Network Working Group C. Bonnell Internet-Draft DigiCert Intended status: Standards Track J. Gray Expires: 2 December 2023 Entrust D. Hook KeyFactor T. Okubo DigiCert M. Ounsworth Entrust 31 May 2023 A Mechanism for Encoding Differences in Paired Certificates draft-bonnell-lamps-chameleon-certs-00 Abstract This document specifies a method to efficiently convey the differences between two certificates in an X.509 version 3 extension. This method allows a relying party to extract information sufficient to construct the paired certificate and perform certification path validation using the constructed certificate. In particular, this method is especially useful as part of a key or signature algorithm migration, where subjects may be issued multiple certificates containing different public keys or signed with different CA private keys or signature algorithms. This method does not require any changes to the certification path validation algorithm as described in RFC 5280. Additionally, this method does not violate the constraints of serial number uniqueness for certificates issued by a single certification authority. About This Document This note is to be removed before publishing as an RFC. The latest revision of this draft can be found at https://CBonnell.github.io/chameleon-certs/draft-bonnell-lamps- chameleon-certs.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-bonnell-lamps- chameleon-certs/. Discussion of this document takes place on the Limited Additional Mechanisms for PKIX and SMIME (lamps) Working Group mailing list (mailto:spasm@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/spasm/. Subscribe at https://www.ietf.org/mailman/listinfo/spasm/. Bonnell, et al. Expires 2 December 2023 [Page 1] Internet-Draft A Mechanism for Encoding Differences in May 2023 Source for this draft and an issue tracker can be found at https://github.com/CBonnell/chameleon-certs. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 2 December 2023. Copyright Notice Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions and Definitions . . . . . . . . . . . . . . . . . 4 2.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 4 3. Relationship between Base Certificates and Delta Certificates . . . . . . . . . . . . . . . . . . . . . . 4 4. Delta certificate descriptor extension . . . . . . . . . . . 6 4.1. Delta certificate descriptor content . . . . . . . . . . 6 4.2. Issuing a Base Certificate . . . . . . . . . . . . . . . 7 4.3. Reconstructing a Delta Certificate from a Base Certificate . . . . . . . . . . . . . . . . . . . . . . . 8 5. Delta certificate request content and semantics . . . . . . . 9 Bonnell, et al. Expires 2 December 2023 [Page 2] Internet-Draft A Mechanism for Encoding Differences in May 2023 5.1. Creating a certification signing request for Paired Certificates . . . . . . . . . . . . . . . . . . . . . . 10 6. Security Considerations . . . . . . . . . . . . . . . . . . . 11 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 8. Normative References . . . . . . . . . . . . . . . . . . . . 12 Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 12 Appendix B. Examples . . . . . . . . . . . . . . . . . . . . . . 14 B.1. Root certificates . . . . . . . . . . . . . . . . . . . . 14 B.1.1. EC P-521 root certificate . . . . . . . . . . . . . . 14 B.1.2. Dilithium root certificate . . . . . . . . . . . . . 18 B.2. Algorithm migration example . . . . . . . . . . . . . . . 26 B.2.1. Dilithium signing end-entity certificate . . . . . . 27 B.2.2. EC signing end-entity certificate with encoded Delta Certificate . . . . . . . . . . . . . . . . . . . . . 32 B.3. Dual use example . . . . . . . . . . . . . . . . . . . . 39 B.3.1. EC signing end-entity certificate . . . . . . . . . . 39 B.3.2. EC dual use end-entity certificate with encoded Delta Certificate . . . . . . . . . . . . . . . . . . . . . 43 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 47 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 47 1. Introduction In certain public key infrastructures, it is common to issue multiple certificates to a single subject. In particular, as part of an algorithm migration, multiple certificates may be issued to a single subject which convey public keys of different types or are signed with different signature algorithms. In cases where relying party systems cannot be immediately updated to support new algorithms, it is useful to issue certificates to subjects that convey public keys whose algorithm is being phased out to maintain interoperability. However, multiple certificates adds complexity to certificate management and exposes limitations in applications and protocols that support a single certificate chain. For this reason, it is useful to efficiently convey information concerning the elements of two certificates within a single certificate. This information can then be used to construct the paired certificate as needed by relying parties. This document specifies an X.509 v3 certificate extension that includes sufficient information for a relying party to construct both paired certificates with a single certificate. This method does not require any changes to the certification path validation algorithm as described in [RFC5280]. Additionally, this method does not violate the constraints of serial number uniqueness for certificates issued by a single certification authority. Bonnell, et al. Expires 2 December 2023 [Page 3] Internet-Draft A Mechanism for Encoding Differences in May 2023 In addition to the certificate extension, this document specifies two PKCS #10 Certification Signing Request attributes that can be used by applicants to request Paired Certificates using a single PKCS #10 Certification Signing Request. 2. Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2.1. Definitions For conciseness, this document defines several terms that are frequently used throughout. Base Certificate: A X.509 v3 certificate which contains a delta certificate descriptor extension. DCD: An acronym meaning "Delta Certificate descriptor", which is a reference to the X.509 v3 certificate extension defined in this document. Delta Certificate: A X.509 v3 certificate which can be reconstructed by incorporating the fields and extensions contained in a Base Certificate. Paired Certificates: A Base Certificate and the corresponding Delta Certificate whose information is encoded in the Base Certificate's DCD extension. 3. Relationship between Base Certificates and Delta Certificates In some public key infrastructures, it may be common to issue multiple certificates to the same subject. These certificates generally contain the same (or substantially similar) identity information and generally have identical validity periods. The differences in certificate content generally stem from the certification of different keys, where the named subject may have multiple keys of different algorithms certified by separate certificates. The use of different keys allows for the subject to use the key that is most appropriate for a given operation and intended recipient. For example, as part of an ongoing algorithm migration, it is useful to use stronger algorithms when both of the systems utilized by the subscriber/sender and recipient have been upgraded. However, in the case where systems have not yet been Bonnell, et al. Expires 2 December 2023 [Page 4] Internet-Draft A Mechanism for Encoding Differences in May 2023 updated, the use of a legacy key algorithm may be required. Additionally, multiple certificates may be issued to the same subject that certify keys for different purposes, such as one key for signing and another key for encryption. The management of multiple certificates may be complex, and there may be limitations in protocols regarding the handling of multiple certificate chains. To account for these concerns, this document proposes a method to efficiently encode the differences between two certificates with sufficient information such that a relying party can derive the complete certificate from another. For the purposes of this document, the "Base Certificate" contains its own fields and extensions and additionally includes an extension that conveys all differences contained within the paired certificate. The certificate whose elements which differ from the Base Certificate and are captured in the Delta Certificate descriptor extension of the Base Certificate is known as the "Delta Certificate". Delta Certificates are reconstructed from the Base Certificate either on the sender's side or the recipient's side depending on the protocol and application(s) in use. The sender may elect to send the Base Certificate or the Delta Certificate based on information that it has about what the recipient can process. Similarly, the client may send either the Base Certificate or the Delta Certificate based on what the server can process. This assures backwards compatibility as the certificate sent to the peer (server or client) is chosen based on what it can process. The negotiation on which certificate to use is out-of-scope of this document and is deferred to each protocol and application. In the absence of information concerning the capabilities of the peer, it is unknown whether it understands the DCD extension in the Base Certificate. When the recipient does not understand the DCD extension, it only processes the information within the Base Certificate and ignores the information found in a non-critical DCD extension. If the recipient receives a Base Certificate and is capable of processing the DCD extension, then it may reconstruct the Delta Certificate to be used for processing. In a protocol, the sender may perform a cryptographic operation with the key conveyed within the Base Certificate. If it understands the DCD extension, then it may reconstruct the Delta Certificate and choose to perform the same operation with the key conveyed within the DCD extension. This behavior is deferred to the software in use. Bonnell, et al. Expires 2 December 2023 [Page 5] Internet-Draft A Mechanism for Encoding Differences in May 2023 4. Delta certificate descriptor extension The Delta Certificate descriptor ("DCD") extension is used to reconstruct the Delta Certificate by incorporating both the fields and extensions present in the Base Certificate as well as the information contained within the extension itself. Certification authorities SHOULD NOT mark this extension as critical so that applications that do not understand the extension will still be able to process the Base Certificate. 