From f5a2eba2e9c1c59b74340fcc0e13d8e67b90e859 Mon Sep 17 00:00:00 2001
From: ID Bot <idbot@example.com>
Date: Thu, 12 Dec 2024 02:58:50 +0000
Subject: [PATCH] Script updating gh-pages from 6c68f29. [ci skip]

---
 index.html                                    |   13 +
 .../draft-ietf-lamps-kyber-certificates.html  | 2655 +++++++++++++++++
 .../draft-ietf-lamps-kyber-certificates.txt   | 1353 +++++++++
 ...urner-lamps-nist-pqc-kem-certificates.html | 1597 ++++++++++
 ...turner-lamps-nist-pqc-kem-certificates.txt |  354 +++
 seanturner-cert-examples/index.html           |   50 +
 6 files changed, 6022 insertions(+)
 create mode 100644 seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.html
 create mode 100644 seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.txt
 create mode 100644 seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.html
 create mode 100644 seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.txt
 create mode 100644 seanturner-cert-examples/index.html

diff --git a/index.html b/index.html
index 676bb9b..1cc670d 100644
--- a/index.html
+++ b/index.html
@@ -31,6 +31,19 @@ <h1>Editor's drafts for main branch of <a href="https://github.com/lamps-wg/kybe
         <td></td>
       </tr>
     </table>
+    <h2>Preview for branch <a href="seanturner-cert-examples">seanturner-cert-examples</a></h2>
+    <table id="branch-seanturner-cert-examples">
+      <tr>
+        <td><a href="seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.html" class="html draft-ietf-lamps-kyber-certificates" title="Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) (HTML)">ML-KEM in Certificates</a></td>
+        <td><a href="seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.txt" class="txt draft-ietf-lamps-kyber-certificates" title="Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) (Text)">plain text</a></td>
+        <td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://lamps-wg.github.io/kyber-certificates/draft-ietf-lamps-kyber-certificates.txt&amp;url_2=https://lamps-wg.github.io/kyber-certificates/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.txt" class="diff draft-ietf-lamps-kyber-certificates">diff with main</a></td>
+      </tr>
+      <tr>
+        <td><a href="seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.html" class="html draft-turner-lamps-nist-pqc-kem-certificates" title="Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet X.509 Public Key Infrastructure (HTML)">PQC KEM for Certificates</a></td>
+        <td><a href="seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.txt" class="txt draft-turner-lamps-nist-pqc-kem-certificates" title="Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet X.509 Public Key Infrastructure (Text)">plain text</a></td>
+        <td>same as main</td>
+      </tr>
+    </table>
     <h2>Preview for branch <a href="bas">bas</a></h2>
     <h2>Preview for branch <a href="bas/carl">bas/carl</a></h2>
     <table id="branch-bas/carl">
diff --git a/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.html b/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.html
new file mode 100644
index 0000000..54fa04c
--- /dev/null
+++ b/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.html
@@ -0,0 +1,2655 @@
+<!DOCTYPE html>
+<html lang="en" class="Internet-Draft">
+<head>
+<meta charset="utf-8">
+<meta content="Common,Latin" name="scripts">
+<meta content="initial-scale=1.0" name="viewport">
+<title>Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM)</title>
+<meta content="Sean Turner" name="author">
+<meta content="Panos Kampanakis" name="author">
+<meta content="Jake Massimo" name="author">
+<meta content="Bas Westerbaan" name="author">
+<meta content="
+       The Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) is a
+quantum-resistant key-encapsulation mechanism (KEM). This document
+describes the conventions for using the ML-KEM in X.509 Public Key
+Infrastructure. The conventions for the subject public keys and
+private keys are also described. 
+    " name="description">
+<meta content="xml2rfc 3.25.0" name="generator">
+<meta content="ML-KEM Kyber KEM Certificate X.509 PKIX" name="keyword">
+<meta content="draft-ietf-lamps-kyber-certificates-latest" name="ietf.draft">
+<!-- Generator version information:
+  xml2rfc 3.25.0
+    Python 3.12.7
+    ConfigArgParse 1.7
+    google-i18n-address 3.1.1
+    intervaltree 3.1.0
+    Jinja2 3.1.4
+    lxml 5.3.0
+    platformdirs 4.3.6
+    pycountry 22.3.5
+    PyYAML 6.0.1
+    requests 2.32.3
+    setuptools 70.3.0
+    wcwidth 0.2.13
+-->
+<link href="draft-ietf-lamps-kyber-certificates.xml" rel="alternate" type="application/rfc+xml">
+<link href="#copyright" rel="license">
+<style type="text/css">@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-vietnamese.woff2') format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+1EA0-1EF9, U+20AB;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-cyrillic.woff2') format('woff2');
+  unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-vietnamese.woff2') format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+1EA0-1EF9, U+20AB;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-cyrillic.woff2') format('woff2');
+  unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-vietnamese.woff2') format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+1EA0-1EF9, U+20AB;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 600;
+  font-display: swap;
+  src: local('Lora SemiBold'), local('Lora-SemiBold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-semibold-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+@font-face {
+  font-family: 'Oxygen Mono';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Oxygen Mono'), local('OxygenMono-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/oxygenmono-regular-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Oxygen Mono';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Oxygen Mono'), local('OxygenMono-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/oxygenmono-regular-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-cyrillic.woff2') format('woff2');
+  unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-greek.woff2') format('woff2');
+  unicode-range: U+0370-0377, U+037A-037F, U+0384-038A, U+038C, U+038E-03A1, U+03A3-03FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-cyrillic.woff2') format('woff2');
+  unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-greek.woff2') format('woff2');
+  unicode-range: U+0370-0377, U+037A-037F, U+0384-038A, U+038C, U+038E-03A1, U+03A3-03FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+:root {
+  color-scheme: light dark;
+  --background-color: #fff;
+  --text-color: #222;
+  --title-color: #191919;
+  --link-color: #2a6496;
+  --highlight-color: #f9f9f9;
+  --line-color: #eee;
+  --pilcrow-weak: #ddd;
+  --pilcrow-strong: #bbb;
+  --small-font-size: 14.5px;
+  --font-mono: 'Oxygen Mono', monospace;
+  --font-title: "Sofia Sans Semi Condensed", sans-serif;
+  scrollbar-color: #bbb #eee;
+}
+body {
+  max-width: 600px;
+  margin: 75px auto;
+  padding: 0 5px;
+  color: var(--text-color);
+  background-color: var(--background-color);
+  font: 16px/22px "Lora", serif;
+  scroll-behavior: smooth;
+}
+
+.ears {
+  display: none;
+}
+
+/* headings */
+section {
+  clear: both;
+}
+.section-number {
+  padding-right: 0.5em;
+}
+h1, h2, h3, h4, h5, h6 {
+  font-family: var(--font-title);
+  font-weight: 680;
+  margin: 0.8em 0 0.3em;
+  font-size-adjust: 0.5;
+  color: var(--title-color);
+}
+h1#title {
+  font-size: 32px;
+  line-height: 40px;
+  clear: both;
+}
+h1#title, h1#rfcnum {
+  margin: 1.5em 0 0.2em;
+}
+h1#rfcnum + h1#title {
+  margin: 0.2em 0;
+}
+
+h1, h2, h3 {
+  font-size: 22px;
+  line-height: 27px;
+}
+h4, h5, h6 {
+  font-size: 20px;
+  line-height: 24px;
+}
+
+/* general structure */
+.author {
+  padding-bottom: 0.3em;
+  vertical-align: top;
+}
+#abstract+p {
+  font-size: 18px;
+  line-height: 24px;
+}
+#abstract+p code, #abstract+p samp, #abstract+p tt {
+  font-size: 16px;
+  line-height: 0;
+}
+
+p {
+  padding: 0;
+  margin: 0.5em 0;
+  text-align: left;
+}
+div {
+  margin: 0;
+}
+.alignRight.art-text {
+  background-color: var(--highlight-color);
+  border: 1px solid var(--line-color);
+  border-radius: 3px;
+  padding: 0.5em 1em 0;
+  margin-bottom: 0.5em;
+}
+.alignRight.art-text pre {
+  padding: 0;
+  width: auto;
+}
+.alignRight {
+  margin: 1em 0;
+}
+.alignRight > *:first-child {
+  border: none;
+  margin: 0;
+  float: right;
+  clear: both;
+}
+.alignRight > *:nth-child(2) {
+  clear: both;
+  display: block;
+  border: none;
+}
+svg {
+  display: block;
+}
+/* font-family isn't space-separated, but =~ will have to do */
+svg[font-family~="monospace" i], svg [font-family~="monospace" i] {
+  font-family: var(--font-mono);
+}
+.alignCenter.art-text {
+  background-color: var(--highlight-color);
+  border: 1px solid var(--line-color);
+  border-radius: 3px;
+  padding: 0.5em 1em 0;
+  margin-bottom: 0.5em;
+}
+.alignCenter.art-text pre {
+  padding: 0;
+  width: auto;
+}
+.alignCenter {
+  margin: 1em 0;
+}
+.alignCenter > *:first-child {
+  border: none;
+  /* this isn't optimal, but it's an existence proof.  PrinceXML doesn't
+     support flexbox yet.
+  */
+  display: table;
+  margin: 0 auto;
+}
+
+/* lists */
+ol, ul {
+  padding: 0;
+  margin: 0 0 0.5em 2em;
+  & :is(ol, ul) {
+    margin-left: 1em;
+  }
+}
+li {
+  margin: 0 0 0.25em 0;
+}
+ul.empty, .ulEmpty {
+  list-style-type: none;
+  & li {
+    margin-top: 0.5em;
+  }
+}
+:is(ul, ol).compact, .ulCompact, .olCompact {
+  margin: 0 0 0 2em;
+  & li {
+    margin: 0;
+    & :first-child { margin-top: 0; }
+    & :last-child { margin-bottom: 0; }
+  }
+}
+
+/* definition lists */
+dl {
+  clear: left;
+  --indent: 3ch;
+  /* --indent: attr(indent ch); not supported in any browser, but we can dream */
+  &.olPercent {
+    --indent: 5ch;
+    & > dt {
+      min-width: calc(var(--indent) - 2ch);
+    }
+  }
+  &.olPercent > dt {
+    float: none;
+  }
+
+  dl > dd > & {
+    margin-top: 0.5em;
+    margin-bottom: 0;
+  }
+}
+dl > dt {
+  float: left;
+  margin-right: 2ch;
+  min-width: 8ch;
+}
+dl > dd {
+  margin-bottom: .8em;
+  margin-left: var(--indent) !important; /* stupid element overrides */
+  min-height: 2ex;
+}
+:is(dl.compact, .dlCompact) > dd {
+  margin-bottom: 0;
+  & > :is(:first-child, .break:first-child + *) {
+    margin-top: 0;
+  }
+  & > :is(:last-child) {
+    margin-bottom: 0;
+  }
+}
+:is(dd, span).break {
+  display: none;
+}
+
+/* links */
+a, a[href].selfRef:hover {
+  text-decoration: none;
+}
+a[href] {
+  color: var(--link-color);
+}
+a[href].selfRef, .iref + a[href].internal {
+  color: var(--text-color);
+}
+a[href]:hover {
+  text-decoration: underline;
+}
+a[href].selfRef:hover {
+  background-color: var(--highlight-color);
+}
+a.xref:is(.cite, .auto), :is(#status-of-memo, #copyright) a {
+  white-space: nowrap;
+}
+
+/* Figures */
+tt, code, pre {
+  background-color: var(--highlight-color);
+  font: 14px/22px var(--font-mono);
+}
+tt, code {
+  /* changing the font for inline elements leads to different ascender
+     and descender heights; as we want to retain baseline alignment,
+     remove leading to avoid altering the final height of lines
+     note: this fails if these blocks take an entire line,
+     a different solution would be great */
+  line-height: 0;
+}
+:is(h1, h2, h3, h4, h5, h6) :is(tt, code) {
+  font-size: 84%;
+}
+pre {
+  border: 1px solid var(--line-color);
+  font-size: 13.5px;
+  line-height: 16px;
+  letter-spacing: -0.2px;
+  margin: 5px;
+  padding: 5px;
+}
+img {
+  max-width: 100%;
+}
+figure {
+  margin: 0.5em 0;
+  padding: 0;
+}
+figure blockquote {
+  margin: 0.8em 0.4em 0.4em;
+}
+figcaption, caption {
+  font-style: italic;
+  margin: 0.5em 1.5em;
+  text-align: left;
+  caption-side: bottom;
+}
+@media screen {
+  /* Auto-collapse boilerplate. */
+  :is(#status-of-memo, #copyright) p {
+    margin: -2px 0;
+    max-height: 0;
+    transition: max-height 2s ease, margin 0.5s ease 0.5s;
+    overflow: hidden;
+  }
+  :is(#status-of-memo, #copyright):hover p,
+  :is(#status-of-memo, #copyright) h2:target ~ p {
+    margin: 0.5em 0;
+    max-height: 500px;
+    overflow: auto;
+  }
+  pre, svg {
+    display: inline-block;
+    /* In the horizontal direction, sometimes people make over-sized figures.
+       Scrollbars for those is therefore necessary: auto adds them as necessary..
