will add the information for participating to the discussion.
This work is sposored and supported by CableLabs
To correctly use references even when not online, you can include the references directly. To retrieve a complete reference for an RFC, you can use the browser and go to:
https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.<XXXX>.xml
where XXXX is the number of the RFC. The retrieved XML can be directly included in the XML source file instead of adding a single &XXXX; reference in the references section