4.1. Delta certificate descriptor content The DCD extension is identified with the following object identifier: (TODO: replace this temporary OID) id-ce-deltaCertificateDescriptor OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027) 80 6 1 } The ASN.1 syntax of the extension is as follows: DeltaCertificateDescriptor ::= SEQUENCE { serialNumber CertificateSerialNumber, signature [0] IMPLICIT AlgorithmIdentifier {SIGNATURE_ALGORITHM, {...}} OPTIONAL, issuer [1] IMPLICIT Name OPTIONAL, validity [2] IMPLICIT Validity OPTIONAL, subject [3] IMPLICIT Name OPTIONAL, subjectPublicKeyInfo SubjectPublicKeyInfo, extensions [4] IMPLICIT Extensions{CertExtensions} OPTIONAL, signatureValue BIT STRING } The serialNumber field MUST be present and contain the serial number of the Delta Certificate. If present, the signature field specifies the signature algorithm used by the issuing certification authority to sign the Delta Certificate. If the signature field is absent, then the value of the signature field of the Base Certificate and Delta Certificate is equal. Bonnell, et al. Expires 2 December 2023 [Page 6] Internet-Draft A Mechanism for Encoding Differences in May 2023 If present, the issuer field specifies the distinguished name of the issuing certification authority which signed the Delta Certificate. If the issuer field is absent, then the distinguished name of the issuing certification authority for both the Base Certificate and Delta Certificate is the same. If present, the validity field specifies the validity period of the Delta Certificate. If the validity field is absent, then the validity period of both the Base Certificate and Delta Certificate is the same. If present, the subject field specifies the distinguished name of the named subject as encoded in the Delta Certificate. If the subject field is absent, then the distinguished name of the named subject for both the Base Certificate and Delta Certificate is the same. The subjectPublicKeyInfo field contains the public key included in the Delta Certificate. The value of this field MUST differ from the value of the subjectPublicKeyInfo field of the Base Certificate. In other words, the Base Certificate and Delta Certificate MUST certify different keys. If present, the extensions field contains the extensions whose criticality and/or value are different in the Delta Certificate compared to the Base Certificate. If the extensions field is absent, then all extensions in the Delta Certificate MUST have the same criticality and value as the Base Certificate. This field MUST NOT contain any extension types which do not appear in the Base Certificate. Additionally, the Base Certificate SHALL NOT include any extensions which are not included in the Delta Certificate, with the exception of the DCD extension itself. Therefore, it is not possible to add or remove extensions using the DCD extension. The ordering of extensions in this field MUST be relative to the ordering of the extensions as they are encoded in the Delta Certificate. Maintaining this relative ordering ensures that the Delta Certificate's extensions can be constructed with a single pass. The signatureValue field contains the value of the signature field of the Delta Certificate. It MUST be present. 4.2. Issuing a Base Certificate The signature of the Delta Certificate must be known so that its value can be included in the signatureValue field of the delta certificate descriptor extension. Given this, Delta Certificate will necessarily need to be issued prior to the issuance of the Base Certificate. Bonnell, et al. Expires 2 December 2023 [Page 7] Internet-Draft A Mechanism for Encoding Differences in May 2023 After the Delta Certificate is issued, the certification authority compares the signature, issuer, validity, subject, subjectPublicKeyInfo, and extensions fields of the Delta Certificate and the to-be-signed certificate which will contain the DCD extension. The certification authority then populates the DCD extension with the values of the fields which differ from the Base Certificate. The CA MUST encode extensions in the Base Certificate in the same order used for the Delta Certificate, with the exception of the DCD extension itself. The certification authority then adds the computed DCD extension to the to-be-signed Base Certificate and signs the Base Certificate. 4.3. Reconstructing a Delta Certificate from a Base Certificate The following procedure describes how to reconstruct a Delta Certificate from a Base Certificate: 1. Create an initial Delta Certificate template by copying the Base Certificate excluding the DCD extension. 2. Replace the value of the serialNumber field of the Delta Certificate template with the value of the DCD extension's serialNumber field. 3. If the DCD extension contains a value for the signature field, then replace the value of the signature field of the Delta Certificate template with the value of the DCD extension's signature field. 4. If the DCD extension contains a value for the issuer field, then replace the value of the issuer field of the Delta Certificate template with the value of the DCD extension's issuer field. 5. If the DCD extension contains a value for the validity field, then replace the value of the validity field of the Delta Certificate template with the value of the DCD extension's validity field. 6. Replace the value of the subjectPublicKeyInfo field of the Delta Certificate template with the value of the DCD extension's subjectPublicKeyInfo field. 7. If the DCD extension contains a value for the subject field, then replace the value of the subject field of the Delta Certificate template with the value of the DCD extension's subject field. Bonnell, et al. Expires 2 December 2023 [Page 8] Internet-Draft A Mechanism for Encoding Differences in May 2023 8. If the DCD extension contains a value for the extensions field, then iterate over the DCD extension's "extensions" field, replacing the criticality and/or extension value of each identified extension in the Delta Certificate template. If any extension is present in the field that does not appear in the Delta Certificate template, then this reconstruction process MUST fail. 9. Replace the value of the signature field of the Delta Certificate template with the value of the DCD extension's signatureValue field. 5. Delta certificate request content and semantics Using the two attributes that are defined below, it is possible to create Certification Signing Requests for both Base and Delta Certificates within a single PKCS #10 Certificate Signing Request. The delta certificate request attribute is used to convey the requested differences between the request for issuance of the Base Certificate and the requested Delta Certificate. The attribute is identified with the following object identifier: (TODO: replace this temporary OID) id-at-deltaCertificateRequest OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027) 80 6 2 } The ASN.1 syntax of the attribute is as follows: DeltaCertificateRequestValue ::= SEQUENCE { subject [0] IMPLICIT Name OPTIONAL, subjectPKInfo SubjectPublicKeyInfo, extensions [1] IMPLICIT Extensions{CertExtensions} OPTIONAL, signatureAlgorithm [2] IMPLICIT AlgorithmIdentifier {SIGNATURE_ALGORITHM, {...}} OPTIONAL } DeltaCertificateRequest ::= ATTRIBUTE { WITH SYNTAX DeltaCertificateRequestValue SINGLE VALUE TRUE ID id-at-deltaCertificateRequest } Bonnell, et al. Expires 2 December 2023 [Page 9] Internet-Draft A Mechanism for Encoding Differences in May 2023 The delta certificate request signature attribute is used to convey the signature that is calculated over the CertificationRequestInfo using the signature algorithm and key that is specified in the delta certificate request attribute. Section 5.1 describes in detail how to determine the value of this attribute. This attribute is identified with the following object identifier: (TODO: replace this temporary OID) id-at-deltaCertificateRequestSignature OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027) 80 6 3 } The ASN.1 syntax of the attribute is as follows: DeltaCertificateRequestSignatureValue ::= BIT STRING deltaCertificateRequestSignature ATTRIBUTE ::= { WITH SYNTAX DeltaCertificateRequestSignatureValue SINGLE VALUE TRUE ID id-at-deltaCertificateRequestSignature } 5.1. Creating a certification signing request for Paired Certificates The following procedure is used by certificate requestors to create a combined certification signing request for Paired Certificates. 1. The certificate requestor creates a CertificationRequestInfo containing the subject, subjectPKInfo, and attributes for the Base Certificate. 2. The certificate requestor creates a delta certificate request attribute that specifies the requested differences between the to-be-issued Base Certificate and Delta Certificate requests. 3. The certificate requestor adds the delta certificate request attribute that was created by step 2 to the list of attributes in the CertificationRequestInfo. 4. The certificate requestor signs the CertificationRequestInfo using the private key of the Delta certificate request subject. 5. The certificate requestor creates a delta certificate request signature attribute that contains the signature value calculated by step 4. Bonnell, et al. Expires 2 December 2023 [Page 10] Internet-Draft A Mechanism for Encoding Differences in May 2023 6. The certificate requestor adds the delta certificate request signature attribute that was created by step 5 to the list of attributes. 7. The certificate requestor signs the CertificationRequestInfo using the private key of the Base certificate request subject. 6. Security Considerations The validation of Base Certificates and Delta Certificates follows the certification path validation algorithm defined in [RFC5280]. However, there are some additional considerations for the software to handle the Base Certificate and Delta Certificate. The Base Certificate and Delta Certificate may have different security properties such as different signing algorithms, different key types or the same key types with different key sizes or signing algorithms. The preference on which certificate to be used or using both when available is deferred to the server or client software. The software is expected to make choices depending on the certificate's security properties or a policy set for the particular PKI. One example of handling two certificates is "fallback" where if the validation of the first certificate fails, it attempts to validate the second certificate. Another example to handle two certificate is "upgrade", where the validation of the first certificate succeeds but still attempts the validation of the second certificate. While this document provides a vehicle to convey information of two certificates in one, it does not address the rules that are expected to be set by the policy of a PKI on how to issue Paired Certificates and how to handle them. The algorithms that are used for the Base Certificate and Delta Certificate respectively should be carefully set by the policy of each PKI reflecting the best current practices in usage of cryptography. The behavior of the server or client software is expected to be well-defined in accordance with the policy in order to avoid downgrade attacks or substitution attacks. 