+       In the vertical direction, the line-height can combine with the font
+       asender/descender height to produce scrollbars: hidden avoids that. */
+    overflow: auto hidden;
+  }
+  pre {
+    max-width: 100%;
+    width: calc(100% - 22px - 1em);
+  }
+  svg {
+    max-width: calc(100% - 22px - 1em);
+  }
+  figure pre {
+    display: block;
+    width: calc(100% - 25px);
+  }
+  :is(pre, svg) + .pilcrow {
+    display: inline-block;
+    vertical-align: text-bottom;
+    padding-bottom: 8px;
+  }
+}
+
+/* aside, blockquote */
+aside, blockquote {
+  margin-left: 0;
+  padding: 0 2em;
+  font-style: italic;
+}
+blockquote {
+  margin: 1em 0;
+}
+cite {
+  display: block;
+  text-align: right;
+  font-style: italic;
+}
+
+/* tables */
+table {
+  width: auto;
+  max-width: 100%;
+  margin: 0 0 1em;
+  border-collapse: collapse;
+}
+table.right {
+  margin-left: auto;
+}
+table.center {
+  margin-left: auto;
+  margin-right: auto;
+}
+table.left {
+  margin-right: auto;
+}
+table .text-left {
+  text-align: left;
+}
+table .text-center {
+  text-align: center;
+}
+table .text-right {
+  text-align: right;
+}
+
+thead, tbody {
+  border: 1px solid var(--line-color);
+}
+th, td {
+  text-align: left;
+  vertical-align: top;
+  padding: 5px 10px;
+}
+th {
+  background-color: var(--line-color);
+}
+:is(tr:nth-child(2n), thead+tbody > tr:nth-child(2n+1)) > td {
+  background-color: var(--background-color);
+}
+:is(tr:nth-child(2n+1), thead+tbody > tr:nth-child(2n)) > td {
+  background-color: var(--highlight-color);
+}
+table caption {
+  margin: 0;
+  padding: 3px 0 3px 1em;
+}
+table p {
+  margin: 0;
+}
+
+/* pilcrow */
+a.pilcrow {
+  margin-left: 3px;
+  opacity: 0.2;
+  user-select: none;
+  &[href] {
+    color: var(--pilcrow-weak);
+    &:hover { text-decoration: none; }
+  }
+}
+@media not print {
+  :hover > a.pilcrow {
+    opacity: 1;
+  }
+  a.pilcrow[href]:hover {
+    color: var(--pilcrow-strong);
+    background-color: transparent;
+  }
+}
+@media print {
+  a.pilcrow {
+    display: none;
+  }
+}
+
+/* misc */
+hr {
+  border: 0;
+  border-top: 1px solid var(--line-color);
+}
+.bcp14 {
+  font-variant: small-caps;
+  font-weight: 600;
+  font-size: var(--small-font-size);
+}
+.role {
+  font-variant: all-small-caps;
+}
+sub, sup {
+  line-height: 1;
+  font-size: 80%;
+}
+
+/* info block */
+#identifiers {
+  margin: 0;
+  font-size: var(--small-font-size);
+  line-height: 18px;
+  --identifier-width: 15ch;
+  & dt {
+    width: var(--identifier-width);
+    min-width: var(--identifier-width);
+    clear: left;
+    float: left;
+    text-align: right;
+    margin-right: 1ch;
+  }
+  & dd {
+    margin: 0;
+    margin-left: calc(1em + var(--identifier-width)) !important;
+    min-width: 5em;
+  }
+  & .authors {
+    & .author {
+      display: inline-block;
+      margin-right: 1.5em;
+    }
+    & .org {
+      font-style: italic;
+    }
+  }
+}
+
+/* The prepared/rendered info at the very bottom of the page */
+.docInfo {
+  color: #999;
+  font-size: 0.9em;
+  font-style: italic;
+  margin-top: 2em;
+}
+.docInfo .prepared {
+  float: right;
+}
+
+/* table of contents */
+#toc {
+  padding: 0.75em 0 2em 0;
+  margin-bottom: 1em;
+
+  & nav {
+    & ul {
+      margin: 0 0.5em 0 0;
+      padding: 0;
+      list-style: none;
+    }
+    & li {
+      line-height: 1.3em;
+      margin: 2px 0;
+      padding-left: 1.2em;
+      text-indent: -1.2em;
+    }
+  }
+  & a.xref {
+    white-space: normal;
+  }
+}
+
+.references {
+  & > dt {
+    text-align: right;
+    font-weight: bold;
+    min-width: 10ch;
+    margin-right: 1.5ch;
+    &:target::before {
+      content: "⇒";
+      margin: 0 10px 0 -25px;
+    }
+  }
+  & > dd {
+    margin-left: 12ch !important;
+    overflow: visible;
+    & .refInstance {
+      margin-bottom: 0.8em;
+    }
+    & .ascii {
+      margin-bottom: 0.25em;
+    }
+  }
+}
+
+#rfc\.index\.index + ul {
+  margin-left: 0;
+}
+
+/* authors */
+address.vcard {
+  font-style: normal;
+  max-width: 20em;
+  margin: 1em auto 1em 0;
+
+  & .nameRole {
+    font-weight: 700;
+    margin-left: 0;
+  }
+  & .label {
+    margin: 0.5em 0;
+  }
+  & .type {
+    display: none;
+  }
+  & .alternative-contact {
+    margin: 0.5em 0 0.25em 0;
+  }
+  & .non-ascii {
+    margin: 0 0 0 2em;
+  }
+  & div.left {
+    text-align: left;
+  }
+  & div.right {
+    text-align: right;
+  }
+}
+
+hr.addr {
+  border-top: 1px dashed;
+  margin: 0;
+  color: #ddd;
+  max-width: calc(100% - 16px);
+}
+@media (min-width: 500px) {
+  #authors-addresses > section {
+    column-count: 2;
+    column-gap: 20px;
+  }
+  #authors-addresses > section > h2 {
+    column-span: all;
+  }
+  /* hack for break-inside: avoid-column */
+  #authors-addresses address {
+    display: inline-block;
+    break-inside: avoid-column;
+  }
+}
+
+/* Comments */
+.rfcEditorRemove p:first-of-type {
+  font-style: italic;
+}
+.cref {
+  background-color: rgba(249, 232, 105, 0.3);
+  padding: 2px 4px;
+}
+.crefSource {
+  font-style: italic;
+}
+
+@media screen {
+  #toc nav {
+    font-family: var(--font-title);
+    font-weight: 360;
+    & > ul { margin-bottom: 2em; }
+    & ul {
+      margin: 0 0 0 4px;
+      & :is(p, li) {
+        margin: 2px 0;
+      }
+    }
+  }
+  #toc a.toplink {
+    float: right;
+  }
+}
+@media not screen {
+  #toc a.toplink {
+    display: none;
+  }
+}
+
+
+/* TOC layout for smaller screens */
+@media screen and (max-width: 929px) {
+  #toc {
+    position: fixed;
+    z-index: 2;
+    top: 0;
+    right: 0;
+    padding: 1px 0 0 0;
+    margin: 0;
+    border-bottom: 1px solid #ccc;
+    opacity: 0.6;
+  }
+  #toc h2 {
+    margin: 0;
+    padding: 2px 0 2px 6px;
+    padding-right: 1em;
+    font-size: 18px;
+    line-height: 24px;
+    min-width: 190px;
+    text-align: right;
+    background-color: #444;
+    color: white;
+    cursor: pointer;
+    &::before { /* css hamburger */
+      float: right;
+      position: relative;
+      width: 1em;
+      height: 1px;
+      left: -164px;
+      margin: 8px 0 0 0;
+      background: white none repeat scroll 0 0;
+      box-shadow: 0 4px 0 0 white, 0 8px 0 0 white;
+      content: "";
+    }
+  }
+  #toc nav {
+    display: none;
+    background-color: var(--background-color);
+    padding: 0.5em 1em 1em;
+    overflow: auto;
+    overscroll-behavior: contain;
+    height: calc(100vh - 48px);
+    border-left: 1px solid #ddd;
+  }
+  #toc.active {
+    opacity: 1;
+    & nav { display: block; }
+  }
+  /* Make the collapsed ToC header render white on gray also when it's a link */
+  #toc h2 a,
+  #toc h2 a:is(:link, :focus, :hover),
+  #toc a.toplink,
+  #toc a.toplink:hover {
+    color: white;
+    background-color: #444;
+    text-decoration: none;
+  }
+  #toc a.toplink {
+    margin: 2px 0.5em 0;
+  }
+}
+
+/* TOC layout for wide screens */
+@media screen and (min-width: 930px) {
+  body {
+    padding-right: 360px;
+    padding-right: calc(min(180px + 20%, 500px));
+  }
+  #toc {
+    position: fixed;
+    bottom: 0;
+    right: 0;
+    right: calc(50vw - 480px);
+    width: 312px;
+    margin: 0;
+    padding: 0;
+    z-index: 1;
+  }
+  #toc h2 {
+    margin: 0;
+    padding: 0.25em 1em 1em 0;
+  }
+  #toc nav {
+    display: block;
+    height: calc(90vh - 84px);
+    bottom: 0;
+    padding: 0.5em 0 2em;
+    overflow: auto;
+    overscroll-behavior: contain;
+    scrollbar-width: thin;
+  }
+  img { /* future proofing */
+    max-width: 100%;
+    height: auto;
+  }
+  #toc a.toplink {
+    margin: 8px 0.5em 0;
+  }
+}
+
+/* pagination */
+@media print {
+  body {
+    width: 100%;
+  }
+  p {
+    orphans: 3;
+    widows: 3;
+  }
+  #n-copyright-notice {
+    border-bottom: none;
+  }
+  #toc, #n-introduction {
+    page-break-before: always;
+  }
+  #toc {
+    border-top: none;
+    padding-top: 0;
+  }
+  figure, pre, .vcard {
+    page-break-inside: avoid;
+  }
+  h1, h2, h3, h4, h5, h6 {
+    page-break-after: avoid;
+  }
+  :is(h2, h3, h4, h5, h6)+*, dd {
+    page-break-before: avoid;
+  }
+  pre {
+    white-space: pre-wrap;
+    word-wrap: break-word;
+    font-size: 10pt;
+  }
+  table {
+    border: 1px solid #ddd;
+  }
+  td {
+    border-top: 1px solid #ddd;
+  }
+}
+
+@page :first {
+  padding-top: 0;
+  @top-left {
+    content: normal;
+    border: none;
+  }
+  @top-center {
+    content: normal;
+    border: none;
+  }
+  @top-right {
+    content: normal;
+    border: none;
+  }
+}
+
+@page {
+  size: A4;
+  margin-bottom: 45mm;
+  padding-top: 20px;
+}
+
+/* Dark mode. */
+@media (prefers-color-scheme: dark) {
+:root {
+  --background-color: #121212;
+  --text-color: #f0f0f0;
+  --title-color: #fff;
+  --link-color: #4da4f0;
+  --highlight-color: #282828;
+  --line-color: #444;
+  --pilcrow-weak: #444;
+  --pilcrow-strong: #666;
+  scrollbar-color: #777 #333;
+}
+}
+
+/* SVG Trick: a prefix match works because only black and white are allowed */
+svg :is([stroke="black"], [stroke^="#000"]) {
+  stroke: var(--text-color);
+}
+svg :is([stroke="white"], [stroke^="#fff"]) {
+  stroke: var(--background-color);
+}
+svg :is([fill="black"], [fill^="#000"], :not([fill])) {
+  fill: var(--text-color);
+}
+svg :is([fill="white"], [fill^="#fff"]) {
+  fill: var(--background-color);
+}
+</style>
+
+</head>
+<body class="xml2rfc">
+<table class="ears">
+<thead><tr>
+<td class="left">Internet-Draft</td>
+<td class="center">ML-KEM in Certificates</td>
+<td class="right">December 2024</td>
+</tr></thead>
+<tfoot><tr>
+<td class="left">Turner, et al.</td>
+<td class="center">Expires 15 June 2025</td>
+<td class="right">[Page]</td>
+</tr></tfoot>
+</table>
+<div id="external-metadata" class="document-information"></div>
+<div id="internal-metadata" class="document-information">
+<dl id="identifiers">
+<dt class="label-workgroup">Workgroup:</dt>
+<dd class="workgroup">LAMPS</dd>
+<dt class="label-internet-draft">Internet-Draft:</dt>
+<dd class="internet-draft">draft-ietf-lamps-kyber-certificates-latest</dd>
+<dt class="label-published">Published:</dt>
+<dd class="published">
+<time datetime="2024-12-12" class="published">12 December 2024</time>
+    </dd>
+<dt class="label-intended-status">Intended Status:</dt>
+<dd class="intended-status">Standards Track</dd>
+<dt class="label-expires">Expires:</dt>
+<dd class="expires"><time datetime="2025-06-15">15 June 2025</time></dd>
+<dt class="label-authors">Authors:</dt>
+<dd class="authors">
+<div class="author">
+      <div class="author-name">S. Turner</div>
+<div class="org">sn3rd</div>
+</div>
+<div class="author">
+      <div class="author-name">P. Kampanakis</div>
+<div class="org">AWS</div>
+</div>
+<div class="author">
+      <div class="author-name">J. Massimo</div>
+<div class="org">AWS</div>
+</div>
+<div class="author">
+      <div class="author-name">B. Westerbaan</div>
+<div class="org">Cloudflare</div>
+</div>
+</dd>
+</dl>
+</div>
+<h1 id="title">Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM)</h1>
+<section id="section-abstract">
+      <h2 id="abstract"><a href="#abstract" class="selfRef">Abstract</a></h2>
+<p id="section-abstract-1">The Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) is a
+quantum-resistant key-encapsulation mechanism (KEM). This document
+describes the conventions for using the ML-KEM in X.509 Public Key
+Infrastructure. The conventions for the subject public keys and
+private keys are also described.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
+</section>
+<section class="note rfcEditorRemove" id="section-note.1">
+      <h2 id="name-about-this-document">
+<a href="#name-about-this-document" class="section-name selfRef">About This Document</a>
+      </h2>
+<p id="section-note.1-1">This note is to be removed before publishing as an RFC.<a href="#section-note.1-1" class="pilcrow">¶</a></p>
+<p id="section-note.1-2">
+        The latest revision of this draft can be found at <span><a href="https://lamps-wg.github.io/kyber-certificates/#go.draft-ietf-lamps-kyber-certificates.html">https://lamps-wg.github.io/kyber-certificates/#go.draft-ietf-lamps-kyber-certificates.html</a></span>.
+        Status information for this document may be found at <span><a href="https://datatracker.ietf.org/doc/draft-ietf-lamps-kyber-certificates/">https://datatracker.ietf.org/doc/draft-ietf-lamps-kyber-certificates/</a></span>.<a href="#section-note.1-2" class="pilcrow">¶</a></p>
+<p id="section-note.1-3">
+        Discussion of this document takes place on the
+        Limited Additional Mechanisms for PKIX and SMIME (lamps) Working Group mailing list (<span><a href="mailto:spasm@ietf.org">mailto:spasm@ietf.org</a></span>),
+        which is archived at <span><a href="https://mailarchive.ietf.org/arch/browse/spasm/">https://mailarchive.ietf.org/arch/browse/spasm/</a></span>.
+        Subscribe at <span><a href="https://www.ietf.org/mailman/listinfo/spasm/">https://www.ietf.org/mailman/listinfo/spasm/</a></span>.<a href="#section-note.1-3" class="pilcrow">¶</a></p>
+<p id="section-note.1-4">Source for this draft and an issue tracker can be found at
+        <span><a href="https://github.com/lamps-wg/kyber-certificates">https://github.com/lamps-wg/kyber-certificates</a></span>.<a href="#section-note.1-4" class="pilcrow">¶</a></p>
+</section>
+<div id="status-of-memo">
+<section id="section-boilerplate.1">
+        <h2 id="name-status-of-this-memo">
+<a href="#name-status-of-this-memo" class="section-name selfRef">Status of This Memo</a>
+        </h2>
+<p id="section-boilerplate.1-1">
+        This Internet-Draft is submitted in full conformance with the
+        provisions of BCP 78 and BCP 79.<a href="#section-boilerplate.1-1" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.1-2">
+        Internet-Drafts are working documents of the Internet Engineering Task
+        Force (IETF). Note that other groups may also distribute working
+        documents as Internet-Drafts. The list of current Internet-Drafts is
+        at <span><a href="https://datatracker.ietf.org/drafts/current/">https://datatracker.ietf.org/drafts/current/</a></span>.<a href="#section-boilerplate.1-2" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.1-3">
+        Internet-Drafts are draft documents valid for a maximum of six months
+        and may be updated, replaced, or obsoleted by other documents at any
+        time. It is inappropriate to use Internet-Drafts as reference
+        material or to cite them other than as "work in progress."<a href="#section-boilerplate.1-3" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.1-4">
+        This Internet-Draft will expire on 15 June 2025.<a href="#section-boilerplate.1-4" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="copyright">
+<section id="section-boilerplate.2">
+        <h2 id="name-copyright-notice">
+<a href="#name-copyright-notice" class="section-name selfRef">Copyright Notice</a>
+        </h2>
+<p id="section-boilerplate.2-1">
+            Copyright (c) 2024 IETF Trust and the persons identified as the
+            document authors. All rights reserved.<a href="#section-boilerplate.2-1" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.2-2">
+            This document is subject to BCP 78 and the IETF Trust's Legal
+            Provisions Relating to IETF Documents
+            (<span><a href="https://trustee.ietf.org/license-info">https://trustee.ietf.org/license-info</a></span>) in effect on the date of
+            publication of this document. Please review these documents
+            carefully, as they describe your rights and restrictions with
+            respect to this document. Code Components extracted from this
+            document must include Revised BSD License text as described in
+            Section 4.e of the Trust Legal Provisions and are provided without
+            warranty as described in the Revised BSD License.<a href="#section-boilerplate.2-2" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="toc">
+<section id="section-toc.1">
+        <a href="#" onclick="scroll(0,0)" class="toplink">▲</a><h2 id="name-table-of-contents">
+<a href="#name-table-of-contents" class="section-name selfRef">Table of Contents</a>
+        </h2>
+<nav class="toc"><ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.1">
+            <p id="section-toc.1-1.1.1" class="keepWithNext"><a href="#section-1" class="auto internal xref">1</a>.  <a href="#name-introduction" class="internal xref">Introduction</a></p>
+<ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.1.2.1">
+                <p id="section-toc.1-1.1.2.1.1" class="keepWithNext"><a href="#section-1.1" class="auto internal xref">1.1</a>.  <a href="#name-applicability-statement" class="internal xref">Applicability Statement</a></p>
+</li>
+            </ul>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2">
+            <p id="section-toc.1-1.2.1" class="keepWithNext"><a href="#section-2" class="auto internal xref">2</a>.  <a href="#name-conventions-and-definitions" class="internal xref">Conventions and Definitions</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.3">
+            <p id="section-toc.1-1.3.1"><a href="#section-3" class="auto internal xref">3</a>.  <a href="#name-algorithm-identifiers" class="internal xref">Algorithm Identifiers</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4">
+            <p id="section-toc.1-1.4.1"><a href="#section-4" class="auto internal xref">4</a>.  <a href="#name-subject-public-key-fields" class="internal xref">Subject Public Key Fields</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.5">
+            <p id="section-toc.1-1.5.1"><a href="#section-5" class="auto internal xref">5</a>.  <a href="#name-private-key-format" class="internal xref">Private Key Format</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.6">
+            <p id="section-toc.1-1.6.1"><a href="#section-6" class="auto internal xref">6</a>.  <a href="#name-security-considerations" class="internal xref">Security Considerations</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.7">
+            <p id="section-toc.1-1.7.1"><a href="#section-7" class="auto internal xref">7</a>.  <a href="#name-iana-considerations" class="internal xref">IANA Considerations</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.8">
+            <p id="section-toc.1-1.8.1"><a href="#section-8" class="auto internal xref">8</a>.  <a href="#name-references" class="internal xref">References</a></p>
+<ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.8.2.1">
+                <p id="section-toc.1-1.8.2.1.1"><a href="#section-8.1" class="auto internal xref">8.1</a>.  <a href="#name-normative-references" class="internal xref">Normative References</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.8.2.2">
+                <p id="section-toc.1-1.8.2.2.1"><a href="#section-8.2" class="auto internal xref">8.2</a>.  <a href="#name-informative-references" class="internal xref">Informative References</a></p>
+</li>
+            </ul>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.9">
+            <p id="section-toc.1-1.9.1"><a href="#appendix-A" class="auto internal xref">Appendix A</a>.  <a href="#name-asn1-module" class="internal xref">ASN.1 Module</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.10">
+            <p id="section-toc.1-1.10.1"><a href="#appendix-B" class="auto internal xref">Appendix B</a>.  <a href="#name-security-strengths" class="internal xref">Security Strengths</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11">
+            <p id="section-toc.1-1.11.1"><a href="#appendix-C" class="auto internal xref">Appendix C</a>.  <a href="#name-examples" class="internal xref">Examples</a></p>
+<ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11.2.1">
+                <p id="section-toc.1-1.11.2.1.1"><a href="#appendix-C.1" class="auto internal xref">C.1</a>.  <a href="#name-example-private-key" class="internal xref">Example Private Key</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11.2.2">
+                <p id="section-toc.1-1.11.2.2.1"><a href="#appendix-C.2" class="auto internal xref">C.2</a>.  <a href="#name-example-public-key" class="internal xref">Example Public Key</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11.2.3">
+                <p id="section-toc.1-1.11.2.3.1"><a href="#appendix-C.3" class="auto internal xref">C.3</a>.  <a href="#name-example-certificates" class="internal xref">Example Certificates</a></p>
+</li>
+            </ul>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12">
+            <p id="section-toc.1-1.12.1"><a href="#appendix-D" class="auto internal xref"></a><a href="#name-acknowledgments" class="internal xref">Acknowledgments</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.13">
+            <p id="section-toc.1-1.13.1"><a href="#appendix-E" class="auto internal xref"></a><a href="#name-authors-addresses" class="internal xref">Authors' Addresses</a></p>
+</li>
+        </ul>
+</nav>
+</section>
+</div>
+<div id="introduction">
+<section id="section-1">
+      <h2 id="name-introduction">
+<a href="#section-1" class="section-number selfRef">1. </a><a href="#name-introduction" class="section-name selfRef">Introduction</a>
+      </h2>
+<p id="section-1-1">The Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) standardized in
+<span>[<a href="#FIPS203" class="cite xref">FIPS203</a>]</span> is a quantum-resistant
+key-encapsulation mechanism (KEM) standardized by the US National Institute
+of Standards and Technology (NIST) PQC Project <span>[<a href="#NIST-PQC" class="cite xref">NIST-PQC</a>]</span>. Prior to
+standardization, the earlier versions of the mechanism were known as
+Kyber. ML-KEM and Kyber are not compatible. This document specifies the use
+of ML-KEM in Public Key Infrastructure X.509 (PKIX) certificates <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span>
+at three security levels: ML-KEM-512, ML-KEM-768, and ML-KEM-1024, using
+object identifiers assigned by NIST. The private key format is also
+specified.<a href="#section-1-1" class="pilcrow">¶</a></p>
+<div id="applicability-statement">
+<section id="section-1.1">
+        <h3 id="name-applicability-statement">
+<a href="#section-1.1" class="section-number selfRef">1.1. </a><a href="#name-applicability-statement" class="section-name selfRef">Applicability Statement</a>
+        </h3>
+<p id="section-1.1-1">ML-KEM certificates are used in protocols where the public key is used to
+generate and encapsulate a shared secret used to derive a symmetric key used
+to encrypt a payload; see <span>[<a href="#I-D.ietf-lamps-cms-kyber" class="cite xref">I-D.ietf-lamps-cms-kyber</a>]</span>. To be used in TLS,
+ML-KEM certificates could only be used as end-entity identity certificates
+and would require significant updates to the protocol; see
+<span>[<a href="#I-D.celi-wiggers-tls-authkem" class="cite xref">I-D.celi-wiggers-tls-authkem</a>]</span>.<a href="#section-1.1-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+</section>
+</div>
+<div id="conventions-and-definitions">
+<section id="section-2">
+      <h2 id="name-conventions-and-definitions">
+<a href="#section-2" class="section-number selfRef">2. </a><a href="#name-conventions-and-definitions" class="section-name selfRef">Conventions and Definitions</a>
+      </h2>
+<p id="section-2-1">The key words "<span class="bcp14">MUST</span>", "<span class="bcp14">MUST NOT</span>", "<span class="bcp14">REQUIRED</span>", "<span class="bcp14">SHALL</span>", "<span class="bcp14">SHALL NOT</span>", "<span class="bcp14">SHOULD</span>", "<span class="bcp14">SHOULD NOT</span>", "<span class="bcp14">RECOMMENDED</span>", "<span class="bcp14">NOT RECOMMENDED</span>",
+"<span class="bcp14">MAY</span>", and "<span class="bcp14">OPTIONAL</span>" in this document are to be interpreted as
+described in BCP 14 <span>[<a href="#RFC2119" class="cite xref">RFC2119</a>]</span> <span>[<a href="#RFC8174" class="cite xref">RFC8174</a>]</span> when, and only when, they
+appear in all capitals, as shown here.<a href="#section-2-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="algorithm-identifiers">
+<section id="section-3">
+      <h2 id="name-algorithm-identifiers">
+<a href="#section-3" class="section-number selfRef">3. </a><a href="#name-algorithm-identifiers" class="section-name selfRef">Algorithm Identifiers</a>
+      </h2>
+<p id="section-3-1">The AlgorithmIdentifier type is defined in <span>[<a href="#RFC5912" class="cite xref">RFC5912</a>]</span> as follows:<a href="#section-3-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-3-2">
+<pre>
+  AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::=
+    SEQUENCE {
+      algorithm   ALGORITHM-TYPE.&amp;id({AlgorithmSet}),
+      parameters  ALGORITHM-TYPE.
+                    &amp;Params({AlgorithmSet}{@algorithm}) OPTIONAL
+    }
+</pre><a href="#section-3-2" class="pilcrow">¶</a>
+</div>
+<aside id="section-3-3">
+        <p id="section-3-3.1">NOTE: The above syntax is from <span>[<a href="#RFC5912" class="cite xref">RFC5912</a>]</span> and is compatible with the
+  2021 ASN.1 syntax <span>[<a href="#X680" class="cite xref">X680</a>]</span>. See <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> for the 1988 ASN.1 syntax.<a href="#section-3-3.1" class="pilcrow">¶</a></p>
+</aside>
+<p id="section-3-4">The fields in AlgorithmIdentifier have the following meanings:<a href="#section-3-4" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-3-5.1">
+          <p id="section-3-5.1.1">algorithm identifies the cryptographic algorithm with an object
+identifier.<a href="#section-3-5.1.1" class="pilcrow">¶</a></p>
+</li>
+        <li class="normal" id="section-3-5.2">
+          <p id="section-3-5.2.1">parameters, which are optional, are the associated parameters for
+the algorithm identifier in the algorithm field.<a href="#section-3-5.2.1" class="pilcrow">¶</a></p>
+</li>
+      </ul>
+<p id="section-3-6">The AlgorithmIdentifier for a ML-KEM public key <span class="bcp14">MUST</span> use one of the
+id-alg-ml-kem object identifiers listed below, based on the security
+level. The parameters field of the AlgorithmIdentifier for the ML-KEM
+public key <span class="bcp14">MUST</span> be absent.<a href="#section-3-6" class="pilcrow">¶</a></p>
+<p id="section-3-7">When any of the ML-KEM AlgorithmIdentifier appears in the
+SubjectPublicKeyInfo field of an X.509 certificate, the key usage
+certificate extension <span class="bcp14">MUST</span> only contain keyEncipherment
+<span><a href="https://rfc-editor.org/rfc/rfc5280#section-4.2.1.3" class="relref">Section 4.2.1.3</a> of [<a href="#RFC5280" class="cite xref">RFC5280</a>]</span>.<a href="#section-3-7" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-3-8">
+<pre>
+  nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+    country(16) us(840) organization(1) gov(101) csor(3)
+    nistAlgorithm(4) }
+
+  kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+  id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+  id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+  id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
+  pk-ml-kem-512 PUBLIC-KEY ::= {
+    IDENTIFIER id-alg-ml-kem-512
+    -- KEY no ASN.1 wrapping --
+    PARAMS ARE absent
+    CERT-KEY-USAGE { keyEncipherment }
+    --- PRIVATE-KEY no ASN.1 wrapping --
+    }
+
+  pk-ml-kem-768 PUBLIC-KEY ::= {
+    IDENTIFIER id-alg-ml-kem-768
+    -- KEY no ASN.1 wrapping --
+    PARAMS ARE absent
+    CERT-KEY-USAGE { keyEncipherment }
+    --- PRIVATE-KEY no ASN.1 wrapping --
+    }
+
+  pk-ml-kem-1024 PUBLIC-KEY ::= {
+    IDENTIFIER id-alg-ml-kem-1024
+    -- KEY no ASN.1 wrapping --
+    PARAMS ARE absent
+    CERT-KEY-USAGE { keyEncipherment }
+    --- PRIVATE-KEY no ASN.1 wrapping --
+    }
+
+    ML-KEM-PublicKey ::= OCTET STRING
+
+    ML-KEM-PrivateKey ::= OCTET STRING
+</pre><a href="#section-3-8" class="pilcrow">¶</a>
+</div>
+<p id="section-3-9">No additional encoding of the ML-KEM public key value is applied in
+the SubjectPublicKeyInfo field of an X.509 certificate <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span>.
+However, whenever the ML-KEM public key value appears outside of a
+certificate, it <span class="bcp14">MAY</span> be encoded as an OCTET STRING.<a href="#section-3-9" class="pilcrow">¶</a></p>
+<p id="section-3-10">No additional encoding of the ML-KEM private key value is applied in
+the PrivateKeyInfo field of an Asymmetric Key Package <span>[<a href="#RFC5958" class="cite xref">RFC5958</a>]</span>.
+However, whenever the ML-KEM private key value appears outside of a
+Asymmetric Key Package, it <span class="bcp14">MAY</span> be encoded as an OCTET STRING.<a href="#section-3-10" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="subject-public-key-fields">
+<section id="section-4">
+      <h2 id="name-subject-public-key-fields">
+<a href="#section-4" class="section-number selfRef">4. </a><a href="#name-subject-public-key-fields" class="section-name selfRef">Subject Public Key Fields</a>
+      </h2>
+<p id="section-4-1">In the X.509 certificate, the subjectPublicKeyInfo field has the
+SubjectPublicKeyInfo type, which has the following ASN.1 syntax:<a href="#section-4-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-4-2">
+<pre>
+  SubjectPublicKeyInfo {PUBLIC-KEY: IOSet} ::= SEQUENCE {
+      algorithm        AlgorithmIdentifier {PUBLIC-KEY, {IOSet}},
+      subjectPublicKey BIT STRING
+  }
+</pre><a href="#section-4-2" class="pilcrow">¶</a>
+</div>
+<aside id="section-4-3">
+        <p id="section-4-3.1">NOTE: The above syntax is from <span>[<a href="#RFC5912" class="cite xref">RFC5912</a>]</span> and is compatible with the
+  2021 ASN.1 syntax <span>[<a href="#X680" class="cite xref">X680</a>]</span>. See <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> for the 1988 ASN.1 syntax.<a href="#section-4-3.1" class="pilcrow">¶</a></p>
+</aside>
+<p id="section-4-4">The fields in SubjectPublicKeyInfo have the following meaning:<a href="#section-4-4" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-4-5.1">
+          <p id="section-4-5.1.1">algorithm is the algorithm identifier and parameters for the
+public key (see above).<a href="#section-4-5.1.1" class="pilcrow">¶</a></p>
+</li>
+        <li class="normal" id="section-4-5.2">
+          <p id="section-4-5.2.1">subjectPublicKey contains the byte stream of the public key.<a href="#section-4-5.2.1" class="pilcrow">¶</a></p>
+</li>
+      </ul>
+<p id="section-4-6"><a href="#example-public" class="auto internal xref">Appendix C.2</a> contains examples for ML-KEM public keys
+encoded using the textual encoding defined in <span>[<a href="#RFC7468" class="cite xref">RFC7468</a>]</span>.<a href="#section-4-6" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="private-key-format">
+<section id="section-5">
+      <h2 id="name-private-key-format">
+<a href="#section-5" class="section-number selfRef">5. </a><a href="#name-private-key-format" class="section-name selfRef">Private Key Format</a>
+      </h2>
+<p id="section-5-1">In short, an ML-KEM private key is encoded by storing its 64-octet seed in
+the privateKey field as follows.<a href="#section-5-1" class="pilcrow">¶</a></p>
+<p id="section-5-2"><span>[<a href="#FIPS203" class="cite xref">FIPS203</a>]</span> specifies two formats for an ML-KEM private key: a 64-octet
+seed and an (expanded) private key, which is referred to as the
+decapsulation key. The expanded private key (and public key)
+is computed from the seed using <code>ML-KEM.KeyGen_internal(d,z)</code> (algorithm 16)
+using the first 32 octets as <em>d</em> and the remaining 32 octets as <em>z</em>.<a href="#section-5-2" class="pilcrow">¶</a></p>
+<p id="section-5-3">A keypair is generated by sampling 64 octets uniformly at random
+for the seed (private key)  from a cryptographically secure
+pseudorandom number generator (CSPRNGs). The public key can then
+be computed using <code>ML-KEM.KeyGen_internal(d,z)</code> as described earlier.<a href="#section-5-3" class="pilcrow">¶</a></p>
+<p id="section-5-4">"Asymmetric Key Packages" <span>[<a href="#RFC5958" class="cite xref">RFC5958</a>]</span> describes how to encode a private
+key in a structure that both identifies what algorithm the private key
+is for and allows for the public key and additional attributes about the
+key to be included as well. For illustration, the ASN.1 structure
+OneAsymmetricKey is replicated below.<a href="#section-5-4" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-5-5">
+<pre>
+  OneAsymmetricKey ::= SEQUENCE {
+    version                  Version,
+    privateKeyAlgorithm      SEQUENCE {
+    algorithm                PUBLIC-KEY.&amp;id({PublicKeySet}),
+    parameters               PUBLIC-KEY.&amp;Params({PublicKeySet}
+                               {@privateKeyAlgorithm.algorithm})
+                                  OPTIONAL}
+    privateKey               OCTET STRING (CONTAINING
+                               PUBLIC-KEY.&amp;PrivateKey({PublicKeySet}
+                                 {@privateKeyAlgorithm.algorithm})),
+    attributes           [0] Attributes OPTIONAL,
+    ...,
+    [[2: publicKey       [1] BIT STRING (CONTAINING
+                               PUBLIC-KEY.&amp;Params({PublicKeySet}
+                                 {@privateKeyAlgorithm.algorithm})
+                                 OPTIONAL,
+    ...
+  }
+</pre><a href="#section-5-5" class="pilcrow">¶</a>
+</div>
+<aside id="section-5-6">
+        <p id="section-5-6.1">NOTE: The above syntax is from <span>[<a href="#RFC5958" class="cite xref">RFC5958</a>]</span> and is compatible with the
+  2021 ASN.1 syntax <span>[<a href="#X680" class="cite xref">X680</a>]</span>.<a href="#section-5-6.1" class="pilcrow">¶</a></p>
+</aside>
+<p id="section-5-7">When used in a OneAsymmetricKey type, the privateKey OCTET STRING contains
+the raw octet string encoding of the 64-octet seed. The publicKey field
+<span class="bcp14">SHOULD</span> be omitted because the public key can be computed as noted earlier
+in this section.<a href="#section-5-7" class="pilcrow">¶</a></p>
+<p id="section-5-8"><a href="#example-private" class="auto internal xref">Appendix C.1</a> contains examples for ML-KEM private keys
+encoded using the textual encoding defined in <span>[<a href="#RFC7468" class="cite xref">RFC7468</a>]</span>.<a href="#section-5-8" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="security-considerations">
+<section id="section-6">
+      <h2 id="name-security-considerations">
+<a href="#section-6" class="section-number selfRef">6. </a><a href="#name-security-considerations" class="section-name selfRef">Security Considerations</a>
+      </h2>
+<p id="section-6-1">The Security Considerations section of <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> applies to this
+specification as well.<a href="#section-6-1" class="pilcrow">¶</a></p>
+<p id="section-6-2">Protection of the private-key information, i.e., the seed, is vital to
+public-key cryptography.  Disclosure of the private-key material to another
+entity can lead to masquerades.<a href="#section-6-2" class="pilcrow">¶</a></p>
+<p id="section-6-3">For ML-KEM specific security considerations refer to
+<span>[<a href="#I-D.sfluhrer-cfrg-ml-kem-security-considerations" class="cite xref">I-D.sfluhrer-cfrg-ml-kem-security-considerations</a>]</span>.<a href="#section-6-3" class="pilcrow">¶</a></p>
+<p id="section-6-4">The generation of private keys relies on random numbers. The use of
+inadequate pseudo-random number generators (PRNGs) to generate these
+values can result in little or no security.  An attacker may find it
+much easier to reproduce the PRNG environment that produced the keys,
+searching the resulting small set of possibilities, rather than brute
+force searching the whole key space.  The generation of quality
+random numbers is difficult, and <span>[<a href="#RFC4086" class="cite xref">RFC4086</a>]</span> offers important guidance
+in this area.<a href="#section-6-4" class="pilcrow">¶</a></p>
+<p id="section-6-5">ML-KEM key generation as standardized in <span>[<a href="#FIPS203" class="cite xref">FIPS203</a>]</span> has specific
+requirements around randomness generation, described in section 3.3,
+'Randomness generation'.<a href="#section-6-5" class="pilcrow">¶</a></p>
+<p id="section-6-6">Key formats have implications on KEM binding properties, initially formalized
+in <span>[<a href="#CDM23" class="cite xref">CDM23</a>]</span>. Per the analysis of the final <span>[<a href="#FIPS203" class="cite xref">FIPS203</a>]</span> in <span>[<a href="#KEMMY24" class="cite xref">KEMMY24</a>]</span>, a
+compliant instantiation of ML-KEM is LEAK-BIND-K-PK-secure and
+LEAK-BIND-K-CT-secure when using the expanded key format, but not
+MAL-BIND-K-PK-secure nor MAL-BIND-K-CT-secure. This means that the computed
+shared secret binds to the encapsulation key used to compute it against a
+malicious adversary that has access to leaked, honestly-generated key
+material but is not capable of manufacturing maliciously generated
+keypairs. This binding to the encapsulation key broadly protects against
+re-encapsulation attacks but not completely.<a href="#section-6-6" class="pilcrow">¶</a></p>
+<p id="section-6-7">Using the 64-byte seed format provides a step up in binding security by
+mitigating an attack enabled by the hash of the public encapsulation key
+stored in the expanded private decapsulation key format, providing
+MAL-BIND-K-CT security and LEAK-BIND-K-PK security.<a href="#section-6-7" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="iana-considerations">
+<section id="section-7">
+      <h2 id="name-iana-considerations">
+<a href="#section-7" class="section-number selfRef">7. </a><a href="#name-iana-considerations" class="section-name selfRef">IANA Considerations</a>
+      </h2>
+<p id="section-7-1">For the ASN.1 Module in <a href="#asn1" class="auto internal xref">Appendix A</a>, IANA is requested to assign an
+object identifier (OID) for the module identifier (TBD) with a
+Description of "id-mod-x509-ml-kem-2024".  The OID for the module
+should be allocated in the "SMI Security for PKIX Module Identifier"
+registry (1.3.6.1.5.5.7.0).<a href="#section-7-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="sec-combined-references">
+<section id="section-8">
+      <h2 id="name-references">
+<a href="#section-8" class="section-number selfRef">8. </a><a href="#name-references" class="section-name selfRef">References</a>
+      </h2>
+<div id="sec-normative-references">
+<section id="section-8.1">
+        <h3 id="name-normative-references">
+<a href="#section-8.1" class="section-number selfRef">8.1. </a><a href="#name-normative-references" class="section-name selfRef">Normative References</a>