7. IANA Considerations For the Delta Certificate descriptor extension as defined in Section 4.1, IANA is requested to assign an object identifier (OID) for the certificate extension. The OID for the certificate extension should be allocated in the "SMI Security for PKIX Certificate Extension" registry (1.3.6.1.5.5.7.1). Bonnell, et al. Expires 2 December 2023 [Page 11] Internet-Draft A Mechanism for Encoding Differences in May 2023 For the Delta Certificate Request and Delta Certificate Request Signature attributes as defined in Section 5, IANA is requested to create a new registry under SMI Security Codes and assign two object identifiers (OID). For the ASN.1 Module for the extension and attributes defined in Appendix A, IANA is requested to assign an object identifier (OID). The OID for the module should be allocated in the "SMI Security for PKIX Module Identifier" registry (1.3.6.1.5.5.7.0). 8. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [X.680] ITU-T, "Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation", ISO/ IEC 8824-1:2015, November 2015. Appendix A. ASN.1 Module The following ASN.1 [X.680] module provides the complete definition of the extensions, attributes, and associated identifiers specified in this document. DeltaCertificateDescriptor { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-deltaCertificateDescriptor(TBD) } DEFINITIONS EXPLICIT TAGS ::= BEGIN EXPORTS ALL; IMPORTS Bonnell, et al. Expires 2 December 2023 [Page 12] Internet-Draft A Mechanism for Encoding Differences in May 2023 AlgorithmIdentifier{}, SIGNATURE-ALGORITHM FROM AlgorithmInformation-2009 -- RFC 5912 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-algorithmInformation-02(58) } EXTENSION, ATTRIBUTE, Extensions{} FROM PKIX-CommonTypes-2009 -- RFC 5912 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon-02(57) } CertificateSerialNumber, Name, Validity, SubjectPublicKeyInfo, CertExtensions FROM PKIX1Explicit-2009 -- RFC 5912 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-explicit-02(51) }; -- Temporary OID arc -- id-temporaryArc OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027) 80 6 } -- Extension -- id-ce-deltaCertificateDescriptor OBJECT IDENTIFIER ::= { id-temporaryArc 1 } DeltaCertificateDescriptor ::= SEQUENCE { serialNumber CertificateSerialNumber, signature [0] IMPLICIT AlgorithmIdentifier {SIGNATURE_ALGORITHM, {...}} OPTIONAL, issuer [1] IMPLICIT Name OPTIONAL, validity [2] IMPLICIT Validity OPTIONAL, subject [3] IMPLICIT Name OPTIONAL, subjectPublicKeyInfo SubjectPublicKeyInfo, extensions [4] IMPLICIT Extensions{CertExtensions} OPTIONAL, signatureValue BIT STRING } ext-deltaCertificateDescriptor EXTENSION ::= { SYNTAX DeltaCertificateDescriptor IDENTIFIED BY id-ce-deltaCertificateDescriptor CRITICALITY { FALSE } } -- Request Attributes -- id-at-deltaCertificateRequest OBJECT IDENTIFIER ::= { id-temporaryArc 2 } Bonnell, et al. Expires 2 December 2023 [Page 13] Internet-Draft A Mechanism for Encoding Differences in May 2023 DeltaCertificateRequestValue ::= SEQUENCE { subject [0] IMPLICIT Name OPTIONAL, subjectPKInfo SubjectPublicKeyInfo, extensions [1] IMPLICIT Extensions{CertExtensions} OPTIONAL, signatureAlgorithm [2] IMPLICIT AlgorithmIdentifier {SIGNATURE_ALGORITHM, {...}} OPTIONAL } DeltaCertificateRequest ::= ATTRIBUTE { WITH SYNTAX DeltaCertificateRequestValue SINGLE VALUE TRUE ID id-at-deltaCertificateRequest } id-at-deltaCertificateRequestSignature OBJECT IDENTIFIER ::= { id-temporaryArc 3 } DeltaCertificateRequestSignatureValue ::= BIT STRING DeltaCertificateRequestSignature ::= ATTRIBUTE { WITH SYNTAX DeltaCertificateRequestSignatureValue SINGLE VALUE TRUE ID id-at-deltaCertificateRequestSignature } END Appendix B. Examples This appendix includes some example certificates which demonstrate the use of the mechanism specified in this document. Two use cases of this mechanism are demonstrated: algorithm migration and dual use. The PEM text and dumpasn1 output for each certificate is provided. B.1. Root certificates The two certificates in this section represent the two root Certification Authorities which issue the end-entity certificates in the following section. B.1.1. EC P-521 root certificate This is the EC root certificate. Bonnell, et al. Expires 2 December 2023 [Page 14] Internet-Draft A Mechanism for Encoding Differences in May 2023 -----BEGIN CERTIFICATE----- MIIDBTCCAmagAwIBAgIUdZEeu4lEPANMQ4Ut/Odnc431EMQwCgYIKoZIzj0EAwQw gYsxCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2YgUHVi bGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1bXAg UmVzZWFyY2ggRGVwYXJ0bWVudDEYMBYGA1UEAwwPRUNEU0EgUm9vdCAtIEcxMB4X DTIzMDUyNjEzMDYzMVoXDTMzMDUxMzEzMDYzMVowgYsxCzAJBgNVBAYTAlhYMTUw MwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2YgUHVibGljIEtleSBJbmZyYXN0cnVj dHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1bXAgUmVzZWFyY2ggRGVwYXJ0bWVu dDEYMBYGA1UEAwwPRUNEU0EgUm9vdCAtIEcxMIGbMBAGByqGSM49AgEGBSuBBAAj A4GGAAQB0P1yV6hMdH9WJXXAc4Xb6/L1K+pYCD24L90VMdiq48yHX/Av9/otomDY 62LW0vXWSSeOMhc2oGKMu7MDCLbmGNsA9irSBMZGA1m8gYq4lhvw8PwOxaropCgX POVvAN6bFXweXILGT1Yvyt78Skwo9tNCzz72FvyC0ztyhckh8r82/dijYzBhMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSOwhQJYHbq kDjpOa4bbVLEF32fvjAfBgNVHSMEGDAWgBSOwhQJYHbqkDjpOa4bbVLEF32fvjAK BggqhkjOPQQDBAOBjAAwgYgCQgHivbIinPYg05GqnJiiTbYk99oBusIPryKeUWmn 7hpiVek+2rvyThgb38HPWSAVYKzzdr+U37O9RB1jdnYwdU60fAJCAL7faPjE9OvK Vo2Hnfup6J7p0RD0n+8YAc1yYJwXN30We1fxwk1DkUG4SD5P5tIJL/cPogHmmaZM GgzGspA2nRph -----END CERTIFICATE----- 0 773: SEQUENCE { 4 614: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 20: INTEGER 75 91 1E BB 89 44 3C 03 4C 43 85 2D FC E7 67 73 8D F5 10 C4 35 10: SEQUENCE { 37 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 47 139: SEQUENCE { 50 11: SET { 52 9: SEQUENCE { 54 3: OBJECT IDENTIFIER countryName (2 5 4 6) 59 2: PrintableString 'XX' : } : } 63 53: SET { 65 51: SEQUENCE { 67 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 72 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 118 43: SET { 120 41: SEQUENCE { 122 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 127 34: UTF8String 'Post-Heffalump Research Department' : } Bonnell, et al. Expires 2 December 2023 [Page 15] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } 163 24: SET { 165 22: SEQUENCE { 167 3: OBJECT IDENTIFIER commonName (2 5 4 3) 172 15: UTF8String 'ECDSA Root - G1' : } : } : } 189 30: SEQUENCE { 191 13: UTCTime 26/05/2023 13:06:31 GMT 206 13: UTCTime 13/05/2033 13:06:31 GMT : } 221 139: SEQUENCE { 224 11: SET { 226 9: SEQUENCE { 228 3: OBJECT IDENTIFIER countryName (2 5 4 6) 233 2: PrintableString 'XX' : } : } 237 53: SET { 239 51: SEQUENCE { 241 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 246 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 292 43: SET { 294 41: SEQUENCE { 296 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 301 34: UTF8String 'Post-Heffalump Research Department' : } : } 337 24: SET { 339 22: SEQUENCE { 341 3: OBJECT IDENTIFIER commonName (2 5 4 3) 346 15: UTF8String 'ECDSA Root - G1' : } : } : } 363 155: SEQUENCE { 366 16: SEQUENCE { 368 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 377 5: OBJECT IDENTIFIER secp521r1 (1 3 132 0 35) : } 384 134: BIT STRING : 04 01 D0 FD 72 57 A8 4C 74 7F 56 25 75 C0 73 85 : DB EB F2 F5 2B EA 58 08 3D B8 2F DD 15 31 D8 AA : E3 CC 87 5F F0 2F F7 FA 2D A2 60 D8 EB 62 D6 D2 Bonnell, et al. Expires 2 December 2023 [Page 16] Internet-Draft A Mechanism for Encoding Differences in May 2023 : F5 D6 49 27 8E 32 17 36 A0 62 8C BB B3 03 08 B6 : E6 18 DB 00 F6 2A D2 04 C6 46 03 59 BC 81 8A B8 : 96 1B F0 F0 FC 0E C5 AA E8 A4 28 17 3C E5 6F 00 : DE 9B 15 7C 1E 5C 82 C6 4F 56 2F CA DE FC 4A 4C : 28 F6 D3 42 CF 3E F6 16 FC 82 D3 3B 72 85 C9 21 : F2 BF 36 FD D8 : } 521 99: [3] { 523 97: SEQUENCE { 525 15: SEQUENCE { 527 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 532 1: BOOLEAN TRUE 535 5: OCTET STRING, encapsulates { 537 3: SEQUENCE { 539 1: BOOLEAN TRUE : } : } : } 542 14: SEQUENCE { 544 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 549 1: BOOLEAN TRUE 552 4: OCTET STRING, encapsulates { 554 2: BIT STRING 1 unused bit : '1100000'B : } : } 558 29: SEQUENCE { 560 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 565 22: OCTET STRING, encapsulates { 567 20: OCTET STRING : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } 589 31: SEQUENCE { 591 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 596 24: OCTET STRING, encapsulates { 598 22: SEQUENCE { 600 20: [0] : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } : } : } : } : } 622 10: SEQUENCE { Bonnell, et al. Expires 2 December 2023 [Page 17] Internet-Draft A Mechanism for Encoding Differences in May 2023 624 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 634 140: BIT STRING, encapsulates { 638 136: SEQUENCE { 641 66: INTEGER : 01 E2 BD B2 22 9C F6 20 D3 91 AA 9C 98 A2 4D B6 : 24 F7 DA 01 BA C2 0F AF 22 9E 51 69 A7 EE 1A 62 : 55 E9 3E DA BB F2 4E 18 1B DF C1 CF 59 20 15 60 : AC F3 76 BF 94 DF B3 BD 44 1D 63 76 76 30 75 4E : B4 7C 709 66: INTEGER : 00 BE DF 68 F8 C4 F4 EB CA 56 8D 87 9D FB A9 E8 : 9E E9 D1 10 F4 9F EF 18 01 CD 72 60 9C 17 37 7D : 16 7B 57 F1 C2 4D 43 91 41 B8 48 3E 4F E6 D2 09 : 2F F7 0F A2 01 E6 99 A6 4C 1A 0C C6 B2 90 36 9D : 1A 61 : } : } : } B.1.2. Dilithium root certificate This is the Dilithium root certificate. It contains a Delta Certificate Descriptor extension which includes sufficient information to recreate the ECDSA P-521 root. -----BEGIN CERTIFICATE----- MIIZTzCCDFqgAwIBAgIUZnCGGMVMAm3yS76tvDlbOa45t5QwDQYLKwYBBAECggsH BgUwgY8xCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2Yg UHVibGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1 bXAgUmVzZWFyY2ggRGVwYXJ0bWVudDEcMBoGA1UEAwwTRGlsaXRoaXVtIFJvb3Qg LSBHMTAeFw0yMzA1MjYxMzA2MzFaFw0zMzA1MTMxMzA2MzFaMIGPMQswCQYDVQQG EwJYWDE1MDMGA1UECgwsUm95YWwgSW5zdGl0dXRlIG9mIFB1YmxpYyBLZXkgSW5m cmFzdHJ1Y3R1cmUxKzApBgNVBAsMIlBvc3QtSGVmZmFsdW1wIFJlc2VhcmNoIERl cGFydG1lbnQxHDAaBgNVBAMME0RpbGl0aGl1bSBSb290IC0gRzEwgge0MA0GCysG AQQBAoILBwYFA4IHoQB7StC53PkXiBLhRp0ZAuHNjkOkiU8vd5eh4KH1qiLLRda3 hXUGT1aOLXGNaQqA4h0e8tH9ysN8grz142/KnfypTitm/QVCAIqnWMlFy5B5sQX1 lSVYwYRhDXkyickuinqBc/PvRH0MI/pcsh0wawZCZJFItMnVSkBqv0SJJEQVkVoB Whrvvl1Y0iwBpbXayNNhUX1mytXi+bFGeDsMKtWzMc1Lz36h9Wg67Ybu4VAbg9YA 1zcUrRLHihxlX8qG1yWy0r2V62zx4HprCK3vBRMNm/XnXKZfv++bIUaok9CP1IKK SFNa0/YIZaEwd22dPlJnUxe8C2q59CsUZlOUWApQDwG72IraDX2u0vDx6DaOWGm4 