+        </h3>
+<dl class="references">
+<dt id="FIPS203">[FIPS203]</dt>
+        <dd>
+<span class="refTitle">"Module-lattice-based key-encapsulation mechanism standard"</span>, <span class="refContent">National Institute of Standards and Technology (U.S.)</span>, <span class="seriesInfo">DOI 10.6028/nist.fips.203</span>, <time datetime="2024-08" class="refDate">August 2024</time>, <span>&lt;<a href="https://doi.org/10.6028/nist.fips.203">https://doi.org/10.6028/nist.fips.203</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC2119">[RFC2119]</dt>
+        <dd>
+<span class="refAuthor">Bradner, S.</span>, <span class="refTitle">"Key words for use in RFCs to Indicate Requirement Levels"</span>, <span class="seriesInfo">BCP 14</span>, <span class="seriesInfo">RFC 2119</span>, <span class="seriesInfo">DOI 10.17487/RFC2119</span>, <time datetime="1997-03" class="refDate">March 1997</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc2119">https://www.rfc-editor.org/rfc/rfc2119</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC5280">[RFC5280]</dt>
+        <dd>
+<span class="refAuthor">Cooper, D.</span>, <span class="refAuthor">Santesson, S.</span>, <span class="refAuthor">Farrell, S.</span>, <span class="refAuthor">Boeyen, S.</span>, <span class="refAuthor">Housley, R.</span>, and <span class="refAuthor">W. Polk</span>, <span class="refTitle">"Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile"</span>, <span class="seriesInfo">RFC 5280</span>, <span class="seriesInfo">DOI 10.17487/RFC5280</span>, <time datetime="2008-05" class="refDate">May 2008</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5280">https://www.rfc-editor.org/rfc/rfc5280</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC5912">[RFC5912]</dt>
+        <dd>
+<span class="refAuthor">Hoffman, P.</span> and <span class="refAuthor">J. Schaad</span>, <span class="refTitle">"New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)"</span>, <span class="seriesInfo">RFC 5912</span>, <span class="seriesInfo">DOI 10.17487/RFC5912</span>, <time datetime="2010-06" class="refDate">June 2010</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5912">https://www.rfc-editor.org/rfc/rfc5912</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC5958">[RFC5958]</dt>
+        <dd>
+<span class="refAuthor">Turner, S.</span>, <span class="refTitle">"Asymmetric Key Packages"</span>, <span class="seriesInfo">RFC 5958</span>, <span class="seriesInfo">DOI 10.17487/RFC5958</span>, <time datetime="2010-08" class="refDate">August 2010</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5958">https://www.rfc-editor.org/rfc/rfc5958</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC8174">[RFC8174]</dt>
+        <dd>
+<span class="refAuthor">Leiba, B.</span>, <span class="refTitle">"Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words"</span>, <span class="seriesInfo">BCP 14</span>, <span class="seriesInfo">RFC 8174</span>, <span class="seriesInfo">DOI 10.17487/RFC8174</span>, <time datetime="2017-05" class="refDate">May 2017</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8174">https://www.rfc-editor.org/rfc/rfc8174</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC9629">[RFC9629]</dt>
+        <dd>
+<span class="refAuthor">Housley, R.</span>, <span class="refAuthor">Gray, J.</span>, and <span class="refAuthor">T. Okubo</span>, <span class="refTitle">"Using Key Encapsulation Mechanism (KEM) Algorithms in the Cryptographic Message Syntax (CMS)"</span>, <span class="seriesInfo">RFC 9629</span>, <span class="seriesInfo">DOI 10.17487/RFC9629</span>, <time datetime="2024-08" class="refDate">August 2024</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc9629">https://www.rfc-editor.org/rfc/rfc9629</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="X680">[X680]</dt>
+        <dd>
+<span class="refAuthor">ITU-T</span>, <span class="refTitle">"Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation"</span>, <span class="seriesInfo">ITU-T Recommendation X.680</span>, <span class="seriesInfo">ISO/IEC 8824-1:2021</span>, <time datetime="2021-02" class="refDate">February 2021</time>, <span>&lt;<a href="https://www.itu.int/rec/T-REC-X.680">https://www.itu.int/rec/T-REC-X.680</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="X690">[X690]</dt>
+      <dd>
+<span class="refAuthor">ITU-T</span>, <span class="refTitle">"Information technology - Abstract Syntax Notation One (ASN.1): ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)"</span>, <span class="seriesInfo">ITU-T Recommendation X.690</span>, <span class="seriesInfo">ISO/IEC 8825-1:2021</span>, <time datetime="2021-02" class="refDate">February 2021</time>, <span>&lt;<a href="https://www.itu.int/rec/T-REC-X.690">https://www.itu.int/rec/T-REC-X.690</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+</dl>
+</section>
+</div>
+<div id="sec-informative-references">
+<section id="section-8.2">
+        <h3 id="name-informative-references">
+<a href="#section-8.2" class="section-number selfRef">8.2. </a><a href="#name-informative-references" class="section-name selfRef">Informative References</a>
+        </h3>
+<dl class="references">
+<dt id="CDM23">[CDM23]</dt>
+        <dd>
+<span class="refAuthor">Cremers, C.</span>, <span class="refAuthor">Dax, A.</span>, and <span class="refAuthor">N. Medinger</span>, <span class="refTitle">"Keeping Up with the KEMs: Stronger Security Notions for KEMs and automated analysis of KEM-based protocols"</span>, <time datetime="2023" class="refDate">2023</time>, <span>&lt;<a href="https://eprint.iacr.org/2023/1933.pdf">https://eprint.iacr.org/2023/1933.pdf</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="I-D.celi-wiggers-tls-authkem">[I-D.celi-wiggers-tls-authkem]</dt>
+        <dd>
+<span class="refAuthor">Wiggers, T.</span>, <span class="refAuthor">Celi, S.</span>, <span class="refAuthor">Schwabe, P.</span>, <span class="refAuthor">Stebila, D.</span>, and <span class="refAuthor">N. Sullivan</span>, <span class="refTitle">"KEM-based Authentication for TLS 1.3"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-celi-wiggers-tls-authkem-04</span>, <time datetime="2024-10-17" class="refDate">17 October 2024</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-celi-wiggers-tls-authkem-04">https://datatracker.ietf.org/doc/html/draft-celi-wiggers-tls-authkem-04</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="I-D.ietf-lamps-cms-kyber">[I-D.ietf-lamps-cms-kyber]</dt>
+        <dd>
+<span class="refAuthor">Prat, J.</span>, <span class="refAuthor">Ounsworth, M.</span>, and <span class="refAuthor">D. Van Geest</span>, <span class="refTitle">"Use of ML-KEM in the Cryptographic Message Syntax (CMS)"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ietf-lamps-cms-kyber-06</span>, <time datetime="2024-12-11" class="refDate">11 December 2024</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ietf-lamps-cms-kyber-06">https://datatracker.ietf.org/doc/html/draft-ietf-lamps-cms-kyber-06</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="I-D.lamps-dilithium-certificates">[I-D.lamps-dilithium-certificates]</dt>
+        <dd>
+<span class="refTitle">"*** BROKEN REFERENCE ***"</span>. </dd>
+<dd class="break"></dd>
+<dt id="I-D.sfluhrer-cfrg-ml-kem-security-considerations">[I-D.sfluhrer-cfrg-ml-kem-security-considerations]</dt>
+        <dd>
+<span class="refAuthor">Fluhrer, S.</span>, <span class="refAuthor">Dang, Q.</span>, <span class="refAuthor">Mattsson, J. P.</span>, <span class="refAuthor">Milner, K.</span>, and <span class="refAuthor">D. Shiu</span>, <span class="refTitle">"ML-KEM Security Considerations"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-sfluhrer-cfrg-ml-kem-security-considerations-02</span>, <time datetime="2024-11-19" class="refDate">19 November 2024</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-sfluhrer-cfrg-ml-kem-security-considerations-02">https://datatracker.ietf.org/doc/html/draft-sfluhrer-cfrg-ml-kem-security-considerations-02</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="KEMMY24">[KEMMY24]</dt>
+        <dd>
+<span class="refAuthor">Schmieg, S.</span>, <span class="refTitle">"Unbindable Kemmy Schmidt: ML-KEM is neither MAL-BIND-K-CT nor MAL-BIND-K-PK"</span>, <time datetime="2024" class="refDate">2024</time>, <span>&lt;<a href="https://eprint.iacr.org/2024/523.pdf">https://eprint.iacr.org/2024/523.pdf</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="NIST-PQC">[NIST-PQC]</dt>
+        <dd>
+<span class="refAuthor">National Institute of Standards and Technology (NIST)</span>, <span class="refTitle">"Post-Quantum Cryptography Project"</span>, <time datetime="2016-12-20" class="refDate">20 December 2016</time>, <span>&lt;<a href="https://csrc.nist.gov/projects/post-quantum-cryptography">https://csrc.nist.gov/projects/post-quantum-cryptography</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC4086">[RFC4086]</dt>
+        <dd>
+<span class="refAuthor">Eastlake 3rd, D.</span>, <span class="refAuthor">Schiller, J.</span>, and <span class="refAuthor">S. Crocker</span>, <span class="refTitle">"Randomness Requirements for Security"</span>, <span class="seriesInfo">BCP 106</span>, <span class="seriesInfo">RFC 4086</span>, <span class="seriesInfo">DOI 10.17487/RFC4086</span>, <time datetime="2005-06" class="refDate">June 2005</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc4086">https://www.rfc-editor.org/rfc/rfc4086</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC7468">[RFC7468]</dt>
+      <dd>
+<span class="refAuthor">Josefsson, S.</span> and <span class="refAuthor">S. Leonard</span>, <span class="refTitle">"Textual Encodings of PKIX, PKCS, and CMS Structures"</span>, <span class="seriesInfo">RFC 7468</span>, <span class="seriesInfo">DOI 10.17487/RFC7468</span>, <time datetime="2015-04" class="refDate">April 2015</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc7468">https://www.rfc-editor.org/rfc/rfc7468</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+</dl>
+</section>
+</div>
+</section>
+</div>
+<div id="asn1">
+<section id="appendix-A">
+      <h2 id="name-asn1-module">
+<a href="#appendix-A" class="section-number selfRef">Appendix A. </a><a href="#name-asn1-module" class="section-name selfRef">ASN.1 Module</a>
+      </h2>
+<p id="appendix-A-1">This appendix includes the ASN.1 module <span>[<a href="#X680" class="cite xref">X680</a>]</span> for the ML-KEM.  Note that
+as per <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span>, certificates use the Distinguished Encoding Rules; see
+<span>[<a href="#X690" class="cite xref">X690</a>]</span>. This module imports objects from <span>[<a href="#RFC5912" class="cite xref">RFC5912</a>]</span> and <span>[<a href="#RFC9629" class="cite xref">RFC9629</a>]</span>.<a href="#appendix-A-1" class="pilcrow">¶</a></p>
+<div class="breakable sourcecode" id="appendix-A-2">
+<pre>&lt;CODE BEGINS&gt;
+X509-ML-KEM-2024
+{ iso(1) identified-organization(3) dod(6)
+  internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+  id-mod-x509-ml-kem-2024(TBD) }
+
+DEFINITIONS IMPLICIT TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+  PUBLIC-KEY
+    FROM AlgorithmInformation-2009  -- [RFC 5912]
+      { iso(1) identified-organization(3) dod(6) internet(1)
+        security(5) mechanisms(5) pkix(7) id-mod(0)
+        id-mod-algorithmInformation-02(58) }
+
+  KEM-ALGORITHM
+    FROM KEMAlgorithmInformation-2023  -- [RFC 9629]
+      { iso(1) identified-organization(3) dod(6) internet(1)
+        security(5) mechanisms(5) pkix(7) id-mod(0)
+        id-mod-kemAlgorithmInformation-2023(109) };
+
+--
+-- ML-KEM Identifiers
+--
+
+nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+  country(16) us(840) organization(1) gov(101) csor(3)
+  nistAlgorithm(4) }
+
+kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
+  --
+  -- Public Key Algorithms
+  --
+  -- To use the following with the PKIX1Explicit-2009 [RFC5912], replace
+  -- the PublicKeyAlgorithms therein with the following:
+  --
+  -- PublicKeyAlgorithms PUBLIC-KEY ::= {
+  --   PKIXAlgs-2009.PublicKeys,
+  --   ...,
+  --   PKIX1-PSS-OAEP-Algorithms-2009.PublicKeys,
+  --   X509-ML-KEM-2024.PublicKeys }
+
+  --
+  -- Public Key (pk-) Algorithms
+  --
+
+PublicKeys PUBLIC-KEY ::= {
+  -- This expands PublicKeys from RFC 5912
+  pk-ml-kem-512 |
+  pk-ml-kem-768 |
+  pk-ml-kem-1024,
+  ...
+  }
+
+--
+-- ML-KEM Public Keys
+--
+
+pk-ml-kem-512 PUBLIC-KEY ::= {
+  IDENTIFIER id-alg-ml-kem-512
+  -- KEY no ASN.1 wrapping --
+  PARAMS ARE absent
+  CERT-KEY-USAGE { keyEncipherment }
+  --- PRIVATE-KEY no ASN.1 wrapping --
+  }
+
+pk-ml-kem-768 PUBLIC-KEY ::= {
+  IDENTIFIER id-alg-ml-kem-768
+  -- KEY no ASN.1 wrapping --
+  PARAMS ARE absent
+  CERT-KEY-USAGE { keyEncipherment }
+  --- PRIVATE-KEY no ASN.1 wrapping --
+  }
+
+pk-ml-kem-1024 PUBLIC-KEY ::= {
+  IDENTIFIER id-alg-ml-kem-1024
+  -- KEY no ASN.1 wrapping --
+  PARAMS ARE absent
+  CERT-KEY-USAGE { keyEncipherment }
+  --- PRIVATE-KEY no ASN.1 wrapping --
+  }
+
+END
+
+&lt;CODE ENDS&gt;</pre><a href="#appendix-A-2" class="pilcrow">¶</a>
+</div>
+</section>
+</div>
+<div id="arnold">
+<section id="appendix-B">
+      <h2 id="name-security-strengths">
+<a href="#appendix-B" class="section-number selfRef">Appendix B. </a><a href="#name-security-strengths" class="section-name selfRef">Security Strengths</a>
+      </h2>
+<p id="appendix-B-1">Instead of defining the strength of a quantum algorithm in a traditional
+manner using the imprecise notion of bits of security, NIST has
+defined security levels by picking a reference scheme, which
+NIST expects to offer notable levels of resistance to both quantum and
+classical attack.  To wit, a KEM algorithm that achieves NIST PQC
+security must require computational resources to break IND-CCA2
+security comparable or greater than that required for key search
+on AES-128, AES-192, and AES-256 for Levels 1, 3, and 5, respectively.