UjmutRTng60q4TOTxaaMwXr3+QLUHNGmy5QnG4oci/MhgjvJlJc2BhhlgMF39Tg9 Z0Om8FGvrc6Z9FGjfyPp9aDW8IDmMeqwYAtaeWLq0IKCWgsoO3kAb8ZAmsfz27Aa VLRp29nqMYy7nniQMv7BTube2MjvSOl5X5AXFbQD6SkrfT3BZ6+QREVvTEt4GRzq NE75TtFX1M+BuXgi8h1LPuCQYa6jk/vGMUfo0NxRLCm8qyU7lA9JUM4hEHWIOREk d9FAGwQMjU+utgfnEPnSrWy3aChQdErJiCnW7tof71PgO9HLjxEgmxjLdWP7RsPm 2QK7+5lhZIVPZIH64TzgXfjO33SHKWgi2nhrs33VY9k4SbEysrrICltYcVprELNT 1YZGBhE/tbpGOXL1RTlL2HPRyw3eNo/nlaB6yu5neZoJXMTX1f9V911Iuh6mU+G8 Bonnell, et al. Expires 2 December 2023 [Page 18] Internet-Draft A Mechanism for Encoding Differences in May 2023 eTYap9nV+w6wH6F0TngLPdF86eEaXXOXDCCJpSggjSN2E575sx5dqnDQAlOVEn6R 1vQqEQYEOdU/f4WM76APNz1MMzoWkE5JViZIQPQF83yxro8sezSk/q74hBfa/q22 gNwjjdOTkS0NZl1lYjFVQbTdSie9dHoehRya3zbkVdJrK3/qiN3K2CWsjNJhrQi3 qQmngUoMB9Lp14WqAJ8P9dmDPvKOBpgsph7GYzwTWWnep9O3sVEuTwedCJ7ctVW/ hN1IeKpZ/ffsn2mbQTPA/qccf6zE9W357ZZAdYEtmggPPnGEeQqQT+75ynJaHhHu ue4nTa9PetkFST5O1OH7Ba4pVcGSDL62A+4lIk7HE3HvIxeAUJIHBMYOJcZeilTS TL2kIrVEl4yPRR/0XVADCaX6MUmv0skPnDVbDcVTEEtw6JWMlTYQJtCUiLg11Yvd Qu7oddra1H5V62QCNNEoJGxOk5sBJZtrgokAPanrdKHELqk9RAq52sGvZZQZNXZL SghWTBB/nsfJU40Z7R7zmMZJH5WbbaI9i0D6qdcCi3v/O89Z53pXAdKjMng97XON Z/oVv+Q5Cdr6kRbuISPryxiV5qNiWc/8i1oVKDP/wpCmKZRB/wYP5oKx+RIJx3KS eHk02ftgtYsRXC02aNuSNkFcJ8kVm3qZ1Aac8c+qKgbM1xcLPbdPocs/CjNCX64X nZmgiSP7a0tktid9NC5Ynm/9txKAO6rl9PRhDmGqf9JZa9JNUETV2raZ/wuf7lNh KK1oCjMJ626yerhk5bS0QOD5siSRksIfa86PWdMUj3glDV2GtKh/ARSEzy734DFV 37anyZFmAW8IOWQvoeo2BgB7e90Dmxt9F8fp2iqPgCkbqW7dOuAC/tN787wwQikY p/tUFn2wsFHhrfOzbp28ImAtC38Hgdc2/XntMnIoJ/6OMWQSv1r+khgnUDNsuVNN 84a7ShW/T8k1LsOY8EUotvfELqkjm78ggEfuMt3Wwtehes3vm7THfhBOsO1i64j5 hsasi4vRGo76EwT0szOoObIuXRKC1tDxrpuSqnyzrEY2Blh7P3sWTRO8i3t+nUNr nGS6ea4CCdOuI3CpJimxzwg1Ec1TZmn2LiaPFwo5AZ2BxAEFiUxXQC3ugE3csEai DA2RKtndyx2tKXgHFs2mAKeqcdlxoAxbYrJ+dM7kPUAqZVZyGXA7PcZ+NWN+xEZu a4bctTwAa0hyc5zCX4dbxEceh/MruT6pPCiX/EehAjeuFtr/grRkP0Ro/1UiDSKr s0xBtdWbiUOGBpxleEg8V3h9gIv15ofH4F92/dnopD4r+TOcaEW9wCELi9iQTGYl 2bOBgBqV3YCdb2xCcA1AljUTPTttBg/DVKJh31/SOj50MrjSQlCsjrsPlmmPA5Lj bs8SVTlRMBdueA9fwsq2aN4dRW4j7OMRbh6UpDUXoFwlutqVGu+r1O1SR3otVxja oPJHr4gKbYHFqa5G9VEkMtCazyE7uc5xAzQh3E+aP9DhrFZRieEQd2ftgQVotJFU CiCTHgqX4Ggkum2j2Z6gOV953FAZMmlVM4BaQgWu6Dzd6VMPoAaC5jtBOM/siZ42 x2ESbHYtBZGtWpW3TLnm1/0zeLez7BRO4xyFjuizTb93tmxQlX+GV0L8ddL8pAMk MTm58+d98Rn+hKuZojwaMBFLlzeNgN5CtUXYZ8LEwaMBb28DhiQVC3zw4jVnTpGS 8sMkqYYIdIU2QelWtIJ/adsAarOPG/7JwBhko4C3o82WpReEHKh314w1VjgT6qOC AzAwggMsMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQW BBQR2SgXC+AqR80zlzW3DistnJRMSjAfBgNVHSMEGDAWgBQR2SgXC+AqR80zlzW3 DistnJRMSjCCAscGCmCGSAGG+mtQBgEEggK3MIICswIUdZEeu4lEPANMQ4Ut/Odn c431EMSgCgYIKoZIzj0EAwShgY4wgYsxCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxS b3lhbCBJbnN0aXR1dGUgb2YgUHVibGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkG A1UECwwiUG9zdC1IZWZmYWx1bXAgUmVzZWFyY2ggRGVwYXJ0bWVudDEYMBYGA1UE AwwPRUNEU0EgUm9vdCAtIEcxo4GOMIGLMQswCQYDVQQGEwJYWDE1MDMGA1UECgws Um95YWwgSW5zdGl0dXRlIG9mIFB1YmxpYyBLZXkgSW5mcmFzdHJ1Y3R1cmUxKzAp BgNVBAsMIlBvc3QtSGVmZmFsdW1wIFJlc2VhcmNoIERlcGFydG1lbnQxGDAWBgNV BAMMD0VDRFNBIFJvb3QgLSBHMTCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAdD9 cleoTHR/ViV1wHOF2+vy9SvqWAg9uC/dFTHYquPMh1/wL/f6LaJg2Oti1tL11kkn jjIXNqBijLuzAwi25hjbAPYq0gTGRgNZvIGKuJYb8PD8DsWq6KQoFzzlbwDemxV8 HlyCxk9WL8re/EpMKPbTQs8+9hb8gtM7coXJIfK/Nv3YpEAwHQYDVR0OBBYEFI7C FAlgduqQOOk5rhttUsQXfZ++MB8GA1UdIwQYMBaAFI7CFAlgduqQOOk5rhttUsQX fZ++A4GMADCBiAJCAeK9siKc9iDTkaqcmKJNtiT32gG6wg+vIp5RaafuGmJV6T7a u/JOGBvfwc9ZIBVgrPN2v5Tfs71EHWN2djB1TrR8AkIAvt9o+MT068pWjYed+6no nunREPSf7xgBzXJgnBc3fRZ7V/HCTUORQbhIPk/m0gkv9w+iAeaZpkwaDMaykDad GmEwDQYLKwYBBAECggsHBgUDggzeAGNIS90YJPCnuXvoab6AQBjCs5UcPSOqqoE8 ppGz4qC50ejWuJpS7lnXycuAt7CJWkQhTeF1iP5HT2aeUmlS9942yH0+HDLBKeKj a7qG5jOknCts+41I3RT0WcK4NPZ9RYOtEyF1zfv1JPn6SWSBicPDXNUh0tyD4hL9 Bonnell, et al. Expires 2 December 2023 [Page 19] Internet-Draft A Mechanism for Encoding Differences in May 2023 Mt0xrw+SQ+iInxDVCgv2tCdNc4dZdy5hJBMH0FG0qPXCSO1EjHTPyUwSAVPv1Ffe uU6zbZeRrBJ/Dsb47Vvx0S43VOGngmfYFAD0V7GY4m6xg2oESFV9ea/TfI8QfiLj C5gbk1RnoFaBDhPgc0YFctM+E6B8vfjXFR7X/0WU+F08QWlZEPxjICH4KJE5DHQ7 +Ee6mhBJSNdtxGdeTJeTHNYM38E4/EMVI8lWpKzYRbVh5fzlgc7r6nwY/uT0F9sE wVckWsvQcpV9k38cWqMC1Tig5xyuYNZU7UyAIIi0R6nvy+R6uGF0PbkwzbZBBTcM Bh9Ie9fOoDPMyEonAFyboSOFy3Fd2RuI8kGMkCqLku8P3GRlhV0ZM6vaJnKFTghF tmux53I4RVbw0e/T9phb2GWuvn2tIwYbmHZ74Un4s4wnVT6IVxHaBwCHQw/lXFAn vPFjw5xP7p7uzA80dhj75IYmTCaz/9g5qjx5GDGZs/kfLNa05txuJXLvGBtFIDxJ qjk+NqkjBKAlVuunK+SXdkUWGR/XWHXVzYApUphVcNos5FC7Cum5bTnhbDujRKGo ++os65o4mg6Ro11h7rcBU5Nso/dBHm1ot3Kcle6L3bptgsGJN0GjS3boZXcG95hH MZaSMwriKw/7PfpCJLt5VvcTEzew0uqhdRiCEyug/IYYbafcoNxSlccJcywd0G27 p4e/2p9YxYQOA0RmOa0dNZq8MRfBBOaabsw35+LLlGxXwEWNKr+rNmzRPXgDRbfG zVJoCVgwoNT2F6BHdBJ4BnmD1DLxZ+toohRc7mbASy7rwXp4AwYcFan0DgnU6mEA 2G66pmKE91nj0ay3TPnPtFYKFRMfD9A7Cll8XVM4fYQaDppLmAn4vWZuhUWJkp1M gVgvWIF9M8xGdKujEpzn91u/xhIn+b5rKcbdzCK0+5oHFfFbp0UeUw7Vv+Lf1z2+ ru3ROxoKTk89o5qukS8R6wmS/eLAbgUASDw5xShjnU+og5EDHh/RhhLnZmx3jDz+ 4rdGiq8ZpNuJDQhaYhQkq2jwl5L3CHbp1eyk22dXGI43OxeNFpMmefPgKz0XlXuz 5uGlyE1zqA8MNT5lAiXH/d1pNHSs59G5/iDl+9KyAlWnVoXU8U79ICCqHQLH9HpQ YltdHmAQlBE8M9KRW5mxCVJ/TnOg/CZzzYLaphHWg4f5SRbBMI4pM9r5QCZG0oBU Vp04k/FGFg2l7gO+5IryyOY4B8oUesDoDjobtjk7DueEdvv11BRIe9xUNic3bOT8 wOt0j9BfRePJ/Wmum1wKNEVoZYr9RiRySSculrjpB+xEbDnZX/Mwd4Z7tNNQl15/ 8TZ3SrfoFzvAj/35oTKcmWhIxX3w4scnBIzhmQyECcjwQ7xhRx91CT5QWYSt3LhG vSzkpjJ+W89Tw6llP+WdM8QghNUEY+iQzmLh1ihZ2KKyXuCmnkoWUSTUMEjcvaEz eheRIwEVvdTO52ADP6/ZOc2ZfFYAUKXRvu7uyc49eVkjIfYqR1qW4n1ZRcs6oAP+ 7mOmLMuKw65Suuahu0+oui1S+jr7BnTwhC/oLEAejVAZvWUoeo+/SJJDIM4LJRPA SbhurLo9fcnhvT7hK5KYGTkbQsaMDGKttPyEvAFnF5Q4pJkNUAJ8/QdtAAFymOOq 9Aje9ZlJd0ToPapgIGXfa2cdcAadtjJ7DNoaAE8Gh9TIh61cQbZ8f2VIM1ldvlg0 8duVIXmMlJ6tukhmm79dJbB2dJn4XSk5r4qHTwnB1F1pwpMQRA7cMwA2eu7FKOVO IrkPkUOFsufs7ZJ2PWYNAOL2U7f6IGhUJTVT5iZbWOmegw1fB1ygA1jybegEKoHe FWC45GcgO0lu4ixGPtg5TA2m8Z6k6ZQ5kKLD69qzEdvXdpGJSKuLjRIdfiYZKnaE yjp96koPwlpxZbs9Rmxgxdy1UY2LXuZBg5ljYQCmJefac7Tdq1ceII7CdXtZJlXu PFkhBYj1AWbKtSgzGNei5BmNe80YtFJbxaF0bYdBO9b7yNsALsGj0+iWAb5lL0sB Fvqo/FSzVN20RQEL3QNeg2bZHhdxh0v/wNbfEyDIIvCbyR3uOkDi2V0mzNDDcfwi A+DiO96QE3Hcp8ufI8BYisRg/Qth4KzZJeNW8KGTnJRLRA7DwBymoVBCzLQcKTdA R/wndIxKBeSXJHSAihzb/eQFY0Wq9dzzZRWZM5dq0CtiGQiDaRLuW207J2r3Hz6H VzeeBVeV4dRgHs9eai1XOrfS72gatpKQTXMtGLcA/mpZZ7soM8qWnLAxtW2xTltj XBaUgmnuoLUzOzqjE0jGeLA6ptgk8f7SR1v7nBCl4ZScAKrgpJdbGNa33uoCuDEE EMRnh2XNNvKmUQLX2FDttQm1Dwmdr0LNUpZVp2mOKvtPDiwlOB6eSm0DnfvXgc71 Ua9HfkDC9Sm8P5VPDABRpK2ZZTjBquC4YutAEWDS9x7PTY8+p8Ysfptzctlb9v7f qr4j2MFmR9iuO+dhIBUI+Ed3+SG0lGd4+cM11MNoy/kQnrC8gycpNnFyNOlHxa8N mKQ51T42TFoe4E6IKflv8MvWaoeJ+K2eA+0qPS6jXLVGDklN9C5QOcpd7dRyBPRV wfWIKGGXuWoPgl4HOr/JJ30CuIHUhedlElgHcQO9WnTStzTpk+iaLmxbqW/sWCEK Yv7Ltv59tzBbtAeDbqEFrszdySd9FkbEnuNgD/xHMsIPxXo8uC3dlaWizSbxbjcA eXHwPACUuFH8/xBXRbnMPYldnu3cqcsrixvnU8w0KcpXWni8Rjf/qy6iUY14v+jk GN8abq+DsrHavp1AO1bAa3YO6kJtxA0Ce5TWLnKa4MXUAbYQ4QKUzJktlAzGKn/C BxGvIPl+OaSmhFP3oAadtxss73LxiGocRwE5XCiiPR+at4zHcrB4HRn+TueE+Tkd LuMwQQfY+Hllxl0/YDfKTMToP1sNpMeSzpFl9Rl19tKwHR7qr/Esc7ZvfB1IAWlc wJI25T/aCU+qRI1qWtygyCVu6DozeMXIrlKKFZJpR9qMw/v42z7hrivv40ZptBAd Bonnell, et al. Expires 2 December 2023 [Page 20] Internet-Draft A Mechanism for Encoding Differences in May 2023 pq6CNWxTfLPfDJVHvFAMnuSZIAT8ghkjoeqClrVl3Rj0EdqrxWOP1jAPOHTAHf0E kUQ1CJj4IgPx5liHPT7qsAsMjHxJzECk3FSSejQf40e6U7Q0mtKVaLUTBDzaOHGr HQ6/AILYhs0sAvxCGrlAbqOr179MCIHnZbBTJvFie1eyKU6R0EgyMo8Gm0LRWIST 79wG4PQmHoAD/Ls3o9Zjt+Twp1uHgLwArtM6d2cMULErmQqTzxOM15uqFQSE5lUF G3TvRCfHq7xR/uGNF/bJtSkGLpxTe3ifjz3UxKkz9upLbvjH7iadFND7zqYW7pax VhzQzm4BqObzgaPGtqw6BhFioWSYHHjMyEMpAaqVFj5QdPPVk+/WguNbfNSM+Ose AxNxSbjI0Cbc+BHkfzGyvMPQcgd9U+9rcgxqY6UQdB2oeZtQWZeyqJUsGFuj+DT1 WKHVLR/4ti66cbar1rFfTjXi2jSPToGSnm3MQb9K/39KeNOiZexi9qBftxoEU39O rwWYkmaf+GzFYfOPxSTbhxlZfljT8mCDmHmML/s8OC9aCNcnSJfBw1tKyB7sINRX 8+9CLo3wXmuW9n9oorbU1yDESg6u96wQyl50lcMojjTyg4yLK8S7LIMqJ4LFxVKn 6gzSGoL2kroAymeJsMSL8O+R5VA6DIy9Jl8Zvj02LALrGY/pB6UkibrFCCjx9wjv ZtIDyid7W0zZcBgtDhStEnKRZeui7D5N9qMrmSUwfURLT4Tli6zkYnXdcO1rjaER oW4kK6vxZRQySZkF/I069atty0+TCFQCjPuTWrWJZRWRw3/+DMS8ug/V/5mtScJf 9HlXqMvBmrNg901z9FNnIN+RPxQ4aAcED6mNWaoH7z2O4xg6+v1y0ncHzGDkQH2R 8lSKUeLp7unS5HI7TvJVKj9wgiiMYkuPyaoqx36JrYWc8WQQZzNSVX0EY2dpAiPP 0sUxmsnPbu8rBb+899CQwzkYN3mDp1+ag8Wm4U5M1aEAeHlOOYLmm1zwFkhs/Sur i0Y7+4CMEXNsZT4+qJhfKyOjQ2cgeaNNt6dBAZwHmhaJZbj8Z3gDhJCoxAcfMTxA SUqqy9ILNjlNmuoGIlDX5vEUGDdDa4eLwOP6VaO74wAAAAAAAAAAAAAAAAAABQ8V GyUp -----END CERTIFICATE----- 0 6479: SEQUENCE { 4 3162: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 20: INTEGER 66 70 86 18 C5 4C 02 6D F2 4B BE AD BC 39 5B 39 AE 39 B7 94 35 13: SEQUENCE { 37 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 50 143: SEQUENCE { 53 11: SET { 55 9: SEQUENCE { 57 3: OBJECT IDENTIFIER countryName (2 5 4 6) 62 2: PrintableString 'XX' : } : } 66 53: SET { 68 51: SEQUENCE { 70 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 75 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 121 43: SET { 123 41: SEQUENCE { 125 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 130 34: UTF8String 'Post-Heffalump Research Department' Bonnell, et al. Expires 2 December 2023 [Page 21] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } : } 166 28: SET { 168 26: SEQUENCE { 170 3: OBJECT IDENTIFIER commonName (2 5 4 3) 175 19: UTF8String 'Dilithium Root - G1' : } : } : } 196 30: SEQUENCE { 198 13: UTCTime 26/05/2023 13:06:31 GMT 213 13: UTCTime 13/05/2033 13:06:31 GMT : } 228 143: SEQUENCE { 231 11: SET { 233 9: SEQUENCE { 235 3: OBJECT IDENTIFIER countryName (2 5 4 6) 240 2: PrintableString 'XX' : } : } 244 53: SET { 246 51: SEQUENCE { 248 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 253 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 299 43: SET { 301 41: SEQUENCE { 303 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 308 34: UTF8String 'Post-Heffalump Research Department' : } : } 344 28: SET { 346 26: SEQUENCE { 348 3: OBJECT IDENTIFIER commonName (2 5 4 3) 353 19: UTF8String 'Dilithium Root - G1' : } : } : } 374 1972: SEQUENCE { 378 13: SEQUENCE { 380 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 393 1953: BIT STRING : 7B 4A D0 B9 DC F9 17 88 12 E1 46 9D 19 02 E1 CD : 8E 43 A4 89 4F 2F 77 97 A1 E0 A1 F5 AA 22 CB 45 : D6 B7 85 75 06 4F 56 8E 2D 71 8D 69 0A 80 E2 1D Bonnell, et al. Expires 2 December 2023 [Page 22] Internet-Draft A Mechanism for Encoding Differences in May 2023 : 1E F2 D1 FD CA C3 7C 82 BC F5 E3 6F CA 9D FC A9 : 4E 2B 66 FD 05 42 00 8A A7 58 C9 45 CB 90 79 B1 : 05 F5 95 25 58 C1 84 61 0D 79 32 89 C9 2E 8A 7A : 81 73 F3 EF 44 7D 0C 23 FA 5C B2 1D 30 6B 06 42 : 64 91 48 B4 C9 D5 4A 40 6A BF 44 89 24 44 15 91 : [ Another 1824 bytes skipped ] : } 2350 816: [3] { 2354 812: SEQUENCE { 2358 15: SEQUENCE { 2360 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 2365 1: BOOLEAN TRUE 2368 5: OCTET STRING, encapsulates { 2370 3: SEQUENCE { 2372 1: BOOLEAN TRUE : } : } : } 2375 14: SEQUENCE { 2377 