+Levels 2 and 4 use collision search for SHA-256 and SHA-384 as reference.<a href="#appendix-B-1" class="pilcrow">¶</a></p>
+<aside id="appendix-B-2">
+        <p id="appendix-B-2.1">TODO: what should go in this table?<a href="#appendix-B-2.1" class="pilcrow">¶</a></p>
+</aside>
+<span id="name-ml-kem-security-strengths"></span><div id="tab-strengths">
+<table class="center" id="table-1">
+        <caption>
+<a href="#table-1" class="selfRef">Table 1</a>:
+<a href="#name-ml-kem-security-strengths" class="selfRef">ML-KEM security strengths</a>
+        </caption>
+<thead>
+          <tr>
+            <th class="text-left" rowspan="1" colspan="1">Level</th>
+            <th class="text-left" rowspan="1" colspan="1">Parameter Set</th>
+            <th class="text-left" rowspan="1" colspan="1">Encap. Key</th>
+            <th class="text-left" rowspan="1" colspan="1">Decap. Key</th>
+            <th class="text-left" rowspan="1" colspan="1">Ciphertext</th>
+            <th class="text-left" rowspan="1" colspan="1">SS</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr>
+            <td class="text-left" rowspan="1" colspan="1">1</td>
+            <td class="text-left" rowspan="1" colspan="1">ML-KEM-512</td>
+            <td class="text-left" rowspan="1" colspan="1">800</td>
+            <td class="text-left" rowspan="1" colspan="1">1632</td>
+            <td class="text-left" rowspan="1" colspan="1">768</td>
+            <td class="text-left" rowspan="1" colspan="1">32</td>
+          </tr>
+          <tr>
+            <td class="text-left" rowspan="1" colspan="1">3</td>
+            <td class="text-left" rowspan="1" colspan="1">ML-KEM-768</td>
+            <td class="text-left" rowspan="1" colspan="1">1184</td>
+            <td class="text-left" rowspan="1" colspan="1">2400</td>
+            <td class="text-left" rowspan="1" colspan="1">1952</td>
+            <td class="text-left" rowspan="1" colspan="1">32</td>
+          </tr>
+          <tr>
+            <td class="text-left" rowspan="1" colspan="1">5</td>
+            <td class="text-left" rowspan="1" colspan="1">ML-KEM-1024</td>
+            <td class="text-left" rowspan="1" colspan="1">1568</td>
+            <td class="text-left" rowspan="1" colspan="1">3168</td>
+            <td class="text-left" rowspan="1" colspan="1">2592</td>
+            <td class="text-left" rowspan="1" colspan="1">32</td>
+          </tr>
+        </tbody>
+      </table>
+</div>
+</section>
+</div>
+<div id="examples">
+<section id="appendix-C">
+      <h2 id="name-examples">
+<a href="#appendix-C" class="section-number selfRef">Appendix C. </a><a href="#name-examples" class="section-name selfRef">Examples</a>
+      </h2>
+<p id="appendix-C-1">This appendix contains examples of ML-KEM public keys, private keys and
+certificates.<a href="#appendix-C-1" class="pilcrow">¶</a></p>
+<div id="example-private">
+<section id="appendix-C.1">
+        <h3 id="name-example-private-key">
+<a href="#appendix-C.1" class="section-number selfRef">C.1. </a><a href="#name-example-private-key" class="section-name selfRef">Example Private Key</a>
+        </h3>
+<p id="appendix-C.1-1">The following is an example of a ML-KEM-512 private key with hex seed <code>0001…3f</code>:<a href="#appendix-C.1-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.1-2">
+<pre>
+-----BEGIN PRIVATE KEY-----
+MFICAQAwCwYJYIZIAWUDBAQBBEAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob
+HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/
+-----END PRIVATE KEY-----
+</pre><a href="#appendix-C.1-2" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.1-3">
+<pre>
+0  82: SEQUENCE
+2   2:  INTEGER 0
+5  11:  SEQUENCE {
+7   9:   OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.1'
+     :   }
+18 64:  OCTET STRING
+     :    00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+     :    10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+     :    20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+     :    30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f
+     :  }
+</pre><a href="#appendix-C.1-3" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.1-4">The following is an example of a ML-KEM-768 private key from the same seed.<a href="#appendix-C.1-4" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.1-5">
+<pre>
+-----BEGIN PRIVATE KEY-----
+MFICAQAwCwYJYIZIAWUDBAQCBEAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob
+HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/
+-----END PRIVATE KEY-----
+</pre><a href="#appendix-C.1-5" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.1-6">
+<pre>
+0  82: SEQUENCE
+2   2:  INTEGER 0
+5  11:  SEQUENCE {
+7   9:   OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.2'
+     :   }
+18 64:  OCTET STRING
+     :    00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+     :    10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+     :    20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+     :    30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f
+     :  }
+</pre><a href="#appendix-C.1-6" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.1-7">The following is an example of a ML-KEM-1024 private key from the same seed.<a href="#appendix-C.1-7" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.1-8">
+<pre>
+-----BEGIN PRIVATE KEY-----
+MFICAQAwCwYJYIZIAWUDBAQDBEAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob
+HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/
+-----END PRIVATE KEY-----
+</pre><a href="#appendix-C.1-8" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.1-9">
+<pre>
+0  82: SEQUENCE
+2   2:  INTEGER 0
+5  11:  SEQUENCE {
+7   9:   OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.3'
+     :   }
+18 64:  OCTET STRING
+     :    00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+     :    10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+     :    20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+     :    30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f
+     :  }
+</pre><a href="#appendix-C.1-9" class="pilcrow">¶</a>
+</div>
+<aside id="appendix-C.1-10">
+          <p id="appendix-C.1-10.1">NOTE: The private key is the seed and all three examples keys
+  use the same seed; therefore, the private above are the same
+  except for the OID used to represent the ML-KEM algorithm's
+  security strength.<a href="#appendix-C.1-10.1" class="pilcrow">¶</a></p>
+</aside>
+</section>
+</div>
+<div id="example-public">
+<section id="appendix-C.2">
+        <h3 id="name-example-public-key">
+<a href="#appendix-C.2" class="section-number selfRef">C.2. </a><a href="#name-example-public-key" class="section-name selfRef">Example Public Key</a>
+        </h3>
+<p id="appendix-C.2-1">The following is the ML-KEM-512 public key corresponding to the private
+key in the previous section.<a href="#appendix-C.2-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.2-2">
+<pre>
+-----BEGIN PUBLIC KEY-----
+MIIDMjALBglghkgBZQMEBAEDggMhADmVgV5ZfRBDVc8pqlMzyTJRhp1bzb5IcST2
+Ari2pmwWxHYWSK12XPXYAGtRXpBafwrAdrDGLvoygVPnylcBaZ8TBfHmvG+QsOSb
+aTUSts6ZKouAFt38GmYsfj+WGcvYad13GvMIlszVkYrGy3dGbF53mZbWf/mqvJdQ
+Pyx7fi0ADYZFD7GAfKTKvaRlgloxx4mht6SRqzhydl0yDQtxkg+iE8lAk0Frg7gS
+Tmn2XmLLUADcw3qpoP/3OXDEdy81fSQYnKb1MFVowOI3ajdipoxgXlY8XSCVcuD8
+dTLKKUcpU1VntfxBPF6HktJGRTbMgI+YrddGZPFBVm+QFqkKVBgpqYoEZM5BqLtE
+wtT6PCwglGByjvFKGnxMm5jRIgO0zDUpFgqasteDj3/2tTrgWqMafWRrevpsRZMl
+JqPDdVYZvplMIRwqMcBbNEeDbLIVC+GCna5rBMVTXP9Ubjkrp5dBFyD5JPSQpaxU
+lfITVtVQt4KmTBaItrZVvMeEIZekNML2Vjtbfwmni8xIgjJ4NWHRb0y6tnVUAAUH
+gVcMZmBLgXrRJSKUc26LAYYaS1p0UZuLb+UUiaUHI5Llh2JscTd2V10zgGocjicy
+r5fCaA9RZmMxxOuLvAQxxPloMtrxs8RVKPuhU/bHixwZhwKUfM0zdyekb7U7oR3l
+y0GRNGhZUWy2rXJADzzyCbI2rvNaWArIfrPjD6/WaXPKin3SZ1r0H3oXthQzzRr4
+D3cIhp9mVIhJeYCxrBCgzctjagDthoGzXkKRJMqANQcluF+DperDpKPMFgCQPmUp
+NWC5szblrw1SnawaBIEZMCy3qbzBELlIUb8CEX8ZncSFqFK3Rz8JuDGmgx1bVMC3
+kNIlz2u5LZRiomzbM92lEjx6rw4moLg2Ve6ii/OoB0clAY/WuuS2Ac9huqtxp6PT
+UZejQ+dLSicsEl1UCJZCbYW3lY07OKa6mH7DciXHtEzbEt3kU5tKsII2NoPwS/eg
+nMXEHf6DChsWLgsyQzQ2LwhKFEZ3IzRLrdAA+NjFN8SPmY8FMHzr0e3guBw7xZoG
+WhttY7Js
+-----END PUBLIC KEY-----
+</pre><a href="#appendix-C.2-2" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.2-3">
+<pre>
+0  818: SEQUENCE {
+4   11:   SEQUENCE {
+6    9:     OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.1'
+      :     }
+17 801:   BIT STRING
+      :     00 39 95 81 5e 59 7d 10 43 55 cf 29 aa 53 33 c9
+      :     32 51 86 9d 5b cd be 48 71 24 f6 02 b8 b6 a6 6c
+      :     7f 0a c0 76 b0 c6 2e fa 32 81 53 e7 ca 57 01 69
+      :     9f 13 05 f1 e6 bc 6f 90 b0 e4 9b 69 35 12 b6 ce
+      :     99 2a 8b 80 16 dd fc 1a 66 2c 7e 3f 96 19 cb d8
+      :     69 dd 77 1a f3 08 96 cc d5 91 8a c6 cb 77 46 6c
+      :     5e 77 99 96 d6 7f f9 aa bc 97 50 3f 2c 7b 7e 2d
+      :     00 0d 86 45 0f b1 80 7c a4 ca bd a4 65 82 5a 31
+      :     c7 89 a1 b7 a4 91 ab 38 72 76 5d 32 0d 0b 71 92
+      :     0f a2 13 c9 40 93 41 6b 83 b8 12 4e 69 f6 5e 62
+      :     cb 50 00 dc c3 7a a9 a0 ff f7 39 70 c4 77 2f 35
+      :     7d 24 18 9c a6 f5 30 55 68 c0 e2 37 6a 37 62 a6
+      :     8c 60 5e 56 3c 5d 20 95 72 e0 fc 75 32 ca 29 47
+      :     29 53 55 67 b5 fc 41 3c 5e 87 92 d2 46 45 36 cc
+      :     80 8f 98 ad d7 46 64 f1 41 56 6f 90 16 a9 0a 54
+      :     18 29 a9 8a 04 64 ce 41 a8 bb 44 c2 d4 fa 3c 2c
+      :     20 94 60 72 8e f1 4a 1a 7c 4c 9b 98 d1 22 03 b4
+      :     cc 35 29 16 0a 9a b2 d7 83 8f 7f f6 b5 3a e0 5a
+      :     a3 1a 7d 64 6b 7a fa 6c 45 93 25 26 a3 c3 75 56
+      :     19 be 99 4c 21 1c 2a 31 c0 5b 34 47 83 6c b2 15
+      :     0b e1 82 9d ae 6b 04 c5 53 5c ff 54 6e 39 2b a7
+      :     97 41 17 20 f9 24 f4 90 a5 ac 54 95 f2 13 56 d5
+      :     50 b7 82 a6 4c 16 88 b6 b6 55 bc c7 84 21 97 a4
+      :     34 c2 f6 56 3b 5b 7f 09 a7 8b cc 48 82 32 78 35
+      :     61 d1 6f 4c ba b6 75 54 00 05 07 81 57 0c 66 60
+      :     4b 81 7a d1 25 22 94 73 6e 8b 01 86 1a 4b 5a 74
+      :     51 9b 8b 6f e5 14 89 a5 07 23 92 e5 87 62 6c 71
+      :     37 76 57 5d 33 80 6a 1c 8e 27 32 af 97 c2 68 0f
+      :     51 66 63 31 c4 eb 8b bc 04 31 c4 f9 68 32 da f1
+      :     b3 c4 55 28 fb a1 53 f6 c7 8b 1c 19 87 02 94 7c
+      :     cd 33 77 27 a4 6f b5 3b a1 1d e5 cb 41 91 34 68
+      :     59 51 6c b6 ad 72 40 0f 3c f2 09 b2 36 ae f3 5a
+      :     58 0a c8 7e b3 e3 0f af d6 69 73 ca 8a 7d d2 67
+      :     5a f4 1f 7a 17 b6 14 33 cd 1a f8 0f 77 08 86 9f
+      :     66 54 88 49 79 80 b1 ac 10 a0 cd cb 63 6a 00 ed
+      :     86 81 b3 5e 42 91 24 ca 80 35 07 25 b8 5f 83 a5
+      :     ea c3 a4 a3 cc 16 00 90 3e 65 29 35 60 b9 b3 36
+      :     e5 af 0d 52 9d ac 1a 04 81 19 30 2c b7 a9 bc c1