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 2382 1: BOOLEAN TRUE 2385 4: OCTET STRING, encapsulates { 2387 2: BIT STRING 1 unused bit : '1100000'B : } : } 2391 29: SEQUENCE { 2393 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 2398 22: OCTET STRING, encapsulates { 2400 20: OCTET STRING : 11 D9 28 17 0B E0 2A 47 CD 33 97 35 B7 0E 2B 2D : 9C 94 4C 4A : } : } 2422 31: SEQUENCE { 2424 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 2429 24: OCTET STRING, encapsulates { 2431 22: SEQUENCE { 2433 20: [0] : 11 D9 28 17 0B E0 2A 47 CD 33 97 35 B7 0E 2B 2D : 9C 94 4C 4A : } : } : } 2455 711: SEQUENCE { 2459 10: OBJECT IDENTIFIER : deltaCertificateDescriptor (2 16 840 1 114027 80 6 1) 2471 695: OCTET STRING, encapsulates { Bonnell, et al. Expires 2 December 2023 [Page 23] Internet-Draft A Mechanism for Encoding Differences in May 2023 2475 691: SEQUENCE { 2479 20: INTEGER : 75 91 1E BB 89 44 3C 03 4C 43 85 2D FC E7 67 73 : 8D F5 10 C4 2501 10: [0] { 2503 8: OBJECT IDENTIFIER : ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 2513 142: [1] { 2516 139: SEQUENCE { 2519 11: SET { 2521 9: SEQUENCE { 2523 3: OBJECT IDENTIFIER countryName (2 5 4 6) 2528 2: PrintableString 'XX' : } : } 2532 53: SET { 2534 51: SEQUENCE { 2536 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 2541 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 2587 43: SET { 2589 41: SEQUENCE { 2591 3: OBJECT IDENTIFIER : organizationalUnitName (2 5 4 11) 2596 34: UTF8String 'Post-Heffalump Research Department' : } : } 2632 24: SET { 2634 22: SEQUENCE { 2636 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2641 15: UTF8String 'ECDSA Root - G1' : } : } : } : } 2658 142: [3] { 2661 139: SEQUENCE { 2664 11: SET { 2666 9: SEQUENCE { 2668 3: OBJECT IDENTIFIER countryName (2 5 4 6) 2673 2: PrintableString 'XX' : } : } 2677 53: SET { 2679 51: SEQUENCE { Bonnell, et al. Expires 2 December 2023 [Page 24] Internet-Draft A Mechanism for Encoding Differences in May 2023 2681 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 2686 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 2732 43: SET { 2734 41: SEQUENCE { 2736 3: OBJECT IDENTIFIER : organizationalUnitName (2 5 4 11) 2741 34: UTF8String 'Post-Heffalump Research Department' : } : } 2777 24: SET { 2779 22: SEQUENCE { 2781 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2786 15: UTF8String 'ECDSA Root - G1' : } : } : } : } 2803 155: SEQUENCE { 2806 16: SEQUENCE { 2808 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 2817 5: OBJECT IDENTIFIER secp521r1 (1 3 132 0 35) : } 2824 134: BIT STRING : 04 01 D0 FD 72 57 A8 4C 74 7F 56 25 75 C0 73 85 : DB EB F2 F5 2B EA 58 08 3D B8 2F DD 15 31 D8 AA : E3 CC 87 5F F0 2F F7 FA 2D A2 60 D8 EB 62 D6 D2 : F5 D6 49 27 8E 32 17 36 A0 62 8C BB B3 03 08 B6 : E6 18 DB 00 F6 2A D2 04 C6 46 03 59 BC 81 8A B8 : 96 1B F0 F0 FC 0E C5 AA E8 A4 28 17 3C E5 6F 00 : DE 9B 15 7C 1E 5C 82 C6 4F 56 2F CA DE FC 4A 4C : 28 F6 D3 42 CF 3E F6 16 FC 82 D3 3B 72 85 C9 21 : F2 BF 36 FD D8 : } 2961 64: [4] { 2963 29: SEQUENCE { 2965 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 2970 22: OCTET STRING, encapsulates { 2972 20: OCTET STRING : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } 2994 31: SEQUENCE { 2996 3: OBJECT IDENTIFIER : authorityKeyIdentifier (2 5 29 35) Bonnell, et al. Expires 2 December 2023 [Page 25] Internet-Draft A Mechanism for Encoding Differences in May 2023 3001 24: OCTET STRING, encapsulates { 3003 22: SEQUENCE { 3005 20: [0] : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } : } : } 3027 140: BIT STRING, encapsulates { 3031 136: SEQUENCE { 3034 66: INTEGER : 01 E2 BD B2 22 9C F6 20 D3 91 AA 9C 98 A2 4D B6 : 24 F7 DA 01 BA C2 0F AF 22 9E 51 69 A7 EE 1A 62 : 55 E9 3E DA BB F2 4E 18 1B DF C1 CF 59 20 15 60 : AC F3 76 BF 94 DF B3 BD 44 1D 63 76 76 30 75 4E : B4 7C 3102 66: INTEGER : 00 BE DF 68 F8 C4 F4 EB CA 56 8D 87 9D FB A9 E8 : 9E E9 D1 10 F4 9F EF 18 01 CD 72 60 9C 17 37 7D : 16 7B 57 F1 C2 4D 43 91 41 B8 48 3E 4F E6 D2 09 : 2F F7 0F A2 01 E6 99 A6 4C 1A 0C C6 B2 90 36 9D : 1A 61 : } : } : } : } : } : } : } : } 3170 13: SEQUENCE { 3172 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 3185 3294: BIT STRING : 63 48 4B DD 18 24 F0 A7 B9 7B E8 69 BE 80 40 18 : C2 B3 95 1C 3D 23 AA AA 81 3C A6 91 B3 E2 A0 B9 : D1 E8 D6 B8 9A 52 EE 59 D7 C9 CB 80 B7 B0 89 5A : 44 21 4D E1 75 88 FE 47 4F 66 9E 52 69 52 F7 DE : 36 C8 7D 3E 1C 32 C1 29 E2 A3 6B BA 86 E6 33 A4 : 9C 2B 6C FB 8D 48 DD 14 F4 59 C2 B8 34 F6 7D 45 : 83 AD 13 21 75 CD FB F5 24 F9 FA 49 64 81 89 C3 : C3 5C D5 21 D2 DC 83 E2 12 FD 32 DD 31 AF 0F 92 : [ Another 3165 bytes skipped ] : } B.2. Algorithm migration example Bonnell, et al. Expires 2 December 2023 [Page 26] Internet-Draft A Mechanism for Encoding Differences in May 2023 B.2.1. Dilithium signing end-entity certificate This is an end-entity signing certificate which certifies a Dilithium key. -----BEGIN CERTIFICATE----- MIIWHDCCCSegAwIBAgIUC3I3HCAo5RSH45s1sH6CS+5eAd4wDQYLKwYBBAECggsH BgUwgY8xCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2Yg UHVibGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1 bXAgUmVzZWFyY2ggRGVwYXJ0bWVudDEcMBoGA1UEAwwTRGlsaXRoaXVtIFJvb3Qg LSBHMTAeFw0yMzA1MjYxMzA2MzFaFw0yNjA1MjIxMzA2MzFaMC8xCzAJBgNVBAYT AlhYMQ8wDQYDVQQEDAZZYW1hZGExDzANBgNVBCoMBkhhbmFrbzCCB7QwDQYLKwYB BAECggsHBgUDggehAGyPSbiYL9NxlDxjNk1v5p/BQmedaYkenir6NNWBIcZ2GDKT mnC1ZUZ5v6BirMUlAYu+2AtSzDPeLRVpebmN86TGhVSifeERcv5Ohb0Ms0Cpnvqv 3ZE93D74fdyYn7uyiyFiLmdI8uPElHiLLuuS6YClGqZitt82FKaSlP5CmOm8qt+8 JQ+oZ/zCkJOVHOfAKgjz3klNxK0vBcHVOLx02ciHNnCqCUU+wvt2R7rkm5oOqlGq jvRiofYOC7saMEtx4WKrTq7VcGPCIZQFIkietxVRqH+X+UAppPTfk2DcoO96kKk+ BbGKJiJ1fR0tyUtkaPSFRGp54KOTw6t0ZbgiAXSNPzJ8uCPwFPW0vJWYZMGPSRkX oTEHlGkEvlo4nUBCvHxa4i7UB/gmY9rCYWE3/eNJ7gyS7+RNNHa2e7y1MuMT2OpZ 4vV+Hlj35arvXyflFNmRgq7QU5ed0Bp7G0+iodgF8w06pAp1GR6xD3UWHu82b9HR pMo1sv1JdVmY7u6yKLGFyCU8Ap9S7WkfkDwQXzWmo/BGf4cLFHHTV8cy6jKPUhf+ gQgNjozs4P3HF+DJYQ1xkGKIs0enmIb0IKa3z/Hzz70hUSNtE2tZdh0Z32u5lnwg omSEJXBpI5tLjfqJeGB6yXG70gY+TPAVtmzuPyiQkSq2lh/ZGxRZf0YmLQj8KX8/ 581kF1WEODGDaY4slXji5MHCWKk5jXv7d9GjmNeeRaoya7dD5BQII0rlv7pIcb1v PWsKNakYCnybhjaqnmEGJX1cj9/i67Tsho3e9X5GbTL1TgjgQWkGaCj6dNy3s2BD GrfUXfsLxlMSNXHjnNcXASVxYx6Eandk6mOrj5ULHSGE+VKBu8BdriXddXsNnbvd yUi6rNE4G8mr9Bxs54wcG7wPzYAJzyTbwwDbNn6GrPPcsuYdevMfg04IqPtDTotD 9NeJk105PqE0fcfK+MeR48fjAr/58qZiHLwpXgMY92ZsCsU8Je1AH0oB3FH2z/mY 24UK6l75mbpOcoRvw102WlMJ4yz5wNX9QlbT1a9pdAya9BBI/r7K4YK7sBPf2R5Q Rr/8/CcwsneGDemkuDybeglHYHGE0dtqjMSJHxwrGKFmDzMO/mZ7D4N/Wa6OUGzO fIDV634opSvw29/8M22IfAhQcqrZ0Cdo1vRtMOIFZX9TzZ7DdbPWHrhKwK0cz7ll mwwrKX98ZGfnoUEYT2mRqubWVkVQzwOjhS+isIoOOL6ZjYjJeC14r1C4h6hERNyx zOJXlUnm9p6lhJDEuilT0EswzHXUEhBHUUFP8ZUyw01KOq+xJGq+5/So44OVMK3e B76fE8OFndNfGDvkVaBx9yotk1ryc1pweLSoFhsIyNNMEOnMr0qtiG4fDujaFZNW ucpTgQzBChietFdRORUZHJoOQJK7tv7jBVjswnqHfh/oEXEECksO0UgjccIo8HMc FpXMY5Y9uFbSdjHsXgBFDUMZBZ7y95Jwtzn/Q1iZaArhmNvOxRwAwaBCYoSB2uqE ba/6LEX6onE//5MwwhaQL9Wa94npbQgLs8bGdfW08G/TuVuw+Jf/QB6z4r3D55ck nH01q8YkAD3FZulDbekVBmrxX9+StRCf4Tqn2RZl86C9PhcIL6EuVvigqQvl4gAO 7rjz8lolGFb7nn8dl3b1XRXZ6dppgLFHQ4xsJ4DOmqfcleolv2Xe2lS72TcNa61D m9mOPU+XCCaBOHhDYbY7q6dA2nytMtLI5zSkyL6sQPyYExLe8xD3G/2iZNcxpBdb zQ+eewOPRpQV2AxV75l2KUQYC+kakMeTHbeb8r56AStNZgmf8DlljGyDRJAzzDMW UWBv6OKPESPlsxnSxnT2ufnGUGBrEEMt/VIP9ZjVQ3+whl9DLXH+DjdoXPeMhZpS eTyoAqo1QCEgZdZz0VvTH4gZF5qEVleyMw/PeuGqNC/uoRPh8e77dfQ49CYBwjB4 cn/TmCniK8X2z+ywaLy3U+S4MOUTYPK2EloAY2/QByaUmixHw1MwM3yVlhq/7nOK yC2uP8QZ2faIWNMcm6XROdSrqRx4LWnA61ZRBvxoAEDMHat/1BQm90Ri8XyOpQCL zwv7SDZ3888lss0Tgjs5bzPr7gP/XzMHx/vKTNeCi9hmTFTwcbNNhORNpCnpGdSf lB5LIAMfTEg2F8ExTQV4YCVZMxhn8bR+9bGPci0uVsOMD5liK3lsAGMY3jShBO12 D2RAlL14PrSLHCitlo/LnO2eykefITZkHrtdZaFIJshULFSgw12sae7pZKqz6f67 Bonnell, et al. Expires 2 December 2023 [Page 27] Internet-Draft A Mechanism for Encoding Differences in May 2023 jW9I29zNZW/TQrUmHz8/6SA5VIDs39DjQ7iK3nrY4iaz94WsuGE6i8/oUnntx0xq GyZEpjvCYhrYuT7XGv3sopP8a4tZ0rkY+vH95V7mlF0fnDu1HC2kPTmmx9o3YzeX rNN1mGemrbRqqd5fW50BkX0A2X6E70SsQbxd0CjUVgMPBEuE0laXVpuGQ+nJGSFz l8nc35lLDZrqgibk6Mfjcb3rCfzXHiYaIGcn3Nm+uqYrxk5rfvCCchsdxMisIeRg A6WLClKxwqn321Rwo0UhVv5V2Pm3H0pWL0AjJaNLp9YSL3UcdAOd9wWZ9ckyo2Aw XjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQUo1/qtvrL Y4E91ZQfqEEt8JbbulswHwYDVR0jBBgwFoAUEdkoFwvgKkfNM5c1tw4rLZyUTEow DQYLKwYBBAECggsHBgUDggzeAHQdgMbQJgbhfxy4mToCwDKa9HVxpfiurORIDe93 l2pqy66/N736aLSsN9NBehCf+ZcaFpAySD6ObKNJVsPYyF1YeaQTvqtGA9GFkmQn BF63XsZlzgrUn1Caug8rNWd1LJhRm+IZfmcIN6vEBZlQpJGXjM9v8kNFzXdsun+U 91emmoul5sJY4zIoTEOhRHjcH5oJ4EyddoU+hvPLp/W0sKp5wlgu+S/OBp0HY3Xk SC0VGb+XcXqXE0HblEHVFyx9PyFz9ANWkjgtvlCoecSGwGREhMh+8P1s29Rfn5PZ P43AojO8w4+b/TArqB6V1T0eHsVKgvqgYFu/bTHpijkg9InM1/VkUP0etsEQh4gO pSsHlE2CBnBPCyAbT1F2vEq828MI9aBW5XVqeLf1KICZFLdt1fXDTOeaekUY4coF di29yg3cYOZ4RzECeyV+k9i1z9r7XjzbvS9IvEPC/ygf64iGcJFvI1yPyO3TBIoh xWgtQeQqMgF153kh7OjSnX0ONcvSglDWy95y/qCnK7hE562QJY2WZkLAH9QYtg2c kvaxjgzKJII19OLNny1AeqcN3KKPFud9hh66NG68ccRnKBpyTTOuG2FySxCuOzpg APoXRyq26LOsjTmt3FO/gUVd6qPW8CCQOhaKLEtVAvn1FEvXUH539AfyqNupruQQ fZ+rq4kjWhMUM0sL8gw3g52CMtUbF3bW0PfmzE092GU+VeB2K0ZIlVp74vRqh7kh Z5Jm7XKdFamY2nUBcxSMGISe1qOfJeWersaLaLmFYhN+hNfCA4T6PtDIis324LLJ 1+eW8ztzzoZHFJFp4DYIHzc+wkvj5vkl4XMRyfDI0FuEN+wmvOh+r6haon2djaGP MltYrK2ZDgDpe1DxB9TuZNiQYonCwaNS4re3Vg4stitV3kG5BfvfV6M9vZZ8MALV 7dNRk8RKD8iVM/NbG5PgzIsumK784YcyF6NReUvKCBDhCx1n1NUArWkBiCIXZj+I Aio4fUGVJqmay8ccw0hH9QWfJ0EdcEjSeJrIIMXrpG8DesDjwaqLFGrdE4INmRDo HGF3yQTLesinsPJsOR0nLAdyKAmkemog8UUXSKAvDXUqvWKfjx+zkAjqFurrPXRQ 3ljHntn/gq2hyrxZwtbQiUThix0ePqAWD2u/DQKMJXm1WcwwXbW83cnKs3WI2S1n NSm0/RI2nF1OFcRQxXEVufm+CM77PIUDmfkYpmTJbrIK21GTAFqg8javxVwPvlj8 LmMBxnTVrtUviEhN/dTq8Jlyaht7vpmrL3q9cQ50Q1gJr5SGU1ry865M+Pt2hme/ pr6qNwUlZclvpiHCvXszWcocCorBceERVngnYPajee56n9IU+1Yv9NfN8X8odjxN Vm/20l6pG10X+jmET7a54oH0dnoqfVqJ1UIdjza7DqzmF5p/it4aJsRB8pfP4JUF aiS3pedU1XbhvTN1WDhFEK6ZcoF4EPD23IJU2MtgsGapmkbp8Ki/j64sCN6K8Hfm vgcJr9g6KsidjkeI/mu8cFJvyDIlM2j0H7cJEL769x/EQUBZWMyRw9uQr9CaUQKe iCZYrIeJfIf0h+xRm2c/nv7Ph7pM7oG7HspoU8Z2ltV40YgF4Qk34I5PF31Cxaea ClkNuw4tdUDGub/dxtTCXl53NBX4PrPVrtSzxJWVRfm9BCn/ms4XboOcIHV6t/+9 L/i+v+3ujTUtd+pb6EjyoXehs5UapUfsrV2aQrcmrPHKYjT54KZHoyQKRa+kip77 JbBJudChTOsNZX1QWbrSyfl9Nthg7djhTPo604oTT/jJRL9kB/M0m0dimVKIaqed eGlxwDZgP7NF4fTYIydgPZK1TzLbgG0DusrVX1i6QerbosSfGwZ3UAArx4Ty4j0P zWE6SDOpuwleF5t5S010KdaGYw9B7IgC8gQXb4YkuqY9KgtISXImjn8rmTbUvlER sokbajbph1ClpbxSvLVPANzwG8xexibHjFaxA3dEG896gmeaSYeIv9NWpRnRjzwx 111v83mjgHgVwdSlO+8/GpS5gyakrY89GOD3LWfSEPot50YCZZu6ET1P/nkC8hUp 49vrd6VnMnCGNf9IqaAzalq94kEJWoJLbNdLRYow+cuecYdOO2Ofyp/thmrIHAmL k2qsTDqxr9tzWErI/Y+4bhOykGVjyx1CBlIXc4FOO2aKM4jw9R9toz5o6WoxgFHQ pggL9gkfYprzdhiRYkTzYloWIzL+rxlmRC4Fnv7EbSqprDN01G123oUMJPJ14qQs ZD7R9FkbojVlusHFAzgizrSauUSG6aoeXdLiXL2m+DpZ8/t9asZcaDwI4tqX1hGB InKbomoHA1L/w7gNN/Uyozr9xgJ3KsQ88m03GlU2X/MJxJyJqqxkJQaluZJqKZSl ETa2moaJvFcm7j1z3R7FzLd6ieRvvdA2RzeWxEBnnHv9jLrqKeGbOfgDaNd1brw8 92K0uGwlasSH4Myxii2A/p9IAVE+g7AosD8BYFqtlbdQEA9Ps4Jx04cNfXOXdeWs 2Silq9VDZNQ4atmUa17RVbAuvha4XjFnsCovWqaDZzmyY7b/eVoCWRL5ETuXNNJ/ Bonnell, et al. Expires 2 December 2023 [Page 28] Internet-Draft A Mechanism for Encoding Differences in May 2023 6e4Ryhg2KbHksksWRjJmjhG/k5JRm2UfIaLHj5lFdgMwOF4+hPZ5jnq9nKpGXJj1 csuiwvQASBZtix2/UOALqOQg6UnHGFdhTXA8RG9Z+8AnK4nQJ1wyPLMgMu3w8IKJ EPYENRHnOj2Qw3k/nAgBYcvf/Jnzsv8ZaHzNrmSvma91OieCYj2jjPfWKgweJkyf /c8pIp5qHgTtohlmak8D+v9mj18M8ZNpqBJ8lY0OdVyWMhvmA4o4xXkylE+p4DxU 4vmDLb/dkn1r6cFhuzS33uc/YghWel5j+GAEviKsez5lw5tx/HrdxnRVGqfhlqUB Q1kPvMLkR/1GlzUnrBm3viXiKwRau82IbaUUSu6pTUNy8ghe2JI0v9Hsgx2bBLBf X1umQ9daffsFFI9CHEyscpPe3WPcRRSJVGvVVMSnCkTA105CCZDRWLDNkgKzpE8O XzoRXkVICH3ZI8YW/Rub/z3pVS9ZPuxXyM1JCeCr/8AMSBG5lrWSYXTb1WV/j9Aq uNrtZlYWkOzmjnSiTZgfGGVvT+9wOG2dcjnsp2qDsu/8vOAoyNpTdDlSEVjtfVPX AueyD6//RSJFgqlT8DDS60t8QdxOZm4Hb+SYv4rLGZ/N0Wcg7w29tXXiwqQAcRYI ypXuvy8SHHXkVcxwhwDEBDllBAe0822agCX9CqQW8KSLbfIyZTABUz85kZs1eBwr bOEY3Xzqf+vUKfEjTiP97AA9Lq01kBdKqJboBzwWJEOY5WIHeS+NjMo0j6GfiuoK zEBcJtdYhb4y0gqNEZZZZzikcQjS0Gkql34SZiZQPJ7fmD7G/XaaYKcQrGdpJXSX S6rQZvkedK2h0T3BcYi7nhjsiR6soyxVZz5UHFb88ybY3KEJQQ+6j2MNg/rKXr27 OeUSmBtzpDpaArrTgrnVO7dAiW9bEFEoQv0kzhb2Gu3dI+Ku0LQ7yzTnET1K6QiW nFypfw6ohXlvHA0R3DYfzhEHvHgT5FxvFZJfWMrSM9NhFsdI9MYl73JdMXpVV0jH pFOPedD2KNp/4CPpb0Pptnz8uqhe9XhFBiT8Jvt3W8ZCYXj1zY5X7uDOgRhkufml f+Zxw/f+R1lXuZWGMSvR8PfDv8deb1vUeZWJNRKELeCdfE8ykJbQ6cHXNRRDvd2J BfFbRsufpnUuq6iQRjYUm4CD7FonFbxlu3rM/Q5dIRoZfu2G8wuiTCbGBGBuxFw4 BEpuoYRE5nus5XDMxZzTnnoMPO/viR0VJp9GBL10+otiVZCak+g5l9BPVboUOTCH 4AcYdVQv2tmusA0A5oC2K88dzraQtCrK21vRTwSmfVWVatNEATtbMlYKT6lUbDEU /zeaqbTKjjwlZgvZMoCDtdrZZx9qn4Vc5sJq2Ytys1p1yYIT7k13MomTeCQTqvR8 KTN/5fNy+CxqCgVEvB1VqKzCeeAXY3Q4Xpd7I+DSlv0J6fcKhqQeRWWi6ybSo/vM uDcK0tdBHk1yzU8ctA8jrPOiMBhDTgUJ1QI8ZvU5g0ZI4UTk8u0JXHSZxxeZKD/9 PepYosw6QhBqESn/AjQNF7s4VIUGXaWcKmVl0Ie1i63z0wrwCC44USIiPvkxFJS1 KJsohqJs5O0IeUGPOGdUsUfJoytIz7d5hMkuJ4fIqhHkFjvYBvUPwx9XsUay/9Ha uX999JOpGGBLIz2Bv3BfNZksdYwh0u2vngoMtHuDpqwhO0gHDBkiOz9caW2TrMnT CxUZH1pqqK4KFj1fY2mv9RooO2OVmxIYGzhFj56go8IbRpWlztcAAAAADRUdIy0z -----END CERTIFICATE----- 0 5660: SEQUENCE { 4 2343: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 20: INTEGER 0B 72 37 1C 20 28 E5 14 87 E3 9B 35 B0 7E 82 4B EE 5E 01 DE 35 13: SEQUENCE { 37 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 50 143: SEQUENCE { 53 11: SET { 55 9: SEQUENCE { 57 3: OBJECT IDENTIFIER countryName (2 5 4 6) 62 2: PrintableString 'XX' : } : } 66 53: SET { 68 51: SEQUENCE { Bonnell, et al. Expires 2 December 2023 [Page 29] Internet-Draft A Mechanism for Encoding Differences in May 2023 70 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 75 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 121 43: SET { 123 41: SEQUENCE { 125 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 130 34: UTF8String 'Post-Heffalump Research Department' : } : } 166 28: SET { 168 26: SEQUENCE { 170 3: OBJECT IDENTIFIER commonName (2 5 4 3) 175 19: UTF8String 'Dilithium Root - G1' : } : } : } 196 30: SEQUENCE { 198 13: UTCTime 26/05/2023 13:06:31 GMT 213 13: UTCTime 22/05/2026 13:06:31 GMT : } 228 47: SEQUENCE { 230 11: SET { 232 9: SEQUENCE { 234 3: OBJECT IDENTIFIER countryName (2 5 4 6) 239 2: PrintableString 'XX' : } : } 243 15: SET { 245 13: SEQUENCE { 247 3: OBJECT IDENTIFIER surname (2 5 4 4) 252 6: UTF8String 'Yamada' : } : } 260 15: SET { 262 13: SEQUENCE { 264 3: OBJECT IDENTIFIER givenName (2 5 4 42) 269 6: UTF8String 'Hanako' : } : } : } 277 1972: SEQUENCE { 281 13: SEQUENCE { 283 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 296 1953: BIT STRING : 6C 8F 49 B8 98 2F D3 71 94 3C 63 36 4D 6F E6 9F Bonnell, et al. Expires 2 December 2023 [Page 30] Internet-Draft A Mechanism for Encoding Differences in May 2023 : C1 42 67 9D 69 89 1E 9E 2A FA 34 D5 81 21 C6 76 : 18 32 93 9A 70 B5 65 46 79 BF A0 62 AC C5 25 01 : 8B BE D8 0B 52 CC 33 DE 2D 15 69 79 B9 8D F3 A4 : C6 85 54 A2 7D E1 11 72 FE 4E 85 BD 0C B3 40 A9 : 9E FA AF DD 91 3D DC 3E F8 7D DC 98 9F BB B2 8B : 21 62 2E 67 48 F2 E3 C4 94 78 8B 2E EB 92 E9 80 : A5 1A A6 62 B6 DF 36 14 A6 92 94 FE 42 98 E9 BC : [ Another 1824 bytes skipped ] : } 2253 96: [3] { 2255 94: SEQUENCE { 2257 12: SEQUENCE { 2259 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 2264 1: BOOLEAN TRUE 2267 2: OCTET STRING, encapsulates { 2269 0: SEQUENCE {} : } : } 2271 14: SEQUENCE { 2273 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 2278 1: BOOLEAN TRUE 2281 4: OCTET STRING, encapsulates { 2283 2: BIT STRING 7 unused bits : '1'B (bit 0) : } : } 2287 29: SEQUENCE { 2289 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 2294 22: OCTET STRING, encapsulates { 2296 20: OCTET STRING : A3 5F EA B6 FA CB 63 81 3D D5 94 1F A8 41 2D F0 : 96 DB BA 5B : } : } 2318 31: SEQUENCE { 2320 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 2325 24: OCTET STRING, encapsulates { 2327 22: SEQUENCE { 2329 20: [0] : 11 D9 28 17 0B E0 2A 47 CD 33 97 35 B7 0E 2B 2D : 9C 94 4C 4A : } : } : } : } : } : } 2351 13: SEQUENCE { Bonnell, et al. Expires 2 December 2023 [Page 31] Internet-Draft A Mechanism for Encoding Differences in May 2023 2353 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 2366 3294: BIT STRING : 74 1D 80 C6 D0 26 06 E1 7F 1C B8 99 3A 02 C0 32 : 9A F4 75 71 A5 F8 AE AC E4 48 0D EF 77 97 6A 6A : CB AE BF 37 BD FA 68 B4 AC 37 D3 41 7A 10 9F F9 : 97 1A 16 90 32 48 3E 8E 6C A3 49 56 C3 D8 C8 5D : 58 79 A4 13 BE AB 46 03 D1 85 92 64 27 04 5E B7 : 5E C6 65 CE 0A D4 9F 50 9A BA 0F 2B 35 67 75 2C : 98 51 9B E2 19 7E 67 08 37 AB C4 05 99 50 A4 91 : 97 8C CF 6F F2 43 45 CD 77 6C BA 7F 94 F7 57 A6 : [ Another 3165 bytes skipped ] : } B.2.2. EC signing end-entity certificate with encoded Delta Certificate This is an end-entity signing certificate which certifies an EC key. It contains a Delta Certificate Descriptor extension which includes sufficient information to recreate the Dilithium signing end-entity certificate. -----BEGIN CERTIFICATE----- MIIYEzCCF3WgAwIBAgIUVSjCfFKRz32x2VXdKmhcOKCiAeIwCgYIKoZIzj0EAwQw gYsxCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2YgUHVi bGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1bXAg UmVzZWFyY2ggRGVwYXJ0bWVudDEYMBYGA1UEAwwPRUNEU0EgUm9vdCAtIEcxMB4X DTIzMDUyNjEzMDYzMVoXDTI2MDUyMjEzMDYzMVowLzELMAkGA1UEBhMCWFgxDzAN BgNVBAQMBllhbWFkYTEPMA0GA1UEKgwGSGFuYWtvMFkwEwYHKoZIzj0CAQYIKoZI zj0DAQcDQgAEQiVI+I+3gv+17KN0RFLHKh5Vj71vc75eSOkyMsxFxbFsTNEMTLjV uKFxOelIgsiZJXKZNCX0FBmrfpCkKklCcqOCFhAwghYMMAwGA1UdEwEB/wQCMAAw DgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBRbcKeYF/ef9jfS9+PcRGwhCde71DAf BgNVHSMEGDAWgBSOwhQJYHbqkDjpOa4bbVLEF32fvjCCFaoGCmCGSAGG+mtQBgEE ghWaMIIVlgIUC3I3HCAo5RSH45s1sH6CS+5eAd6gDQYLKwYBBAECggsHBgWhgZIw gY8xCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2YgUHVi bGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1bXAg UmVzZWFyY2ggRGVwYXJ0bWVudDEcMBoGA1UEAwwTRGlsaXRoaXVtIFJvb3QgLSBH MTCCB7QwDQYLKwYBBAECggsHBgUDggehAGyPSbiYL9NxlDxjNk1v5p/BQmedaYke nir6NNWBIcZ2GDKTmnC1ZUZ5v6BirMUlAYu+2AtSzDPeLRVpebmN86TGhVSifeER cv5Ohb0Ms0Cpnvqv3ZE93D74fdyYn7uyiyFiLmdI8uPElHiLLuuS6YClGqZitt82 FKaSlP5CmOm8qt+8JQ+oZ/zCkJOVHOfAKgjz3klNxK0vBcHVOLx02ciHNnCqCUU+ wvt2R7rkm5oOqlGqjvRiofYOC7saMEtx4WKrTq7VcGPCIZQFIkietxVRqH+X+UAp pPTfk2DcoO96kKk+BbGKJiJ1fR0tyUtkaPSFRGp54KOTw6t0ZbgiAXSNPzJ8uCPw FPW0vJWYZMGPSRkXoTEHlGkEvlo4nUBCvHxa4i7UB/gmY9rCYWE3/eNJ7gyS7+RN NHa2e7y1MuMT2OpZ4vV+Hlj35arvXyflFNmRgq7QU5ed0Bp7G0+iodgF8w06pAp1 GR6xD3UWHu82b9HRpMo1sv1JdVmY7u6yKLGFyCU8Ap9S7WkfkDwQXzWmo/BGf4cL FHHTV8cy6jKPUhf+gQgNjozs4P3HF+DJYQ1xkGKIs0enmIb0IKa3z/Hzz70hUSNt E2tZdh0Z32u5lnwgomSEJXBpI5tLjfqJeGB6yXG70gY+TPAVtmzuPyiQkSq2lh/Z GxRZf0YmLQj8KX8/581kF1WEODGDaY4slXji5MHCWKk5jXv7d9GjmNeeRaoya7dD Bonnell, et al. Expires 2 December 2023 [Page 32] Internet-Draft A Mechanism for Encoding Differences in May 2023 5BQII0rlv7pIcb1vPWsKNakYCnybhjaqnmEGJX1cj9/i67Tsho3e9X5GbTL1Tgjg QWkGaCj6dNy3s2BDGrfUXfsLxlMSNXHjnNcXASVxYx6Eandk6mOrj5ULHSGE+VKB u8BdriXddXsNnbvdyUi6rNE4G8mr9Bxs54wcG7wPzYAJzyTbwwDbNn6GrPPcsuYd evMfg04IqPtDTotD9NeJk105PqE0fcfK+MeR48fjAr/58qZiHLwpXgMY92ZsCsU8 Je1AH0oB3FH2z/mY24UK6l75mbpOcoRvw102WlMJ4yz5wNX9QlbT1a9pdAya9BBI /r7K4YK7sBPf2R5QRr/8/CcwsneGDemkuDybeglHYHGE0dtqjMSJHxwrGKFmDzMO /mZ7D4N/Wa6OUGzOfIDV634opSvw29/8M22IfAhQcqrZ0Cdo1vRtMOIFZX9TzZ7D dbPWHrhKwK0cz7llmwwrKX98ZGfnoUEYT2mRqubWVkVQzwOjhS+isIoOOL6ZjYjJ eC14r1C4h6hERNyxzOJXlUnm9p6lhJDEuilT0EswzHXUEhBHUUFP8ZUyw01KOq+x JGq+5/So44OVMK3eB76fE8OFndNfGDvkVaBx9yotk1ryc1pweLSoFhsIyNNMEOnM r0qtiG4fDujaFZNWucpTgQzBChietFdRORUZHJoOQJK7tv7jBVjswnqHfh/oEXEE CksO0UgjccIo8HMcFpXMY5Y9uFbSdjHsXgBFDUMZBZ7y95Jwtzn/Q1iZaArhmNvO xRwAwaBCYoSB2uqEba/6LEX6onE//5MwwhaQL9Wa94npbQgLs8bGdfW08G/TuVuw +Jf/QB6z4r3D55cknH01q8YkAD3FZulDbekVBmrxX9+StRCf4Tqn2RZl86C9PhcI L6EuVvigqQvl4gAO7rjz8lolGFb7nn8dl3b1XRXZ6dppgLFHQ4xsJ4DOmqfcleol v2Xe2lS72TcNa61Dm9mOPU+XCCaBOHhDYbY7q6dA2nytMtLI5zSkyL6sQPyYExLe 8xD3G/2iZNcxpBdbzQ+eewOPRpQV2AxV75l2KUQYC+kakMeTHbeb8r56AStNZgmf 8DlljGyDRJAzzDMWUWBv6OKPESPlsxnSxnT2ufnGUGBrEEMt/VIP9ZjVQ3+whl9D LXH+DjdoXPeMhZpSeTyoAqo1QCEgZdZz0VvTH4gZF5qEVleyMw/PeuGqNC/uoRPh 8e77dfQ49CYBwjB4cn/TmCniK8X2z+ywaLy3U+S4MOUTYPK2EloAY2/QByaUmixH w1MwM3yVlhq/7nOKyC2uP8QZ2faIWNMcm6XROdSrqRx4LWnA61ZRBvxoAEDMHat/ 1BQm90Ri8XyOpQCLzwv7SDZ3888lss0Tgjs5bzPr7gP/XzMHx/vKTNeCi9hmTFTw cbNNhORNpCnpGdSflB5LIAMfTEg2F8ExTQV4YCVZMxhn8bR+9bGPci0uVsOMD5li K3lsAGMY3jShBO12D2RAlL14PrSLHCitlo/LnO2eykefITZkHrtdZaFIJshULFSg w12sae7pZKqz6f67jW9I29zNZW/TQrUmHz8/6SA5VIDs39DjQ7iK3nrY4iaz94Ws uGE6i8/oUnntx0xqGyZEpjvCYhrYuT7XGv3sopP8a4tZ0rkY+vH95V7mlF0fnDu1 HC2kPTmmx9o3YzeXrNN1mGemrbRqqd5fW50BkX0A2X6E70SsQbxd0CjUVgMPBEuE 0laXVpuGQ+nJGSFzl8nc35lLDZrqgibk6Mfjcb3rCfzXHiYaIGcn3Nm+uqYrxk5r fvCCchsdxMisIeRgA6WLClKxwqn321Rwo0UhVv5V2Pm3H0pWL0AjJaNLp9YSL3Uc dAOd9wWZ9ckypEAwHQYDVR0OBBYEFKNf6rb6y2OBPdWUH6hBLfCW27pbMB8GA1Ud IwQYMBaAFBHZKBcL4CpHzTOXNbcOKy2clExKA4IM3gB0HYDG0CYG4X8cuJk6AsAy mvR1caX4rqzkSA3vd5dqasuuvze9+mi0rDfTQXoQn/mXGhaQMkg+jmyjSVbD2Mhd WHmkE76rRgPRhZJkJwRet17GZc4K1J9QmroPKzVndSyYUZviGX5nCDerxAWZUKSR l4zPb/JDRc13bLp/lPdXppqLpebCWOMyKExDoUR43B+aCeBMnXaFPobzy6f1tLCq ecJYLvkvzgadB2N15EgtFRm/l3F6lxNB25RB1RcsfT8hc/QDVpI4Lb5QqHnEhsBk RITIfvD9bNvUX5+T2T+NwKIzvMOPm/0wK6geldU9Hh7FSoL6oGBbv20x6Yo5IPSJ zNf1ZFD9HrbBEIeIDqUrB5RNggZwTwsgG09RdrxKvNvDCPWgVuV1ani39SiAmRS3 bdX1w0znmnpFGOHKBXYtvcoN3GDmeEcxAnslfpPYtc/a+148270vSLxDwv8oH+uI hnCRbyNcj8jt0wSKIcVoLUHkKjIBded5Iezo0p19DjXL0oJQ1svecv6gpyu4ROet kCWNlmZCwB/UGLYNnJL2sY4MyiSCNfTizZ8tQHqnDdyijxbnfYYeujRuvHHEZyga ck0zrhthcksQrjs6YAD6F0cqtuizrI05rdxTv4FFXeqj1vAgkDoWiixLVQL59RRL 11B+d/QH8qjbqa7kEH2fq6uJI1oTFDNLC/IMN4OdgjLVGxd21tD35sxNPdhlPlXg ditGSJVae+L0aoe5IWeSZu1ynRWpmNp1AXMUjBiEntajnyXlnq7Gi2i5hWITfoTX wgOE+j7QyIrN9uCyydfnlvM7c86GRxSRaeA2CB83PsJL4+b5JeFzEcnwyNBbhDfs Jrzofq+oWqJ9nY2hjzJbWKytmQ4A6XtQ8QfU7mTYkGKJwsGjUuK3t1YOLLYrVd5B uQX731ejPb2WfDAC1e3TUZPESg/IlTPzWxuT4MyLLpiu/OGHMhejUXlLyggQ4Qsd Z9TVAK1pAYgiF2Y/iAIqOH1BlSapmsvHHMNIR/UFnydBHXBI0niayCDF66RvA3rA 