+      :     10 b9 48 51 bf 02 11 7f 19 9d c4 85 a8 52 b7 47
+      :     3f 09 b8 31 a6 83 1d 5b 54 c0 b7 90 d2 25 cf 6b
+      :     b9 2d 94 62 a2 6c db 33 dd a5 12 3c 7a af 0e 26
+      :     a0 b8 36 55 ee a2 8b f3 a8 07 47 25 01 8f d6 ba
+      :     e4 b6 01 cf 61 ba ab 71 a7 a3 d3 51 97 a3 43 e7
+      :     4b 4a 27 2c 12 5d 54 08 96 42 6d 85 b7 95 8d 3b
+      :     38 a6 ba 98 7e c3 72 25 c7 b4 4c db 12 dd e4 53
+      :     9b 4a b0 82 36 36 83 f0 4b f7 a0 9c c5 c4 1d fe
+      :     83 0a 1b 16 2e 0b 32 43 34 36 2f 08 4a 14 46 77
+      :     23 34 4b ad d0 00 f8 d8 c5 37 c4 8f 99 8f 05 30
+      :     7c eb d1 ed e0 b8 1c 3b c5 9a 06 5a 1b 6d 63 b2
+      :     6c
+      :   }
+</pre><a href="#appendix-C.2-3" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.2-4">The following is the ML-KEM-768 public key corresponding to the private
+key in the previous section.<a href="#appendix-C.2-4" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.2-5">
+<pre>
+-----BEGIN PUBLIC KEY-----
+MIIEsjALBglghkgBZQMEBAIDggShACmKoQ1CPI3aBp0CvFnmzfA6CWuLPaTKubgM
+pKFJB2cszvHsT68jSgvFt+nUc/KzEzs7JqHRdctnp4BZGWmcAvdlMbmcX4kYBwS7
+TKRTXFuJcmecZgoHxeUUuHAJyGLrj1FXaV77P8QKne9rgcHMAqJJrk8JStDZvTSF
+wcHGgIBSCnyMYyAyzuc4FU5cUXbAfaVgJHdqQw/nbqz2ZaP3uDIQIhW8gvEJOcg1
+VwQzao+sHYHkuwSFql18dNa1m75cXpcqDYusQRtVtdVVfNaAoaj3G064a8SMmgUJ
+cxpUvZ1ykLJ5Y+Q3Lcmxmc/crAsBrNKKYjlREuTENkjWIsSMgjTQFEDozDdskn8j
+pa/JrAR0xmInTkJFJchVLs47P+JlFt6QG8fVFb3olVjmJslcgLkzQvgBAATznmxs
+lIccXjRMqzlmyDX5qWpZr9McQChrOLHBp4RwurlHUYk0RTzoZzapGfH1ptUQqG9U
+VPw5gMtcdlvSvV97NrFBDWY1yM60fE3aDXaijqyTnHHDAkgEhmxxYmZYRCFjwsIh
+F+UKzvzmN4qYVlIwKk7wws4Mxxa3eW4ray43d9+hrD2iWaMbWptTD4y2OKgaYqww
+GEmrr5WnMBvaMAaJCb/bfmfbzLs4pVUaJbGjoPaFdIrVdT2IgPABbGJ0hhZjhMVX
+H+I2WQA2TQODEeLYdds2ZoaTK17GAkMKNp6Hpu9cM4eGZXglvUwFes65I+sJNeaQ
+XmO0ztf4CFenc91ksVDSZhLqmsEgUtsgF78YQ8y0sygbaQ3HKK36hcACgbjjwJKH
+M1+Fa0/CiS9povV5Ia2gGRTECYhmLVd2lmKnhjUbm2ZJPat5WU2YbeIQDWW6D/Tq
+WLgVONJKRDWiWPrCVASqf0H2WLE4UGXhWNy2ARVzJyD0BFmqrBXkBpU6kKxSmX0c
+zQcAYO/GXbnmUzVEZ/rVbscTyG51QMQjrPJmn1L6b0rGiI2HHvPoR8ApqKr7uS4X
+skqgebH0GbphdbRCr7EZCdSla3CgM1soc5IYqnyTSOLDwvPrPRWkHmQXwN2Uv+sh
+QZsxGnuxOhgLvoMyGKmmsXRHzIXyJYWVh6cwdwSay8/UTQ8CVDjhXRU4Jw1Ybhv4
+MZKpRZz2PA6XL4UpdnmDHs8SFQmFHLg0D28Qew+hoO/Rs2qBibwIXE9ct4TlU/Qb
+kY+AOXzhlW94W+43fKmqi+aZitowwmt8PYxrVSVMyWIDsgxCruCsTh67QI5JqeP4
+edCrB4XrcCVCXRMFoimcAV4SDRY7DhlJTOVyU9AkbRgnRcuBl6t0OLPBu3lyvsWj
+BuujVnhVwBRpn+9lrlTHcKDYXBhADPZCrtxmB3e6SxOFAr1aeBL2IfhKSClrmN1D
+IrbxWCi4qPDgCoukSlPDqLFDVxsHQKvVZ9rxzenHnCBLbV4lnRdmoxu7y05qBc9F
+AhdrMBwcL0Ekd1AVe87IXoCbMKTWDXdHzdD1uZqoyCaYdRd5OqqAgKCxJKhVjfcr
+vje3X07btr6CFtbGM/srIoDiURPYaV5DSBw+6zl+sZJQUim2eiAeqJPD4ssy2ovD
+QvpN6gV4
+-----END PUBLIC KEY-----
+</pre><a href="#appendix-C.2-5" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.2-6">
+<pre>
+0 1202: SEQUENCE {
+4   11:   SEQUENCE {
+6    9:     OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.2'
+      :     }
+17 801:   BIT STRING
+      :     00 29 8a a1 0d 42 3c 8d da 06 9d 02 bc 59 e6 cd
+      :     f0 3a 09 6b 8b 3d a4 ca b9 b8 0c a4 a1 49 07 67
+      :     2c ce f1 ec 4f af 23 4a 0b c5 b7 e9 d4 73 f2 b3
+      :     13 3b 3b 26 a1 d1 75 cb 67 a7 80 59 19 69 9c 02
+      :     f7 65 31 b9 9c 5f 89 18 07 04 bb 4c a4 53 5c 5b
+      :     89 72 67 9c 66 0a 07 c5 e5 14 b8 70 09 c8 62 eb
+      :     8f 51 57 69 5e fb 3f c4 0a 9d ef 6b 81 c1 cc 02
+      :     a2 49 ae 4f 09 4a d0 d9 bd 34 85 c1 c1 c6 80 80
+      :     52 0a 7c 8c 63 20 32 ce e7 38 15 4e 5c 51 76 c0
+      :     7d a5 60 24 77 6a 43 0f e7 6e ac f6 65 a3 f7 b8
+      :     32 10 22 15 bc 82 f1 09 39 c8 35 57 04 33 6a 8f
+      :     ac 1d 81 e4 bb 04 85 aa 5d 7c 74 d6 b5 9b be 5c
+      :     5e 97 2a 0d 8b ac 41 1b 55 b5 d5 55 7c d6 80 a1
+      :     a8 f7 1b 4e b8 6b c4 8c 9a 05 09 73 1a 54 bd 9d
+      :     72 90 b2 79 63 e4 37 2d c9 b1 99 cf dc ac 0b 01
+      :     ac d2 8a 62 39 51 12 e4 c4 36 48 d6 22 c4 8c 82
+      :     34 d0 14 40 e8 cc 37 6c 92 7f 23 a5 af c9 ac 04
+      :     74 c6 62 27 4e 42 45 25 c8 55 2e ce 3b 3f e2 65
+      :     16 de 90 1b c7 d5 15 bd e8 95 58 e6 26 c9 5c 80
+      :     b9 33 42 f8 01 00 04 f3 9e 6c 6c 94 87 1c 5e 34
+      :     4c ab 39 66 c8 35 f9 a9 6a 59 af d3 1c 40 28 6b
+      :     38 b1 c1 a7 84 70 ba b9 47 51 89 34 45 3c e8 67
+      :     36 a9 19 f1 f5 a6 d5 10 a8 6f 54 54 fc 39 80 cb
+      :     5c 76 5b d2 bd 5f 7b 36 b1 41 0d 66 35 c8 ce b4
+      :     7c 4d da 0d 76 a2 8e ac 93 9c 71 c3 02 48 04 86
+      :     6c 71 62 66 58 44 21 63 c2 c2 21 17 e5 0a ce fc
+      :     e6 37 8a 98 56 52 30 2a 4e f0 c2 ce 0c c7 16 b7
+      :     79 6e 2b 6b 2e 37 77 df a1 ac 3d a2 59 a3 1b 5a
+      :     9b 53 0f 8c b6 38 a8 1a 62 ac 30 18 49 ab af 95
+      :     a7 30 1b da 30 06 89 09 bf db 7e 67 db cc bb 38
+      :     a5 55 1a 25 b1 a3 a0 f6 85 74 8a d5 75 3d 88 80
+      :     f0 01 6c 62 74 86 16 63 84 c5 57 1f e2 36 59 00
+      :     36 4d 03 83 11 e2 d8 75 db 36 66 86 93 2b 5e c6
+      :     02 43 0a 36 9e 87 a6 ef 5c 33 87 86 65 78 25 bd
+      :     4c 05 7a ce b9 23 eb 09 35 e6 90 5e 63 b4 ce d7
+      :     f8 08 57 a7 73 dd 64 b1 50 d2 66 12 ea 9a c1 20
+      :     52 db 20 17 bf 18 43 cc b4 b3 28 1b 69 0d c7 28
+      :     ad fa 85 c0 02 81 b8 e3 c0 92 87 33 5f 85 6b 4f
+      :     c2 89 2f 69 a2 f5 79 21 ad a0 19 14 c4 09 88 66
+      :     2d 57 76 96 62 a7 86 35 1b 9b 66 49 3d ab 79 59
+      :     4d 98 6d e2 10 0d 65 ba 0f f4 ea 58 b8 15 38 d2
+      :     4a 44 35 a2 58 fa c2 54 04 aa 7f 41 f6 58 b1 38
+      :     50 65 e1 58 dc b6 01 15 73 27 20 f4 04 59 aa ac
+      :     15 e4 06 95 3a 90 ac 52 99 7d 1c cd 07 00 60 ef
+      :     c6 5d b9 e6 53 35 44 67 fa d5 6e c7 13 c8 6e 75
+      :     40 c4 23 ac f2 66 9f 52 fa 6f 4a c6 88 8d 87 1e
+      :     f3 e8 47 c0 29 a8 aa fb b9 2e 17 b2 4a a0 79 b1
+      :     f4 19 ba 61 75 b4 42 af b1 19 09 d4 a5 6b 70 a0
+      :     33 5b 28 73 92 18 aa 7c 93 48 e2 c3 c2 f3 eb 3d
+      :     15 a4 1e 64 17 c0 dd 94 bf eb 21 41 9b 31 1a 7b
+      :     b1 3a 18 0b be 83 32 18 a9 a6 b1 74 47 cc 85 f2
+      :     25 85 95 87 a7 30 77 04 9a cb cf d4 4d 0f 02 54
+      :     38 e1 5d 15 38 27 0d 58 6e 1b f8 31 92 a9 45 9c
+      :     f6 3c 0e 97 2f 85 29 76 79 83 1e cf 12 15 09 85
+      :     1c b8 34 0f 6f 10 7b 0f a1 a0 ef d1 b3 6a 81 89
+      :     bc 08 5c 4f 5c b7 84 e5 53 f4 1b 91 8f 80 39 7c
+      :     e1 95 6f 78 5b ee 37 7c a9 aa 8b e6 99 8a da 30
+      :     c2 6b 7c 3d 8c 6b 55 25 4c c9 62 03 b2 0c 42 ae
+      :     e0 ac 4e 1e bb 40 8e 49 a9 e3 f8 79 d0 ab 07 85
+      :     eb 70 25 42 5d 13 05 a2 29 9c 01 5e 12 0d 16 3b
+      :     0e 19 49 4c e5 72 53 d0 24 6d 18 27 45 cb 81 97
+      :     ab 74 38 b3 c1 bb 79 72 be c5 a3 06 eb a3 56 78
+      :     55 c0 14 69 9f ef 65 ae 54 c7 70 a0 d8 5c 18 40
+      :     0c f6 42 ae dc 66 07 77 ba 4b 13 85 02 bd 5a 78
+      :     12 f6 21 f8 4a 48 29 6b 98 dd 43 22 b6 f1 58 28
+      :     b8 a8 f0 e0 0a 8b a4 4a 53 c3 a8 b1 43 57 1b 07
+      :     40 ab d5 67 da f1 cd e9 c7 9c 20 4b 6d 5e 25 9d
+      :     17 66 a3 1b bb cb 4e 6a 05 cf 45 02 17 6b 30 1c
+      :     1c 2f 41 24 77 50 15 7b ce c8 5e 80 9b 30 a4 d6
+      :     0d 77 47 cd d0 f5 b9 9a a8 c8 26 98 75 17 79 3a
+      :     aa 80 80 a0 b1 24 a8 55 8d f7 2b be 37 b7 5f 4e
+      :     db b6 be 82 16 d6 c6 33 fb 2b 22 80 e2 51 13 d8
+      :     69 5e 43 48 1c 3e eb 39 7e b1 92 50 52 29 b6 7a
+      :     20 1e a8 93 c3 e2 cb 32 da 8b c3 42 fa 4d ea 05
+      :     78
+      :   }
+</pre><a href="#appendix-C.2-6" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.2-7">The following is the ML-KEM-1024 public key corresponding to the private
+key in the previous section.<a href="#appendix-C.2-7" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.2-8">
+<pre>
+-----BEGIN PUBLIC KEY-----
+MIIGMjALBglghkgBZQMEBAMDggYhAEuUwpRQERGRgjs1FMmsHqPZglzLhjk6LfsE
+ZU+iGS03v60cSXxlAu7lyoCnO/zguvWlSohYWkATl6PSMvQmp6+wgrwhpEMXCQ6q
+x1ksLqiKZTxEkeoZOTEzX1LpiaPEzFbZxVNzLVfEcPtBq3WbZdLQREU4L82cTjRK
+ESj6nhHgQ1jhku0BSyMjKn7isi4jcX9EER7jNXU5nDdkbamBPsmyEq/pTl3FwjMK
+cpTMH0I0ptP7tPFoWriJLASssXzRwXDXsGEbanF2x5TMjGf1X8kjwq0gMQDzZZkY
+gsMCQ9d4E4Q7XsfJZAMiY3BgkuzwDHUWvmTkWYykImwGm7XmfkF1zyKGyN1cSIps
+WGHzG6oL0CaUcOi1Ud07zTjIbBL5zbF2x33ItsAqcB9HiQLIVT9pTA2CcntMSlws
+EEEhKqEnSAi4IRGzd+x1IU6bGXj3YATUE52YYT9LjpjSCve1NAc6UJqVm3p1ZPm0
+DKIYv2GCkyCoUCAXlU0yjXrGx2nsKXAHVuewaFs0DV4RgFlQSkmppQoQGY6xCleE
+Z460J9e0uruVUpM7BiiXlz4TGOrwoOrDdYSmVAGxcD4EKszYN1MUg/JBytzRwdN4
+EZ5pRCnbGZrIkeTFNDdXCFuzrng2ZzUMRFjZdnLoYegLHSZ5UQ6jpvI2DHekaULH
+oGpVTSKAgMhLR67xTbF2IMsWwGqzChvkzacIK+n4fpwhHEaRY0mluo6qUgHHKUo8
+CIW1O2V0UhCIJexkbJCgRhIyTufQMa/lNDEyy+9ntu+xpewoCbdzU4znez2LBOsL
+PCJWAR5McWwZqLoHUr9xSSEXZJ8GFcMpD8KaRv3kvVLbkobWAziCRCWcFaesK2QK
+YMwDN2pYQaP7ikc1aPqbGiZyFfNMAWl7Dw5icXXXIQW3cHwpueYUvcM6b2yBipU3
+C0J4gte0dnlqnsbrmTJ0zZsjkagrpF4zk9Lprpchyp1sG5iLWCdxP5CmWF3pQzUo
+wCsDzhC7X3IBOND7tMMMEma5GOUpJd/hezf5XSK8pU9HWRmshZCYwPDQisWHXvKb
+Vv0UHm7xX3AKC2bzlZXFiBdzc8RmmyG8Bx5MOqXwtKMbYljzXaJKw80px/IJJBDF
+B4NVsTj7U6a5rm4LnAgkPnuqRcRzduuMfxPUz1Gqc2+jFUDJJB83DaVEv5+cKNml
+fi8qfKlaTktGbmQas7zHat8ROdVnpvErUvOmXn7AquJryqjFWDOwTlmZjryaGTD7
+ttIjPFPSwfi5UY48Lec6Gd7ms4Clsylxz2ThKf1sH6bnXUojRQHpZt06VAr1yPTz
+SmtKJT7ihJJWbV5nxvVYVfywUG+wbBVnRNmgOjGib6lMrRTxV7fzA9B6acdzdo/L
+TQecCQWXA6DDqU3kuZ6jovFlg9D5Fwo5UNsHtPC8MIApJ/n3lhtiWYkmNqlQKicF
+MDY3eZ3TRNpFHBz3v2eEDOsweauMa4wZJ/ZAU8YSRQxFyeYDvBZmbllrNHHhA7bx
+VEdCTRcCIEgRH/vTfhxnD2TxS4p7MrlMGkm0XdL8OM1SidkQrWNgLPXhMELGSsZ5
+e4n7VRrQjgWpLSAMzLfnEu8jyTEss1DwKatTfihzR/0wdawQkGp4PxxsB8y4j0Ei
+jEvhxkD3kLXDpdXTynkklddLxGFWJljAesYAJ2uSSrW8m+HwSUy3b4L0YKdICXJm
+M4HhaZlgYdeZhZ7FTU9cpcQRwB2xWXsWWXdmneE6koo0r7rCWP6oxHZCOclCHcMR
+m/W0dpkgaXgyexxTRe90anmDhB8FbiU0EAqyTU6au9CxfGqVvUw8DkD2nhYSrO6y
+i5kIbJURbnIEJziTOQv0a4mbNihrDr8ZR7uYhPcyyifagrGbXcDMf4iFcUkQiIsj
+EMT5MZ1BCzTmQzuQA+IXa7mVJXRWEG6JUhY7i6WSUwzFqgrrQ605j+npe6pSPXpE
+MWd8PTrwcZ5HXbhcqVr1CJvqvrBbL6q0iWumD4HIhHKle0aoKIJqDN+0RvgYkYLS
+v16sTsHMXer1mcihPkgjVAbRf/3cg0S2xmmEqGiqkvoCInoIaVDrDIcB7VjcYod2
+uYOILhF1
+-----END PUBLIC KEY-----
+</pre><a href="#appendix-C.2-8" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.2-9">
+<pre>
+0  1586: SEQUENCE {
+4    11:   SEQUENCE {
+6     9:     OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.3'
+       :     }
+17 1569:   BIT STRING
+       :     00 4b 94 c2 94 50 11 11 91 82 3b 35 14 c9 ac 1e
+       :     a3 d9 82 5c cb 86 39 3a 2d fb 04 65 4f a2 19 2d
+       :     37 bf ad 1c 49 7c 65 02 ee e5 ca 80 a7 3b fc e0
+       :     ba f5 a5 4a 88 58 5a 40 13 97 a3 d2 32 f4 26 a7
+       :     af b0 82 bc 21 a4 43 17 09 0e aa c7 59 2c 2e a8
+       :     8a 65 3c 44 91 ea 19 39 31 33 5f 52 e9 89 a3 c4
+       :     cc 56 d9 c5 53 73 2d 57 c4 70 fb 41 ab 75 9b 65
+       :     d2 d0 44 45 38 2f cd 9c 4e 34 4a 11 28 fa 9e 11