48GqixRq3ROCDZkQ6Bxhd8kEy3rIp7DybDkdJywHcigJpHpqIPFFF0igLw11Kr1i Bonnell, et al. Expires 2 December 2023 [Page 33] Internet-Draft A Mechanism for Encoding Differences in May 2023 n48fs5AI6hbq6z10UN5Yx57Z/4Ktocq8WcLW0IlE4YsdHj6gFg9rvw0CjCV5tVnM MF21vN3JyrN1iNktZzUptP0SNpxdThXEUMVxFbn5vgjO+zyFA5n5GKZkyW6yCttR kwBaoPI2r8VcD75Y/C5jAcZ01a7VL4hITf3U6vCZcmobe76Zqy96vXEOdENYCa+U hlNa8vOuTPj7doZnv6a+qjcFJWXJb6Yhwr17M1nKHAqKwXHhEVZ4J2D2o3nuep/S FPtWL/TXzfF/KHY8TVZv9tJeqRtdF/o5hE+2ueKB9HZ6Kn1aidVCHY82uw6s5hea f4reGibEQfKXz+CVBWokt6XnVNV24b0zdVg4RRCumXKBeBDw9tyCVNjLYLBmqZpG 6fCov4+uLAjeivB35r4HCa/YOirInY5HiP5rvHBSb8gyJTNo9B+3CRC++vcfxEFA WVjMkcPbkK/QmlECnogmWKyHiXyH9IfsUZtnP57+z4e6TO6Bux7KaFPGdpbVeNGI BeEJN+COTxd9QsWnmgpZDbsOLXVAxrm/3cbUwl5edzQV+D6z1a7Us8SVlUX5vQQp /5rOF26DnCB1erf/vS/4vr/t7o01LXfqW+hI8qF3obOVGqVH7K1dmkK3JqzxymI0 +eCmR6MkCkWvpIqe+yWwSbnQoUzrDWV9UFm60sn5fTbYYO3Y4Uz6OtOKE0/4yUS/ ZAfzNJtHYplSiGqnnXhpccA2YD+zReH02CMnYD2StU8y24BtA7rK1V9YukHq26LE nxsGd1AAK8eE8uI9D81hOkgzqbsJXhebeUtNdCnWhmMPQeyIAvIEF2+GJLqmPSoL SElyJo5/K5k21L5REbKJG2o26YdQpaW8Ury1TwDc8BvMXsYmx4xWsQN3RBvPeoJn mkmHiL/TVqUZ0Y88Mdddb/N5o4B4FcHUpTvvPxqUuYMmpK2PPRjg9y1n0hD6LedG AmWbuhE9T/55AvIVKePb63elZzJwhjX/SKmgM2paveJBCVqCS2zXS0WKMPnLnnGH Tjtjn8qf7YZqyBwJi5NqrEw6sa/bc1hKyP2PuG4TspBlY8sdQgZSF3OBTjtmijOI 8PUfbaM+aOlqMYBR0KYIC/YJH2Ka83YYkWJE82JaFiMy/q8ZZkQuBZ7+xG0qqawz dNRtdt6FDCTydeKkLGQ+0fRZG6I1ZbrBxQM4Is60mrlEhumqHl3S4ly9pvg6WfP7 fWrGXGg8COLal9YRgSJym6JqBwNS/8O4DTf1MqM6/cYCdyrEPPJtNxpVNl/zCcSc iaqsZCUGpbmSaimUpRE2tpqGibxXJu49c90excy3eonkb73QNkc3lsRAZ5x7/Yy6 6inhmzn4A2jXdW68PPditLhsJWrEh+DMsYotgP6fSAFRPoOwKLA/AWBarZW3UBAP T7OCcdOHDX1zl3XlrNkopavVQ2TUOGrZlGte0VWwLr4WuF4xZ7AqL1qmg2c5smO2 /3laAlkS+RE7lzTSf+nuEcoYNimx5LJLFkYyZo4Rv5OSUZtlHyGix4+ZRXYDMDhe PoT2eY56vZyqRlyY9XLLosL0AEgWbYsdv1DgC6jkIOlJxxhXYU1wPERvWfvAJyuJ 0CdcMjyzIDLt8PCCiRD2BDUR5zo9kMN5P5wIAWHL3/yZ87L/GWh8za5kr5mvdTon gmI9o4z31ioMHiZMn/3PKSKeah4E7aIZZmpPA/r/Zo9fDPGTaagSfJWNDnVcljIb 5gOKOMV5MpRPqeA8VOL5gy2/3ZJ9a+nBYbs0t97nP2IIVnpeY/hgBL4irHs+ZcOb cfx63cZ0VRqn4ZalAUNZD7zC5Ef9Rpc1J6wZt74l4isEWrvNiG2lFEruqU1DcvII XtiSNL/R7IMdmwSwX19bpkPXWn37BRSPQhxMrHKT3t1j3EUUiVRr1VTEpwpEwNdO QgmQ0ViwzZICs6RPDl86EV5FSAh92SPGFv0bm/896VUvWT7sV8jNSQngq//ADEgR uZa1kmF029Vlf4/QKrja7WZWFpDs5o50ok2YHxhlb0/vcDhtnXI57Kdqg7Lv/Lzg KMjaU3Q5UhFY7X1T1wLnsg+v/0UiRYKpU/Aw0utLfEHcTmZuB2/kmL+KyxmfzdFn IO8NvbV14sKkAHEWCMqV7r8vEhx15FXMcIcAxAQ5ZQQHtPNtmoAl/QqkFvCki23y MmUwAVM/OZGbNXgcK2zhGN186n/r1CnxI04j/ewAPS6tNZAXSqiW6Ac8FiRDmOVi B3kvjYzKNI+hn4rqCsxAXCbXWIW+MtIKjRGWWWc4pHEI0tBpKpd+EmYmUDye35g+ xv12mmCnEKxnaSV0l0uq0Gb5HnStodE9wXGIu54Y7IkerKMsVWc+VBxW/PMm2Nyh CUEPuo9jDYP6yl69uznlEpgbc6Q6WgK604K51Tu3QIlvWxBRKEL9JM4W9hrt3SPi rtC0O8s05xE9SukIlpxcqX8OqIV5bxwNEdw2H84RB7x4E+RcbxWSX1jK0jPTYRbH SPTGJe9yXTF6VVdIx6RTj3nQ9ijaf+Aj6W9D6bZ8/LqoXvV4RQYk/Cb7d1vGQmF4 9c2OV+7gzoEYZLn5pX/mccP3/kdZV7mVhjEr0fD3w7/HXm9b1HmViTUShC3gnXxP MpCW0OnB1zUUQ73diQXxW0bLn6Z1LquokEY2FJuAg+xaJxW8Zbt6zP0OXSEaGX7t hvMLokwmxgRgbsRcOARKbqGEROZ7rOVwzMWc0556DDzv74kdFSafRgS9dPqLYlWQ mpPoOZfQT1W6FDkwh+AHGHVUL9rZrrANAOaAtivPHc62kLQqyttb0U8Epn1VlWrT RAE7WzJWCk+pVGwxFP83mqm0yo48JWYL2TKAg7Xa2Wcfap+FXObCatmLcrNadcmC E+5NdzKJk3gkE6r0fCkzf+XzcvgsagoFRLwdVaiswnngF2N0OF6XeyPg0pb9Cen3 CoakHkVlousm0qP7zLg3CtLXQR5Ncs1PHLQPI6zzojAYQ04FCdUCPGb1OYNGSOFE 5PLtCVx0mccXmSg//T3qWKLMOkIQahEp/wI0DRe7OFSFBl2lnCplZdCHtYut89MK Bonnell, et al. Expires 2 December 2023 [Page 34] Internet-Draft A Mechanism for Encoding Differences in May 2023 8AguOFEiIj75MRSUtSibKIaibOTtCHlBjzhnVLFHyaMrSM+3eYTJLieHyKoR5BY7 2Ab1D8MfV7FGsv/R2rl/ffSTqRhgSyM9gb9wXzWZLHWMIdLtr54KDLR7g6asITtI BwwZIjs/XGltk6zJ0wsVGR9aaqiuChY9X2Npr/UaKDtjlZsSGBs4RY+eoKPCG0aV pc7XAAAAAA0VHSMtMzAKBggqhkjOPQQDBAOBiwAwgYcCQSRT2jdEhMcqkaVRvGYn g39VBVtWVmL6wcVmTfARJxhV2a9kqhvWLy7n+T/XNZfyxY5mV9LIq+aYDnAQKwNm Ye7/AkIB5REGvbQCU0TwVrwJ2eG3dV2usE9h/aJWTWJvGMzKzpX7Ksihgtx/Dp9l dWfd9sixl7+a5dc1mQpHcIorcQ/VAWA= -----END CERTIFICATE----- 0 6163: SEQUENCE { 4 6005: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 20: INTEGER 55 28 C2 7C 52 91 CF 7D B1 D9 55 DD 2A 68 5C 38 A0 A2 01 E2 35 10: SEQUENCE { 37 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 47 139: SEQUENCE { 50 11: SET { 52 9: SEQUENCE { 54 3: OBJECT IDENTIFIER countryName (2 5 4 6) 59 2: PrintableString 'XX' : } : } 63 53: SET { 65 51: SEQUENCE { 67 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 72 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 118 43: SET { 120 41: SEQUENCE { 122 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 127 34: UTF8String 'Post-Heffalump Research Department' : } : } 163 24: SET { 165 22: SEQUENCE { 167 3: OBJECT IDENTIFIER commonName (2 5 4 3) 172 15: UTF8String 'ECDSA Root - G1' : } : } : } 189 30: SEQUENCE { 191 13: UTCTime 26/05/2023 13:06:31 GMT 206 13: UTCTime 22/05/2026 13:06:31 GMT Bonnell, et al. Expires 2 December 2023 [Page 35] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } 221 47: SEQUENCE { 223 11: SET { 225 9: SEQUENCE { 227 3: OBJECT IDENTIFIER countryName (2 5 4 6) 232 2: PrintableString 'XX' : } : } 236 15: SET { 238 13: SEQUENCE { 240 3: OBJECT IDENTIFIER surname (2 5 4 4) 245 6: UTF8String 'Yamada' : } : } 253 15: SET { 255 13: SEQUENCE { 257 3: OBJECT IDENTIFIER givenName (2 5 4 42) 262 6: UTF8String 'Hanako' : } : } : } 270 89: SEQUENCE { 272 19: SEQUENCE { 274 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 283 8: OBJECT IDENTIFIER prime256v1 (1 2 840 10045 3 1 7) : } 293 66: BIT STRING : 04 42 25 48 F8 8F B7 82 FF B5 EC A3 74 44 52 C7 : 2A 1E 55 8F BD 6F 73 BE 5E 48 E9 32 32 CC 45 C5 : B1 6C 4C D1 0C 4C B8 D5 B8 A1 71 39 E9 48 82 C8 : 99 25 72 99 34 25 F4 14 19 AB 7E 90 A4 2A 49 42 : 72 : } 361 5648: [3] { 365 5644: SEQUENCE { 369 12: SEQUENCE { 371 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 376 1: BOOLEAN TRUE 379 2: OCTET STRING, encapsulates { 381 0: SEQUENCE {} : } : } 383 14: SEQUENCE { 385 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 390 1: BOOLEAN TRUE 393 4: OCTET STRING, encapsulates { 395 2: BIT STRING 7 unused bits : '1'B (bit 0) Bonnell, et al. Expires 2 December 2023 [Page 36] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } : } 399 29: SEQUENCE { 401 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 406 22: OCTET STRING, encapsulates { 408 20: OCTET STRING : 5B 70 A7 98 17 F7 9F F6 37 D2 F7 E3 DC 44 6C 21 : 09 D7 BB D4 : } : } 430 31: SEQUENCE { 432 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 437 24: OCTET STRING, encapsulates { 439 22: SEQUENCE { 441 20: [0] : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } : } 463 5546: SEQUENCE { 467 10: OBJECT IDENTIFIER : deltaCertificateDescriptor (2 16 840 1 114027 80 6 1) 479 5530: OCTET STRING, encapsulates { 483 5526: SEQUENCE { 487 20: INTEGER : 0B 72 37 1C 20 28 E5 14 87 E3 9B 35 B0 7E 82 4B : EE 5E 01 DE 509 13: [0] { 511 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 524 146: [1] { 527 143: SEQUENCE { 530 11: SET { 532 9: SEQUENCE { 534 3: OBJECT IDENTIFIER countryName (2 5 4 6) 539 2: PrintableString 'XX' : } : } 543 53: SET { 545 51: SEQUENCE { 547 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 552 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 598 43: SET { 600 41: SEQUENCE { Bonnell, et al. Expires 2 December 2023 [Page 37] Internet-Draft A Mechanism for Encoding Differences in May 2023 602 3: OBJECT IDENTIFIER : organizationalUnitName (2 5 4 11) 607 34: UTF8String 'Post-Heffalump Research Department' : } : } 643 28: SET { 645 26: SEQUENCE { 647 3: OBJECT IDENTIFIER commonName (2 5 4 3) 652 19: UTF8String 'Dilithium Root - G1' : } : } : } : } 673 1972: SEQUENCE { 677 13: SEQUENCE { 679 11: OBJECT IDENTIFIER '1 3 6 1 4 1 2 267 7 6 5' : } 692 1953: BIT STRING : 6C 8F 49 B8 98 2F D3 71 94 3C 63 36 4D 6F E6 9F : C1 42 67 9D 69 89 1E 9E 2A FA 34 D5 81 21 C6 76 : 18 32 93 9A 70 B5 65 46 79 BF A0 62 AC C5 25 01 : 8B BE D8 0B 52 CC 33 DE 2D 15 69 79 B9 8D F3 A4 : C6 85 54 A2 7D E1 11 72 FE 4E 85 BD 0C B3 40 A9 : 9E FA AF DD 91 3D DC 3E F8 7D DC 98 9F BB B2 8B : 21 62 2E 67 48 F2 E3 C4 94 78 8B 2E EB 92 E9 80 : A5 1A A6 62 B6 DF 36 14 A6 92 94 FE 42 98 E9 BC : [ Another 1824 bytes skipped ] : } 2649 64: [4] { 2651 29: SEQUENCE { 2653 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 2658 22: OCTET STRING, encapsulates { 2660 20: OCTET STRING : A3 5F EA B6 FA CB 63 81 3D D5 94 1F A8 41 2D F0 : 96 DB BA 5B : } : } 2682 31: SEQUENCE { 2684 3: OBJECT IDENTIFIER : authorityKeyIdentifier (2 5 29 35) 2689 24: OCTET STRING, encapsulates { 2691 22: SEQUENCE { 2693 20: [0] : 11 D9 28 17 0B E0 2A 47 CD 33 97 35 B7 0E 2B 2D : 9C 94 4C 4A : } : } : } Bonnell, et al. Expires 2 December 2023 [Page 38] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } 2715 3294: BIT STRING : 74 1D 80 C6 D0 26 06 E1 7F 1C B8 99 3A 02 C0 32 : 9A F4 75 71 A5 F8 AE AC E4 48 0D EF 77 97 6A 6A : CB AE BF 37 BD FA 68 B4 AC 37 D3 41 7A 10 9F F9 : 97 1A 16 90 32 48 3E 8E 6C A3 49 56 C3 D8 C8 5D : 58 79 A4 13 BE AB 46 03 D1 85 92 64 27 04 5E B7 : 5E C6 65 CE 0A D4 9F 50 9A BA 0F 2B 35 67 75 2C : 98 51 9B E2 19 7E 67 08 37 AB C4 05 99 50 A4 91 : 97 8C CF 6F F2 43 45 CD 77 6C BA 7F 94 F7 57 A6 : [ Another 3165 bytes skipped ] : } : } : } : } : } : } 6013 10: SEQUENCE { 6015 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 6025 139: BIT STRING, encapsulates { 6029 135: SEQUENCE { 6032 65: INTEGER : 24 53 DA 37 44 84 C7 2A 91 A5 51 BC 66 27 83 7F : 55 05 5B 56 56 62 FA C1 C5 66 4D F0 11 27 18 55 : D9 AF 64 AA 1B D6 2F 2E E7 F9 3F D7 35 97 F2 C5 : 8E 66 57 D2 C8 AB E6 98 0E 70 10 2B 03 66 61 EE : FF 6099 66: INTEGER : 01 E5 11 06 BD B4 02 53 44 F0 56 BC 09 D9 E1 B7 : 75 5D AE B0 4F 61 FD A2 56 4D 62 6F 18 CC CA CE : 95 FB 2A C8 A1 82 DC 7F 0E 9F 65 75 67 DD F6 C8 : B1 97 BF 9A E5 D7 35 99 0A 47 70 8A 2B 71 0F D5 : 01 60 : } : } : } B.3. Dual use example B.3.1. EC signing end-entity certificate This is an end-entity signing certificate which certifies an EC key. Bonnell, et al. Expires 2 December 2023 [Page 39] Internet-Draft A Mechanism for Encoding Differences in May 2023 -----BEGIN CERTIFICATE----- MIICYTCCAcOgAwIBAgIUVcVNficoipRs4c6JBiF731VtDLAwCgYIKoZIzj0EAwQw gYsxCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2YgUHVi bGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1bXAg UmVzZWFyY2ggRGVwYXJ0bWVudDEYMBYGA1UEAwwPRUNEU0EgUm9vdCAtIEcxMB4X DTIzMDUyNjEzMDYzMVoXDTI2MDUyMjEzMDYzMVowLzELMAkGA1UEBhMCWFgxDzAN BgNVBAQMBllhbWFkYTEPMA0GA1UEKgwGSGFuYWtvMFkwEwYHKoZIzj0CAQYIKoZI zj0DAQcDQgAEQiVI+I+3gv+17KN0RFLHKh5Vj71vc75eSOkyMsxFxbFsTNEMTLjV uKFxOelIgsiZJXKZNCX0FBmrfpCkKklCcqNgMF4wDAYDVR0TAQH/BAIwADAOBgNV HQ8BAf8EBAMCB4AwHQYDVR0OBBYEFFtwp5gX95/2N9L349xEbCEJ17vUMB8GA1Ud IwQYMBaAFI7CFAlgduqQOOk5rhttUsQXfZ++MAoGCCqGSM49BAMEA4GLADCBhwJC ATB+4mSAPRhLdoM3WSPx4l7PoZeuiYObCVZF7vV61bqmPhFskmZ+1aXSMIABfaNE L5Tc+fiSFOXuZs4JSfWxyTlaAkFiK9X4q5kvyHWy97YbxkMOODeEq0ImwaMabmNO Es40EGEHbEPLIHzW347BR8iZquPCA9wspc6y8edyXcBv/g2Yhw== -----END CERTIFICATE----- 0 609: SEQUENCE { 4 451: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 20: INTEGER 55 C5 4D 7E 27 28 8A 94 6C E1 CE 89 06 21 7B DF 55 6D 0C B0 35 10: SEQUENCE { 37 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 47 139: SEQUENCE { 50 11: SET { 52 9: SEQUENCE { 54 3: OBJECT IDENTIFIER countryName (2 5 4 6) 59 2: PrintableString 'XX' : } : } 63 53: SET { 65 51: SEQUENCE { 67 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 72 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 118 43: SET { 120 41: SEQUENCE { 122 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 127 34: UTF8String 'Post-Heffalump Research Department' : } : } 163 24: SET { 165 22: SEQUENCE { 167 3: OBJECT IDENTIFIER commonName (2 5 4 3) Bonnell, et al. Expires 2 December 2023 [Page 40] Internet-Draft A Mechanism for Encoding Differences in May 2023 172 15: UTF8String 'ECDSA Root - G1' : } : } : } 189 30: SEQUENCE { 191 13: UTCTime 26/05/2023 13:06:31 GMT 206 13: UTCTime 22/05/2026 13:06:31 GMT : } 221 47: SEQUENCE { 223 11: SET { 225 9: SEQUENCE { 227 3: OBJECT IDENTIFIER countryName (2 5 4 6) 232 2: PrintableString 'XX' : } : } 236 15: SET { 238 13: SEQUENCE { 240 3: OBJECT IDENTIFIER surname (2 5 4 4) 245 6: UTF8String 'Yamada' : } : } 253 15: SET { 255 13: SEQUENCE { 257 3: OBJECT IDENTIFIER givenName (2 5 4 42) 262 6: UTF8String 'Hanako' : } : } : } 270 89: SEQUENCE { 272 19: SEQUENCE { 274 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 283 8: OBJECT IDENTIFIER prime256v1 (1 2 840 10045 3 1 7) : } 293 66: BIT STRING : 04 42 25 48 F8 8F B7 82 FF B5 EC A3 74 44 52 C7 : 2A 1E 55 8F BD 6F 73 BE 5E 48 E9 32 32 CC 45 C5 : B1 6C 4C D1 0C 4C B8 D5 B8 A1 71 39 E9 48 82 C8 : 99 25 72 99 34 25 F4 14 19 AB 7E 90 A4 2A 49 42 : 72 : } 361 96: [3] { 363 94: SEQUENCE { 365 12: SEQUENCE { 367 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 372 1: BOOLEAN TRUE 375 2: OCTET STRING, encapsulates { 377 0: SEQUENCE {} : } Bonnell, et al. Expires 2 December 2023 [Page 41] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } 379 14: SEQUENCE { 381 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 386 1: BOOLEAN TRUE 389 4: OCTET STRING, encapsulates { 391 2: BIT STRING 7 unused bits : '1'B (bit 0) : } : } 395 29: SEQUENCE { 397 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 402 22: OCTET STRING, encapsulates { 404 20: OCTET STRING : 5B 70 A7 98 17 F7 9F F6 37 D2 F7 E3 DC 44 6C 21 : 09 D7 BB D4 : } : } 426 31: SEQUENCE { 428 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 433 24: OCTET STRING, encapsulates { 435 22: SEQUENCE { 437 20: [0] : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } : } : } : } : } 459 10: SEQUENCE { 461 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 471 139: BIT STRING, encapsulates { 475 135: SEQUENCE { 478 66: INTEGER : 01 30 7E E2 64 80 3D 18 4B 76 83 37 59 23 F1 E2 : 5E CF A1 97 AE 89 83 9B 09 56 45 EE F5 7A D5 BA : A6 3E 11 6C 92 66 7E D5 A5 D2 30 80 01 7D A3 44 : 2F 94 DC F9 F8 92 14 E5 EE 66 CE 09 49 F5 B1 C9 : 39 5A 546 65: INTEGER : 62 2B D5 F8 AB 99 2F C8 75 B2 F7 B6 1B C6 43 0E : 38 37 84 AB 42 26 C1 A3 1A 6E 63 4E 12 CE 34 10 : 61 07 6C 43 CB 20 7C D6 DF 8E C1 47 C8 99 AA E3 : C2 03 DC 2C A5 CE B2 F1 E7 72 5D C0 6F FE 0D 98 : 87 : } Bonnell, et al. Expires 2 December 2023 [Page 42] Internet-Draft A Mechanism for Encoding Differences in May 2023 : } : } B.3.2. EC dual use end-entity certificate with encoded Delta Certificate This is an end-entity key exchange certificate which certifies an EC key. It contains a Delta Certificate Descriptor extension which includes sufficient information to the recreate the EC signing end- entity certificate. -----BEGIN CERTIFICATE----- MIIDyjCCAyygAwIBAgIUczxcVsNa7M9uSs598vuGatGLDuIwCgYIKoZIzj0EAwQw gYsxCzAJBgNVBAYTAlhYMTUwMwYDVQQKDCxSb3lhbCBJbnN0aXR1dGUgb2YgUHVi bGljIEtleSBJbmZyYXN0cnVjdHVyZTErMCkGA1UECwwiUG9zdC1IZWZmYWx1bXAg UmVzZWFyY2ggRGVwYXJ0bWVudDEYMBYGA1UEAwwPRUNEU0EgUm9vdCAtIEcxMB4X DTIzMDUyNjEzMDYzMVoXDTI2MDUyMjEzMDYzMVowLzELMAkGA1UEBhMCWFgxDzAN BgNVBAQMBllhbWFkYTEPMA0GA1UEKgwGSGFuYWtvMHYwEAYHKoZIzj0CAQYFK4EE ACIDYgAEWwkBuIUjKW65GdUP+hqcs3S8TUCVhigr/soRsdla27VHNK9XC/grcijP ImvPTCXdvP47GjrTlDDv92Ph1o0uFR2Rcgt3lbWNprNGOWE6j7m1qNpIxnRxF/mR noQk837Io4IBqjCCAaYwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCAwgwHQYD VR0OBBYEFArjoP6d1CV2mLXrcuvKDOe/PfXxMB8GA1UdIwQYMBaAFI7CFAlgduqQ OOk5rhttUsQXfZ++MIIBRAYKYIZIAYb6a1AGAQSCATQwggEwAhRVxU1+JyiKlGzh zokGIXvfVW0MsDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEIlSPiPt4L/teyj dERSxyoeVY+9b3O+XkjpMjLMRcWxbEzRDEy41bihcTnpSILImSVymTQl9BQZq36Q pCpJQnKkLzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFFtwp5gX95/2N9L349xE bCEJ17vUA4GLADCBhwJCATB+4mSAPRhLdoM3WSPx4l7PoZeuiYObCVZF7vV61bqm PhFskmZ+1aXSMIABfaNEL5Tc+fiSFOXuZs4JSfWxyTlaAkFiK9X4q5kvyHWy97Yb xkMOODeEq0ImwaMabmNOEs40EGEHbEPLIHzW347BR8iZquPCA9wspc6y8edyXcBv /g2YhzAKBggqhkjOPQQDBAOBiwAwgYcCQXY+Rtd1hMrl4tW7Is3cNjiwHNYs5L12 J5Rv+O78opL/a6UfbGpceiB1OIeBkjj/RyVCTTSQit67FWc/gmDkkyiMAkIB+YuM wRXlfQVO3ivNdTluEOAI44SjpmXo63QjwqXLViTE66mOWZHBoXL6IilEtFajrkO/ HAuJrywI2E3RoOHS+lY= -----END CERTIFICATE----- 0 970: SEQUENCE { 4 812: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 20: INTEGER 73 3C 5C 56 C3 5A EC CF 6E 4A CE 7D F2 FB 86 6A D1 8B 0E E2 35 10: SEQUENCE { 37 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 47 139: SEQUENCE { 50 11: SET { 52 9: SEQUENCE { 54 3: OBJECT IDENTIFIER countryName (2 5 4 6) Bonnell, et al. Expires 2 December 2023 [Page 43] Internet-Draft A Mechanism for Encoding Differences in May 2023 59 2: PrintableString 'XX' : } : } 63 53: SET { 65 51: SEQUENCE { 67 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 72 44: UTF8String : 'Royal Institute of Public Key Infrastructure' : } : } 118 43: SET { 120 41: SEQUENCE { 122 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) 127 34: UTF8String 'Post-Heffalump Research Department' : } : } 163 24: SET { 165 22: SEQUENCE { 167 3: OBJECT IDENTIFIER commonName (2 5 4 3) 172 15: UTF8String 'ECDSA Root - G1' : } : } : } 189 30: SEQUENCE { 191 13: UTCTime 26/05/2023 13:06:31 GMT 206 13: UTCTime 22/05/2026 13:06:31 GMT : } 221 47: SEQUENCE { 223 11: SET { 225 9: SEQUENCE { 227 3: OBJECT IDENTIFIER countryName (2 5 4 6) 232 2: PrintableString 'XX' : } : } 236 15: SET { 238 13: SEQUENCE { 240 3: OBJECT IDENTIFIER surname (2 5 4 4) 245 6: UTF8String 'Yamada' : } : } 253 15: SET { 255 13: SEQUENCE { 257 3: OBJECT IDENTIFIER givenName (2 5 4 42) 262 6: UTF8String 'Hanako' : } : } : } 270 118: SEQUENCE { Bonnell, et al. Expires 2 December 2023 [Page 44] Internet-Draft A Mechanism for Encoding Differences in May 2023 272 16: SEQUENCE { 274 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 283 5: OBJECT IDENTIFIER secp384r1 (1 3 132 0 34) : } 290 98: BIT STRING : 04 5B 09 01 B8 85 23 29 6E B9 19 D5 0F FA 1A 9C : B3 74 BC 4D 40 95 86 28 2B FE CA 11 B1 D9 5A DB : B5 47 34 AF 57 0B F8 2B 72 28 CF 22 6B CF 4C 25 : DD BC FE 3B 1A 3A D3 94 30 EF F7 63 E1 D6 8D 2E : 15 1D 91 72 0B 77 95 B5 8D A6 B3 46 39 61 3A 8F : B9 B5 A8 DA 48 C6 74 71 17 F9 91 9E 84 24 F3 7E : C8 : } 390 426: [3] { 394 422: SEQUENCE { 398 12: SEQUENCE { 400 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 405 1: BOOLEAN TRUE 408 2: OCTET STRING, encapsulates { 410 0: SEQUENCE {} : } : } 412 14: SEQUENCE { 414 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 419 1: BOOLEAN TRUE 422 4: OCTET STRING, encapsulates { 424 2: BIT STRING 3 unused bits : '10000'B (bit 4) : } : } 428 29: SEQUENCE { 430 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 435 22: OCTET STRING, encapsulates { 437 20: OCTET STRING : 0A E3 A0 FE 9D D4 25 76 98 B5 EB 72 EB CA 0C E7 : BF 3D F5 F1 : } : } 459 31: SEQUENCE { 461 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 466 24: OCTET STRING, encapsulates { 468 22: SEQUENCE { 470 20: [0] : 8E C2 14 09 60 76 EA 90 38 E9 39 AE 1B 6D 52 C4 : 17 7D 9F BE : } : } : } Bonnell, et al. Expires 2 December 2023 [Page 45] Internet-Draft A Mechanism for Encoding Differences in May 2023 492 324: SEQUENCE { 496 10: OBJECT IDENTIFIER : deltaCertificateDescriptor (2 16 840 1 114027 80 6 1) 508 308: OCTET STRING, encapsulates { 512 304: SEQUENCE { 516 20: INTEGER : 55 C5 4D 7E 27 28 8A 94 6C E1 CE 89 06 21 7B DF : 55 6D 0C B0 538 89: SEQUENCE { 540 19: SEQUENCE { 542 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 551 8: OBJECT IDENTIFIER prime256v1 (1 2 840 10045 3 1 7) : } 561 66: BIT STRING : 04 42 25 48 F8 8F B7 82 FF B5 EC A3 74 44 52 C7 : 2A 1E 55 8F BD 6F 73 BE 5E 48 E9 32 32 CC 45 C5 : B1 6C 4C D1 0C 4C B8 D5 B8 A1 71 39 E9 48 82 C8 : 99 25 72 99 34 25 F4 14 19 AB 7E 90 A4 2A 49 42 : 72 : } 629 47: [4] { 631 14: SEQUENCE { 633 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 638 1: BOOLEAN TRUE 641 4: OCTET STRING, encapsulates { 643 2: BIT STRING 7 unused bits : '1'B (bit 0) : } : } 647 29: SEQUENCE { 649 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 654 22: OCTET STRING, encapsulates { 656 20: OCTET STRING : 5B 70 A7 98 17 F7 9F F6 37 D2 F7 E3 DC 44 6C 21 : 09 D7 BB D4 : } : } : } 678 139: BIT STRING, encapsulates { 682 135: SEQUENCE { 685 66: INTEGER : 01 30 7E E2 64 80 3D 18 4B 76 83 37 59 23 F1 E2 : 5E CF A1 97 AE 89 83 9B 09 56 45 EE F5 7A D5 BA : A6 3E 11 6C 92 66 7E D5 A5 D2 30 80 01 7D A3 44 : 2F 94 DC F9 F8 92 14 E5 EE 66 CE 09 49 F5 B1 C9 : 39 5A 753 65: INTEGER : 62 2B D5 F8 AB 99 2F C8 75 B2 F7 B6 1B C6 43 0E Bonnell, et al. Expires 2 December 2023 [Page 46] Internet-Draft A Mechanism for Encoding Differences in May 2023 : 38 37 84 AB 42 26 C1 A3 1A 6E 63 4E 12 CE 34 10 : 61 07 6C 43 CB 20 7C D6 DF 8E C1 47 C8 99 AA E3 : C2 03 DC 2C A5 CE B2 F1 E7 72 5D C0 6F FE 0D 98 : 87 : } : } : } : } : } : } : } : } 820 10: SEQUENCE { 822 8: OBJECT IDENTIFIER ecdsaWithSHA512 (1 2 840 10045 4 3 4) : } 832 139: BIT STRING, encapsulates { 836 135: SEQUENCE { 839 65: INTEGER : 76 3E 46 D7 75 84 CA E5 E2 D5 BB 22 CD DC 36 38 : B0 1C D6 2C E4 BD 76 27 94 6F F8 EE FC A2 92 FF : 6B A5 1F 6C 6A 5C 7A 20 75 38 87 81 92 38 FF 47 : 25 42 4D 34 90 8A DE BB 15 67 3F 82 60 E4 93 28 : 8C 906 66: INTEGER : 01 F9 8B 8C C1 15 E5 7D 05 4E DE 2B CD 75 39 6E : 10 E0 08 E3 84 A3 A6 65 E8 EB 74 23 C2 A5 CB 56 : 24 C4 EB A9 8E 59 91 C1 A1 72 FA 22 29 44 B4 56 : A3 AE 43 BF 1C 0B 89 AF 2C 08 D8 4D D1 A0 E1 D2 : FA 56 : } : } : } Acknowledgments TODO acknowledge. Authors' Addresses C. Bonnell DigiCert Email: corey.bonnell@digicert.com J. Gray Entrust Email: john.gray@entrust.com Bonnell, et al. Expires 2 December 2023 [Page 47] Internet-Draft A Mechanism for Encoding Differences in May 2023 D. Hook KeyFactor Email: david.hook@keyfactor.com T. Okubo DigiCert Email: tomofumi.okubo@digicert.com M. Ounsworth Entrust Email: mike.ounsworth@entrust.com Bonnell, et al. Expires 2 December 2023 [Page 48]