+       :     e0 43 58 e1 92 ed 01 4b 23 23 2a 7e e2 b2 2e 23
+       :     71 7f 44 11 1e e3 35 75 39 9c 37 64 6d a9 81 3e
+       :     c9 b2 12 af e9 4e 5d c5 c2 33 0a 72 94 cc 1f 42
+       :     34 a6 d3 fb b4 f1 68 5a b8 89 2c 04 ac b1 7c d1
+       :     c1 70 d7 b0 61 1b 6a 71 76 c7 94 cc 8c 67 f5 5f
+       :     c9 23 c2 ad 20 31 00 f3 65 99 18 82 c3 02 43 d7
+       :     78 13 84 3b 5e c7 c9 64 03 22 63 70 60 92 ec f0
+       :     0c 75 16 be 64 e4 59 8c a4 22 6c 06 9b b5 e6 7e
+       :     41 75 cf 22 86 c8 dd 5c 48 8a 6c 58 61 f3 1b aa
+       :     0b d0 26 94 70 e8 b5 51 dd 3b cd 38 c8 6c 12 f9
+       :     cd b1 76 c7 7d c8 b6 c0 2a 70 1f 47 89 02 c8 55
+       :     3f 69 4c 0d 82 72 7b 4c 4a 5c 2c 10 41 21 2a a1
+       :     27 48 08 b8 21 11 b3 77 ec 75 21 4e 9b 19 78 f7
+       :     60 04 d4 13 9d 98 61 3f 4b 8e 98 d2 0a f7 b5 34
+       :     07 3a 50 9a 95 9b 7a 75 64 f9 b4 0c a2 18 bf 61
+       :     82 93 20 a8 50 20 17 95 4d 32 8d 7a c6 c7 69 ec
+       :     29 70 07 56 e7 b0 68 5b 34 0d 5e 11 80 59 50 4a
+       :     49 a9 a5 0a 10 19 8e b1 0a 57 84 67 8e b4 27 d7
+       :     b4 ba bb 95 52 93 3b 06 28 97 97 3e 13 18 ea f0
+       :     a0 ea c3 75 84 a6 54 01 b1 70 3e 04 2a cc d8 37
+       :     53 14 83 f2 41 ca dc d1 c1 d3 78 11 9e 69 44 29
+       :     db 19 9a c8 91 e4 c5 34 37 57 08 5b b3 ae 78 36
+       :     67 35 0c 44 58 d9 76 72 e8 61 e8 0b 1d 26 79 51
+       :     0e a3 a6 f2 36 0c 77 a4 69 42 c7 a0 6a 55 4d 22
+       :     80 80 c8 4b 47 ae f1 4d b1 76 20 cb 16 c0 6a b3
+       :     0a 1b e4 cd a7 08 2b e9 f8 7e 9c 21 1c 46 91 63
+       :     49 a5 ba 8e aa 52 01 c7 29 4a 3c 08 85 b5 3b 65
+       :     74 52 10 88 25 ec 64 6c 90 a0 46 12 32 4e e7 d0
+       :     31 af e5 34 31 32 cb ef 67 b6 ef b1 a5 ec 28 09
+       :     b7 73 53 8c e7 7b 3d 8b 04 eb 0b 3c 22 56 01 1e
+       :     4c 71 6c 19 a8 ba 07 52 bf 71 49 21 17 64 9f 06
+       :     15 c3 29 0f c2 9a 46 fd e4 bd 52 db 92 86 d6 03
+       :     38 82 44 25 9c 15 a7 ac 2b 64 0a 60 cc 03 37 6a
+       :     58 41 a3 fb 8a 47 35 68 fa 9b 1a 26 72 15 f3 4c
+       :     01 69 7b 0f 0e 62 71 75 d7 21 05 b7 70 7c 29 b9
+       :     e6 14 bd c3 3a 6f 6c 81 8a 95 37 0b 42 78 82 d7
+       :     b4 76 79 6a 9e c6 eb 99 32 74 cd 9b 23 91 a8 2b
+       :     a4 5e 33 93 d2 e9 ae 97 21 ca 9d 6c 1b 98 8b 58
+       :     27 71 3f 90 a6 58 5d e9 43 35 28 c0 2b 03 ce 10
+       :     bb 5f 72 01 38 d0 fb b4 c3 0c 12 66 b9 18 e5 29
+       :     25 df e1 7b 37 f9 5d 22 bc a5 4f 47 59 19 ac 85
+       :     90 98 c0 f0 d0 8a c5 87 5e f2 9b 56 fd 14 1e 6e
+       :     f1 5f 70 0a 0b 66 f3 95 95 c5 88 17 73 73 c4 66
+       :     9b 21 bc 07 1e 4c 3a a5 f0 b4 a3 1b 62 58 f3 5d
+       :     a2 4a c3 cd 29 c7 f2 09 24 10 c5 07 83 55 b1 38
+       :     fb 53 a6 b9 ae 6e 0b 9c 08 24 3e 7b aa 45 c4 73
+       :     76 eb 8c 7f 13 d4 cf 51 aa 73 6f a3 15 40 c9 24
+       :     1f 37 0d a5 44 bf 9f 9c 28 d9 a5 7e 2f 2a 7c a9
+       :     5a 4e 4b 46 6e 64 1a b3 bc c7 6a df 11 39 d5 67
+       :     a6 f1 2b 52 f3 a6 5e 7e c0 aa e2 6b ca a8 c5 58
+       :     33 b0 4e 59 99 8e bc 9a 19 30 fb b6 d2 23 3c 53
+       :     d2 c1 f8 b9 51 8e 3c 2d e7 3a 19 de e6 b3 80 a5
+       :     b3 29 71 cf 64 e1 29 fd 6c 1f a6 e7 5d 4a 23 45
+       :     01 e9 66 dd 3a 54 0a f5 c8 f4 f3 4a 6b 4a 25 3e
+       :     e2 84 92 56 6d 5e 67 c6 f5 58 55 fc b0 50 6f b0
+       :     6c 15 67 44 d9 a0 3a 31 a2 6f a9 4c ad 14 f1 57
+       :     b7 f3 03 d0 7a 69 c7 73 76 8f cb 4d 07 9c 09 05
+       :     97 03 a0 c3 a9 4d e4 b9 9e a3 a2 f1 65 83 d0 f9
+       :     17 0a 39 50 db 07 b4 f0 bc 30 80 29 27 f9 f7 96
+       :     1b 62 59 89 26 36 a9 50 2a 27 05 30 36 37 79 9d
+       :     d3 44 da 45 1c 1c f7 bf 67 84 0c eb 30 79 ab 8c
+       :     6b 8c 19 27 f6 40 53 c6 12 45 0c 45 c9 e6 03 bc
+       :     16 66 6e 59 6b 34 71 e1 03 b6 f1 54 47 42 4d 17
+       :     02 20 48 11 1f fb d3 7e 1c 67 0f 64 f1 4b 8a 7b
+       :     32 b9 4c 1a 49 b4 5d d2 fc 38 cd 52 89 d9 10 ad
+       :     63 60 2c f5 e1 30 42 c6 4a c6 79 7b 89 fb 55 1a
+       :     d0 8e 05 a9 2d 20 0c cc b7 e7 12 ef 23 c9 31 2c
+       :     b3 50 f0 29 ab 53 7e 28 73 47 fd 30 75 ac 10 90
+       :     6a 78 3f 1c 6c 07 cc b8 8f 41 22 8c 4b e1 c6 40
+       :     f7 90 b5 c3 a5 d5 d3 ca 79 24 95 d7 4b c4 61 56
+       :     26 58 c0 7a c6 00 27 6b 92 4a b5 bc 9b e1 f0 49
+       :     4c b7 6f 82 f4 60 a7 48 09 72 66 33 81 e1 69 99
+       :     60 61 d7 99 85 9e c5 4d 4f 5c a5 c4 11 c0 1d b1
+       :     59 7b 16 59 77 66 9d e1 3a 92 8a 34 af ba c2 58
+       :     fe a8 c4 76 42 39 c9 42 1d c3 11 9b f5 b4 76 99
+       :     20 69 78 32 7b 1c 53 45 ef 74 6a 79 83 84 1f 05
+       :     6e 25 34 10 0a b2 4d 4e 9a bb d0 b1 7c 6a 95 bd
+       :     4c 3c 0e 40 f6 9e 16 12 ac ee b2 8b 99 08 6c 95
+       :     11 6e 72 04 27 38 93 39 0b f4 6b 89 9b 36 28 6b
+       :     0e bf 19 47 bb 98 84 f7 32 ca 27 da 82 b1 9b 5d
+       :     c0 cc 7f 88 85 71 49 10 88 8b 23 10 c4 f9 31 9d
+       :     41 0b 34 e6 43 3b 90 03 e2 17 6b b9 95 25 74 56
+       :     10 6e 89 52 16 3b 8b a5 92 53 0c c5 aa 0a eb 43
+       :     ad 39 8f e9 e9 7b aa 52 3d 7a 44 31 67 7c 3d 3a
+       :     f0 71 9e 47 5d b8 5c a9 5a f5 08 9b ea be b0 5b
+       :     2f aa b4 89 6b a6 0f 81 c8 84 72 a5 7b 46 a8 28
+       :     82 6a 0c df b4 46 f8 18 91 82 d2 bf 5e ac 4e c1
+       :     cc 5d ea f5 99 c8 a1 3e 48 23 54 06 d1 7f fd dc
+       :     83 44 b6 c6 69 84 a8 68 aa 92 fa 02 22 7a 08 69
+       :     50 eb 0c 87 01 ed 58 dc 62 87 76 b9 83 88 2e 11
+       :     75
+       :   }
+</pre><a href="#appendix-C.2-9" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.2-10">The following example, in addition to encoding the ML-KEM-768 private key,
+has an attribute included as well as the public key:<a href="#appendix-C.2-10" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.2-11">
+<pre>
+  -----BEGIN PRIVATE KEY-----
+  TODO insert example private key with attribute
+  -----END PRIVATE KEY-------
+</pre><a href="#appendix-C.2-11" class="pilcrow">¶</a>
+</div>
+</section>
+</div>
+<div id="example-certificate">
+<section id="appendix-C.3">
+        <h3 id="name-example-certificates">
+<a href="#appendix-C.3" class="section-number selfRef">C.3. </a><a href="#name-example-certificates" class="section-name selfRef">Example Certificates</a>
+        </h3>
+<p id="appendix-C.3-1">The following is the ML-KEM-512 certificate that corresponding to the
+public key in the previous section signed with the ML-DSA-44 private key
+from <span>[<a href="#I-D.lamps-dilithium-certificates" class="cite xref">I-D.lamps-dilithium-certificates</a>]</span>.<a href="#appendix-C.3-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.3-2">
+<pre>
+-----BEGIN CERTIFICATE-----
+MIINpDCCBBqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44808wCwYJYIZIAWUDBAMR
+MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0
+MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI
+TEFNUFMgV0cwggMyMAsGCWCGSAFlAwQEAQOCAyEAOZWBXll9EENVzymqUzPJMlGG
+nVvNvkhxJPYCuLambBbEdhZIrXZc9dgAa1FekFp/CsB2sMYu+jKBU+fKVwFpnxMF
+8ea8b5Cw5JtpNRK2zpkqi4AW3fwaZix+P5YZy9hp3Xca8wiWzNWRisbLd0ZsXneZ
+ltZ/+aq8l1A/LHt+LQANhkUPsYB8pMq9pGWCWjHHiaG3pJGrOHJ2XTINC3GSD6IT
+yUCTQWuDuBJOafZeYstQANzDeqmg//c5cMR3LzV9JBicpvUwVWjA4jdqN2KmjGBe
+VjxdIJVy4Px1MsopRylTVWe1/EE8XoeS0kZFNsyAj5it10Zk8UFWb5AWqQpUGCmp
+igRkzkGou0TC1Po8LCCUYHKO8UoafEybmNEiA7TMNSkWCpqy14OPf/a1OuBaoxp9
+ZGt6+mxFkyUmo8N1Vhm+mUwhHCoxwFs0R4NsshUL4YKdrmsExVNc/1RuOSunl0EX
+IPkk9JClrFSV8hNW1VC3gqZMFoi2tlW8x4Qhl6Q0wvZWO1t/CaeLzEiCMng1YdFv
+TLq2dVQABQeBVwxmYEuBetElIpRzbosBhhpLWnRRm4tv5RSJpQcjkuWHYmxxN3ZX
+XTOAahyOJzKvl8JoD1FmYzHE64u8BDHE+Wgy2vGzxFUo+6FT9seLHBmHApR8zTN3
+J6RvtTuhHeXLQZE0aFlRbLatckAPPPIJsjau81pYCsh+s+MPr9Zpc8qKfdJnWvQf
+ehe2FDPNGvgPdwiGn2ZUiEl5gLGsEKDNy2NqAO2GgbNeQpEkyoA1ByW4X4Ol6sOk
+o8wWAJA+ZSk1YLmzNuWvDVKdrBoEgRkwLLepvMEQuUhRvwIRfxmdxIWoUrdHPwm4
+MaaDHVtUwLeQ0iXPa7ktlGKibNsz3aUSPHqvDiaguDZV7qKL86gHRyUBj9a65LYB
+z2G6q3Gno9NRl6ND50tKJywSXVQIlkJthbeVjTs4prqYfsNyJce0TNsS3eRTm0qw
+gjY2g/BL96CcxcQd/oMKGxYuCzJDNDYvCEoURncjNEut0AD42MU3xI+ZjwUwfOvR
+7eC4HDvFmgZaG21jsmyjUjBQMA4GA1UdDwEB/wQEAwIFIDAdBgNVHQ4EFgQUDsWS
+pZcefo2geKhuRnTy+xH26NcwHwYDVR0jBBgwFoAUMpoHsfq7SPUqMJ8RoYmPhI4j
+Iv8wCwYJYIZIAWUDBAMRA4IJdQDcV8LA/De8Ss6UL3tMcHXKc0iTXaBPPLyoCimW
+KG/BhZ299qdyg6Qv/hWMxXfuQLvBIJUiE9boIUvDJH1Bv5q+wBXDM4Pcb585a972
+fB7Lj7rTYwGezp4QRGsn4bMOUHtOS/9MaD9LAw8XlEDSl69KgN+jN+Cak+PS1Q3O
+u+TpeM2fo304+3vTfHlNiePSNOqkd1pzs2nwVIbQGIWctpF1rIHC7NJ/XOO3ZsN3
+Cr758OLyAotCdGCRnj16Fhxh1rJ976b6y+Yo96CDMgl22lYPJoihlBekuKc4ugkE
+g4vJEwAtPlMoaogn7XJcWkKIhGKp1M7nG9KvgQxCRvIfRURuDyHaiOAkOayK+Hp6
+4AV02pbYX/w1X9bW1KOeId42EUQpF2iFu3ilOJi1JmMFyMP8lZZYq/8fPv3KGZPF
+YJpd6yaA7ReIQaNiFgCMqx7nw/Zti7sa2a5dor3YqYRjZ8UlJUuYUKxNDde/u46W
+mIEGSYcynpOiEYbyeWmXW4ye7qhT1Q7bmFPV8Mjzn3rXytzUzUZfrK8j9cHxAozY
+sF7RDuBmauliYfV1jaroCcHrohVTnSSiSMQKV4q6HjKPIpf4qENs4SVh9xkWXdbB
+OaiGgFhsI+sxlDGPRwbKrj6gVcbyFuJIPRL1LylJ2qFXzpzHyfAS3fHFvgv+S0AJ
+DnfNk3OcT7G9jQhESQOkTXA4LqxPI+0c6asvauXlICnN8RdOjraY4+DQL8cYidEi
+SAnXsOKNSzj+b225zdPvfBB/4eJTtV7VdnQOhETJErofxEWbpA8zobl/+bu2smdY
+Pg1a83hwVo+HxfkSz1iHW9WT9+iwhnm28RqzLdmmzZGJSfgEFkADriwXUEr+LIkX
+0xeMGvyXxdxv9S6Y6y+n0Al0ql0tzGviVoDqA0xNLU+Mupou5ftDTJj7U1oxIUHj
+HlFeE06+JRoTPbDcl+cBil31SlxuZ1u7cOE33nbPOw0jWDXeA8M5uE3aMQah5VRf
+tZXmdijH4zEN1/++Q5oJAF1SCTsnTkZ0lk3ZlIfpO0H1sJpINzLlBO04dLlQx2Nc
+NFIExuPsVO7kW1rDLqkh8srBKrdUa/8ngD3kppXW7iaBhSnUE0N6lrwi5g/fJbNU
+H0W7r0b31u0KDQ8cNKlK8PZL5pu/ulJTGZ5Dz4HORwVt2aXQojZfGQ0rashKxes8
+F+Ewgse7NUAt3HqX94+0SWpfpNCVlZknK5XfhZJV08XVZ2TkTDoJ6aBLqua/a5Xg
+jWTwroAJuB84jx2B1eCeYxjt+3cEaB274XU++H6m5kP/1QtJ3L1r545NaRQAylZF
+MwCtCTVyAavhrTcrQwhl8rVGAKOlXaCfHSln8y9u26qMHeL9BIP7JeMeZxCYQQ5b
+QxN0WvGmK11W6XG2CTc0qQ0RdUOvfrXTfl5A+I6DS4T2Z26APgkoq2JSQihO3JEg
+S7zknl2NoAummhweGU/qSPzX+4/KlxwcCCs8mD8ZkkwhdB5poU4uTES/eCO+rrm3
+wxLmiIcv2RwNdN8bRkxm35SQCCfc6riit4AxkaRKz5b27FWedfkH9bOgQaQGxm/v
+5IwGHsFGeQFJyV1pNvo0aB9vvMTL3VZOsoXooxrdlc0kv7jJ9Q6eF8ZAFYXvxnaS
+D+/OsH1b1+6WCVZIDRzRsMauvaifYUZNMQQ/CKSkDkFPjBDY5Xca9yZkGl+S+Pzz
+7ODu6y3lvvUk+V6sPKEAS4ejZOocriV75SPfz0WlRZoljJXOm3tKCo6L2e56ntVs
+hRiIBaLG5stQf2EihTSZUf21zNjb15E7KcdbTtr8TE0iJAuVYxBtNRWsVhExOMO/
+QqXWnHL015pv8Dubwt6iDr8ObCDNOItPtszlNjCz4yN51aGTrHGZ0CJcbcUWqxOm
+W1wrQmnYWUaz1eDahmbnowXshqI8RcGqvzUlZ0/g6nEbAJZgbk7jozC1VlwOKMM4
+erhkw5mrrpicX3cvP3wl3JyhB6vbAfK4XQH3CfrnK12BhpgG0+9V5DKxTL02f+5m
+ckJI9cZqSYx8rhlDlNbR33kSOY0Ba2RwvmMxhdypd38l5S8oSwTRu5eJ4VrrSeeM
+wiW3gIxLA+o+SD2iFKyafsWLeu+Axx5/HlIVB+g82dGKkZrrESEvO9LpdlaS+AMW
+9BccbDD2SGE2UZKlK4zx2QwYvnFG/ZDRjmvQV0dQOxiy0j2l7WHmbedlTTUUd5FU
+0cfSG+cJHnToa/VRU4mDHvFpnV+AF0dA1s0oemhN5vOqhDzHnKasFFpUDH88mS7K
+gbXELYiHTQEB/s/Hr0crjwVQQCbJFe4bBJzhcnwuOcdNUKLmF7MidvoyKYYu20oE
+P6F0/RoDwS2FW3RyrKeSzlLWnuarfTq84iMaPgKrOl8XNfaSgGRsG3kxGe0s3rVs
+iwzaO8THoCLp6WpEebfucmSCMXtKfVG/28u/dvQkz1D0oqTcWqhQiDLqZI3HjdDr
+io44DARVGKAsEvq75Jq91GXP+1R8yejpP1lZU4onX1i0E8DMuVEU85JN+kFXbS83
+6nZHmYhgwj93IvetNiK5cJs2M19LnJj5GrONmPMizoXCIBjzDx0MO/3CoRF5achF
+p598lYloyvlS1VYhwmLrpFmz0BB9OEepvdq0ZX11XM532I6WIF4lAUh0YEx1FInO
+XJ74LC2uMxa92W6nceJAjiraJKhi4VnURhPa7MUt/2oA5WY8zzmVGn94UlPsEmPj
+/nl7vXBVLb9Nojt9AkIO637bT+1wszCvOH8nelnzNDsCBi9B8+mdgzizEN08UKSk
+dCaNbCB86LVeo+umyY5abmgr2NOI7XaSTqWMs7ezemR5AkIUka35LgVIKvZw2WEz
+G3KxZImSviV+XMsakqGTdXof7k1usEcmbJ/EJLi9ecaxMZKuLjT9sFtNo8uvE/m1
+1pf4bGnGXgBERGpZsqnm+JNxDDTbD1WntdPpyeF8/6iXd/eNiHboV830Olj0dXJ4
+YbTrQBcWbfUeZ8+8gGJ0bgshMtPCrOdYVMAfWfcu7DyFi0tQdtS1pmo5Co+OwLxe
+IyKgwlIYOghCE3r6SBCrx0+sTP0sixV5Refu2JIBkjoywPavmK3+109l1F0BkzST
+fQ1pAwENGx0oLVFdZHB1f4CSlZaiq8Te7AtOfX6Qtba4w8bP1+j2FSVCWGt4goSv
+s7TAwcrR1drv9BRiaH2qytnr8PcAAAAAAAAAAAAAAAAAAAAAFSM2QA==
+-----END CERTIFICATE-----
+</pre><a href="#appendix-C.3-2" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.3-3">
+<pre>
+  TODO insert ASN.1 Pretty Print for ML-KEM-512.pem
+</pre><a href="#appendix-C.3-3" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.3-4">The following is the ML-KEM-768 certificate that corresponding to the
+public key in the previous section signed with the ML-DSA-65 private key
+from <span>[<a href="#I-D.lamps-dilithium-certificates" class="cite xref">I-D.lamps-dilithium-certificates</a>]</span>.<a href="#appendix-C.3-4" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.3-5">
+<pre>
+-----BEGIN CERTIFICATE-----
+MIISnTCCBZqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44808wCwYJYIZIAWUDBAMS
+MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0
+MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI
+TEFNUFMgV0cwggSyMAsGCWCGSAFlAwQEAgOCBKEAKYqhDUI8jdoGnQK8WebN8DoJ
+a4s9pMq5uAykoUkHZyzO8exPryNKC8W36dRz8rMTOzsmodF1y2engFkZaZwC92Ux
+uZxfiRgHBLtMpFNcW4lyZ5xmCgfF5RS4cAnIYuuPUVdpXvs/xAqd72uBwcwCokmu
+TwlK0Nm9NIXBwcaAgFIKfIxjIDLO5zgVTlxRdsB9pWAkd2pDD+durPZlo/e4MhAi
+FbyC8Qk5yDVXBDNqj6wdgeS7BIWqXXx01rWbvlxelyoNi6xBG1W11VV81oChqPcb
+TrhrxIyaBQlzGlS9nXKQsnlj5DctybGZz9ysCwGs0opiOVES5MQ2SNYixIyCNNAU
+QOjMN2ySfyOlr8msBHTGYidOQkUlyFUuzjs/4mUW3pAbx9UVveiVWOYmyVyAuTNC
++AEABPOebGyUhxxeNEyrOWbINfmpalmv0xxAKGs4scGnhHC6uUdRiTRFPOhnNqkZ
+8fWm1RCob1RU/DmAy1x2W9K9X3s2sUENZjXIzrR8TdoNdqKOrJOcccMCSASGbHFi
+ZlhEIWPCwiEX5QrO/OY3iphWUjAqTvDCzgzHFrd5bitrLjd336GsPaJZoxtam1MP
+jLY4qBpirDAYSauvlacwG9owBokJv9t+Z9vMuzilVRolsaOg9oV0itV1PYiA8AFs
+YnSGFmOExVcf4jZZADZNA4MR4th12zZmhpMrXsYCQwo2noem71wzh4ZleCW9TAV6
+zrkj6wk15pBeY7TO1/gIV6dz3WSxUNJmEuqawSBS2yAXvxhDzLSzKBtpDccorfqF
+wAKBuOPAkoczX4VrT8KJL2mi9XkhraAZFMQJiGYtV3aWYqeGNRubZkk9q3lZTZht
+4hANZboP9OpYuBU40kpENaJY+sJUBKp/QfZYsThQZeFY3LYBFXMnIPQEWaqsFeQG
+lTqQrFKZfRzNBwBg78ZdueZTNURn+tVuxxPIbnVAxCOs8mafUvpvSsaIjYce8+hH
+wCmoqvu5LheySqB5sfQZumF1tEKvsRkJ1KVrcKAzWyhzkhiqfJNI4sPC8+s9FaQe
+ZBfA3ZS/6yFBmzEae7E6GAu+gzIYqaaxdEfMhfIlhZWHpzB3BJrLz9RNDwJUOOFd
+FTgnDVhuG/gxkqlFnPY8DpcvhSl2eYMezxIVCYUcuDQPbxB7D6Gg79GzaoGJvAhc
+T1y3hOVT9BuRj4A5fOGVb3hb7jd8qaqL5pmK2jDCa3w9jGtVJUzJYgOyDEKu4KxO
+HrtAjkmp4/h50KsHhetwJUJdEwWiKZwBXhINFjsOGUlM5XJT0CRtGCdFy4GXq3Q4
+s8G7eXK+xaMG66NWeFXAFGmf72WuVMdwoNhcGEAM9kKu3GYHd7pLE4UCvVp4EvYh
++EpIKWuY3UMitvFYKLio8OAKi6RKU8OosUNXGwdAq9Vn2vHN6cecIEttXiWdF2aj
+G7vLTmoFz0UCF2swHBwvQSR3UBV7zshegJswpNYNd0fN0PW5mqjIJph1F3k6qoCA
+oLEkqFWN9yu+N7dfTtu2voIW1sYz+ysigOJRE9hpXkNIHD7rOX6xklBSKbZ6IB6o
+k8PiyzLai8NC+k3qBXijUjBQMA4GA1UdDwEB/wQEAwIFIDAdBgNVHQ4EFgQUQry1
+oWf6MwRJYS29gYcFanUY94cwHwYDVR0jBBgwFoAUGwVj480zRhScjJ688jsKTlqQ
+DuowCwYJYIZIAWUDBAMSA4IM7gDya3x1P7gnc/43+gwI1bbPyLFhkbPTUdbp8wrj
+S6y1IBreYKD5+OSNsHx1sQ+vThL20hYZunwSyzM3ud/UFZJcpTYE3hLIqWYYlFfD
+KXc9OUYfL4xYtwY9L7NuV9GitoPOZqXGxC8uFBcCPtgXnKKm+2VcUcp3WAdgnW6T
+ohOKPc1JMN1ElgywyAeUKGyVu26WhQxltO/tD9NyWjjx88GJQB0EAhd+CUx2gJoG
+71QWYaHKKKY2Ap66VvNY8EwfG8xHfd1agWXl+dR7OldlYHAflSrZyczt/m97CBfT
+gz0q59YrtpgFC6A8f27DOns49/pcvFrFvnqbrB6olgn4g95w9a+zTjK+0LEOLuZ7
+coxK7G52UM4+zm89rgiV6Lf57E+gq6PIg6VJQzWeNlii8vK2c4D9+ru9DWxrQYIp
+lO011cW7q37cw1UenD7ouG6zd0Rgq5LIaoeQgwngLFoAEGl213xGJ7nFmPKweq6m
+jEWArh8WFdQS8xaArVxh16Qhijpk9aIMRXP8kv7x8ORXIOQkfE2zVQnnjMt7zTO7
+YbKY0ujPJwEga8UsP95V3ApLLNc4S9EIm/URSL9i1eA5Yf0/7qZub4512LN3tH9f
+QGr96wtIGKmMmD/M/ON86GXWRMvQW8w3DSgi73RuM5WH+IVZ8kRgdwx6ff/Flbd3
+PXXmxziQd6JdOIDn2JeTaEfZd6MxJ8juknEQTotIzOhSNJ08zcQqkCu0OQIcNMaK
+vzbzEDP+VbiIGxL6n7Y3JRnp+ACA2pWbB5lUl7Ex2OMCO9zrGAL5f98+5RFId7Mz
+2gQOah/y2FFHVw72TB3XFzyPuThiTSeXW/sQUMkvGXcb6cgUA25Umuq+tvKuktLt
+H7Rrj13+g+cSgkDMKpHPx2aVTaZ3hchDqQhplLu8adVkjaXldrrU/le3JYUwZCsL
+4ZCbWfEZeRgq7rVirSSEm8U1psE5mFZ0LqewLz87FKIYmTFVY25Xew+T4O/BC35P
+k3xp5pP99ShC+0o0YyStQziC2PmNNzjm6xHGYAYas7gyfpqVz93ooN5lg9uMTnLs
+SdAD/jsumB9nLGFPJ9tNYmL6AbnlBZiBwg2oSuIlSUBTCMFmbt+4QvsgeqjHx7nQ
+Z+oc8x7D3tSiVcf+sTICFRO6br2FF2PHDlTvKudW6ziFLsYWkkNK4K68p4GO983H
+R8pd0uXyhICMHSgriODpHmbTvyV2Vzh9+AKCt8PLiixeKzBL0Q6A2lquMk+cJP8f
+Q4QJL/TbUJ1B0yy1GVy6oToID+zM7ZUwI85VEqBnwWqA/UU3pggJg1CjItGrgM9x
+fGkPVjPZ9IjadgB0tgfHZ97gW6YiocaXmu6rrYF6rxYkWDaww9Uq8CQsrv7YRb2Q
+OeLCem1jyo/98YeMxVxBXZtAqMfgbAd2f0pa9Y3u84OBvdLNIyHXDWgmIhHG4uy1
+6JO6OxdU9qoEyw3s/8hCAQbQZfEHTsTTbR+ij35PCZHfYOZiFUZozMCSslHSrbIc
++hmjd5slvDnbuxwCnhJX5dOnWRQtWzbUg4kJFwSven+MCQ6d8CS6RZbEHOwvCD4B
+qIHUaR1+lT9bW8kynPMZk6GdKCvyAEVnf9ka4mIiJrzycqBwwdOTlfKsESviE2yd
+9YyBF3adS6eOKiuE71HJ7h1gnpxQJLtrC0q4y4Rmh9arwDb5nQ7QrF4mG+jUMFLL
+sR8jd+/QHGmpZ5qhUfxyti2qQOteGjDlXtA2guahqCSX71GUpXLTY3VYisnWzoM/
+xdoMhKy+maEJ1mOeyrPnmOXh/mxLWpwcN42QH3u+iktGa66LKNwk5P4+1aSjV62k
+6jWvWAF6bSgr7hhffyt8Nr70HklYQg3NZpo5ivpzYzCJ6r5dm0yuL6pxJg098RYu
+3CfyjyOHB/FVhx+e9ADQ1I/NbkGyDvIj/AqD0TLbG9AyXU968SP3AEmedi3IZLGO
+EtA373hLW/rnVCa15+3rcLcQACfJwv8VwbIpeZSBh7fZ26KcR2Rj0vV7Qn786ZbK
+6aG9SlHpRCsV6hiQdsCYr1k+X0a7wrRr80fHrCd07vqG/hl4dbFu/IhMeQ243K6n
+3FTnHclYDoKaUQCmlOfgp9/3djAb/rOVwiPMoXkVS8JAJPa3gazejnITG+W209T1
+ukA+AYvpAR2qd1ysBjZnZxbEswAWKk2z6O/056/F1AQaIVRgKBIYzuwE1lLNLNV4
+OgLUZ791oEfjVx/1QqhgLBd3pY/U3535OlM8lCURjdMo0EuxsrIY3AxDQHdnSTsw
+EzE6ZDFLCFEKEEw/iVJul8qKUtFuoqsQMX51A2L1AosbaPzawY6RU2/BWFqew2A4
+K5Wm5YDwilHYlpBy3+F1ByNUI5+ayXMFwQi0dqpD6QXpuRm38Ze+qy2YKtaAljeJ
+xfcJjdIrx2LiAvKGHO6yMb+JVGliBZr38wS5fJX3sZY1gWE3uG82qMo9ft5ovmoE
+ZMMb4GSBfX8WTyncPmO/t7/wv+JbVP/Hx0yv/7WWVY1pPoC6boEtY4YrIHve7lxv
+S8NSixJ8ESLzffJZTGc9D/tDM6FRHobUZItSoFZwHpGGbfOrOD1Q8mWaVj2OxXh7
+nlWrKX+WSZX59sR+Ez4eHejnNXFT2FGWrUfK05+0YooTn/4jZE/u8X9tSf/HJkKb
+NyKoDeJ9lwf60iJFbQNf1zXVc0U3I9y833CvUz3V1XKZoZ6AQXcc5NW+lNpj0CPD
+3Z3tjwYGIdpQopZW6qYk66yektO780fYKdqG3W+0QvFmV25DjKx0DcNXDgs6AXn8
+Dehq70ogiRaqisQuXE0+Qy9MdXwx/9ytN6m3Th25dNg7PPKuPugbFAg3ev+RuPv0
+a3BwLozRyAIp5VGuG7Iu0E80kAXQixkN3YQpcWhXTsJBfsrFyUVJLejYgX0Xmkj+
++2pf4+9IRf2nAwqcYRZylt1N0/x2/vVy7pz57NIoWGsQ9Vy8HcgK/rus1PWRhN36
+ic5IoCgko/ctVpKZfX3Rhhm4qjWXEgzsiMj8/RhbKC2m/MobcCNCQUK26fwetMri
+Sq62x3XTyaI4HU5kCQUdXcuaa13UvmFxNKqhKqJSYopCOk+2tP49qewc4dPKebbc
+qYF8kVhpJB5cwifB3ieaRjU66PaTX2AwZNa0k3XrXmql9pQ6h6K7QJ+DucAJn1n0
+FH0XElKBX2ebUC9luqUjHRKeJW/FDZEijj9ez8ssGMD4Elcut/qM1hNh1GB0hDN1
+x8yE3KNwHJfs9bQxphoRYnw78rINuwUU9Yild15XLEa9CzUvwmOcwQXku/X4aVPv
+0qsUnF414LGeySk/8XUcJewV/u9EdIm1XvL77iifRaV9CeRu4yEYPn737QCW7j+F
+Ex4WrWbokI54n+SeBuvZ6Jfs/12lPjFVIsD9MM+YaIVA2846cVJ0Idc+o7MGXK5e
+6p/2PjlRktXrYPVHrIRP3Ouc2js0IBEK6STubJFbSnAHTSRQqmcxph1BXLf6A1dd
+7dt7R7tKbepBxWKYq5liC9Rqq2oatrbMARH59EWscoEAzZP0L0rio1KPknvM0ZBI
+ibiszAb7sqkh7Hq7EoicirdXTjItOitSQWshGiuiKVqCE0jANM7lFhfO63XsFo7G
+GuOuqQKDJTx+8F5qHs2s7yC4uZDDmMx+pZ36J6Mae5CcyeXVQDgkBZdU47tVCeB0
+7WqaXFAdbJTKVwEkG3PSg9qp8SoDL6c9eQye/Hk1Z/vmf1tYHoPg8iJpx0iD/dEk
+/73iGZEAr7U7NM/ldcDxCXO1mfBNSmixq6zp5jJEH9TCo+usT0dQKGW0N1zPyDrH
+0qHWt1xSO0G6FPK4zTyEY/84z+ecXFvxxynXLYYCm5kEhK06PYiVY5OKOaBe9vma
+qS66MzHNpfjNblJfG9O/HeiJLJ3vV7/F3U/kfxs3PStrMgoXMRt1KBrmIBB3F1xE
+5WCaEONmuYSmJMZPbdkB+7rEsbC4v1cnyE0800BAGNYpVyPyTYbfPBthNEmYsBIV
+KSYuVQ1259Ju69UE22dqnXnorsCZCXWEpmcmRO8/Gvb0Y7OYFWltDeGLFJRbJ4av
+5dtNm2ZH53uLPi3aYsZU9cyfxh7AcbKSfQlRSVKCj6o0BQ3ZvmBPPOvcsUbUU5oo
+FgCPOse60fvnKhEEO9zEnuU3RObcQPkDQRmMQ3OhibiGzOEOaU6PCEVJ3P+N+lJm
+/0M2lNaYgaks0kmKoYdEmpLdmdGSCCB6HJ+nIIlwodrM0wK9SZUqkd+kFoGvGf7+
+XkFvmlJbGn4UCaaHOUaDZsFBMiAcMAAcPv9FIM+A9NIjbC2imd0TJf+tLf6tLA6P
+gFHtzTF9yuL8FSI+bbLr9go0PG2SnqPM4RQha4s2OoOvtNkQI2Smvu0AAAAAAAAA
+AAAAAAAAAAAAAAAFDBUZHyU=
+-----END CERTIFICATE-----
+</pre><a href="#appendix-C.3-5" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.3-6">
+<pre>
+  TODO insert ASN.1 Pretty Print for ML-KEM-768.pem
+</pre><a href="#appendix-C.3-6" class="pilcrow">¶</a>
+</div>
+<p id="appendix-C.3-7">The following is the ML-KEM-1024 certificate that corresponding to the
+public key in the previous section signed with the ML-DSA-87 private key
+from <span>[<a href="#I-D.lamps-dilithium-certificates" class="cite xref">I-D.lamps-dilithium-certificates</a>]</span>.<a href="#appendix-C.3-7" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="appendix-C.3-8">
+<pre>
+-----BEGIN CERTIFICATE-----
+MIIZQzCCBxqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44808wCwYJYIZIAWUDBAMT
+MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0
+MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI
+TEFNUFMgV0cwggYyMAsGCWCGSAFlAwQEAwOCBiEAS5TClFAREZGCOzUUyaweo9mC
+XMuGOTot+wRlT6IZLTe/rRxJfGUC7uXKgKc7/OC69aVKiFhaQBOXo9Iy9Canr7CC
+vCGkQxcJDqrHWSwuqIplPESR6hk5MTNfUumJo8TMVtnFU3MtV8Rw+0GrdZtl0tBE
+RTgvzZxONEoRKPqeEeBDWOGS7QFLIyMqfuKyLiNxf0QRHuM1dTmcN2RtqYE+ybIS
+r+lOXcXCMwpylMwfQjSm0/u08WhauIksBKyxfNHBcNewYRtqcXbHlMyMZ/VfySPC
+rSAxAPNlmRiCwwJD13gThDtex8lkAyJjcGCS7PAMdRa+ZORZjKQibAabteZ+QXXP
+IobI3VxIimxYYfMbqgvQJpRw6LVR3TvNOMhsEvnNsXbHfci2wCpwH0eJAshVP2lM
+DYJye0xKXCwQQSEqoSdICLghEbN37HUhTpsZePdgBNQTnZhhP0uOmNIK97U0BzpQ
+mpWbenVk+bQMohi/YYKTIKhQIBeVTTKNesbHaewpcAdW57BoWzQNXhGAWVBKSaml
+ChAZjrEKV4RnjrQn17S6u5VSkzsGKJeXPhMY6vCg6sN1hKZUAbFwPgQqzNg3UxSD
+8kHK3NHB03gRnmlEKdsZmsiR5MU0N1cIW7OueDZnNQxEWNl2cuhh6AsdJnlRDqOm
+8jYMd6RpQsegalVNIoCAyEtHrvFNsXYgyxbAarMKG+TNpwgr6fh+nCEcRpFjSaW6
+jqpSAccpSjwIhbU7ZXRSEIgl7GRskKBGEjJO59Axr+U0MTLL72e277Gl7CgJt3NT
+jOd7PYsE6ws8IlYBHkxxbBmougdSv3FJIRdknwYVwykPwppG/eS9UtuShtYDOIJE
+JZwVp6wrZApgzAM3alhBo/uKRzVo+psaJnIV80wBaXsPDmJxddchBbdwfCm55hS9
+wzpvbIGKlTcLQniC17R2eWqexuuZMnTNmyORqCukXjOT0umulyHKnWwbmItYJ3E/
+kKZYXelDNSjAKwPOELtfcgE40Pu0wwwSZrkY5Skl3+F7N/ldIrylT0dZGayFkJjA
+8NCKxYde8ptW/RQebvFfcAoLZvOVlcWIF3NzxGabIbwHHkw6pfC0oxtiWPNdokrD
+zSnH8gkkEMUHg1WxOPtTprmubgucCCQ+e6pFxHN264x/E9TPUapzb6MVQMkkHzcN
+pUS/n5wo2aV+Lyp8qVpOS0ZuZBqzvMdq3xE51Wem8StS86ZefsCq4mvKqMVYM7BO
+WZmOvJoZMPu20iM8U9LB+LlRjjwt5zoZ3uazgKWzKXHPZOEp/WwfpuddSiNFAelm
+3TpUCvXI9PNKa0olPuKEklZtXmfG9VhV/LBQb7BsFWdE2aA6MaJvqUytFPFXt/MD
+0Hppx3N2j8tNB5wJBZcDoMOpTeS5nqOi8WWD0PkXCjlQ2we08LwwgCkn+feWG2JZ
+iSY2qVAqJwUwNjd5ndNE2kUcHPe/Z4QM6zB5q4xrjBkn9kBTxhJFDEXJ5gO8FmZu
+WWs0ceEDtvFUR0JNFwIgSBEf+9N+HGcPZPFLinsyuUwaSbRd0vw4zVKJ2RCtY2As
+9eEwQsZKxnl7iftVGtCOBaktIAzMt+cS7yPJMSyzUPApq1N+KHNH/TB1rBCQang/
+HGwHzLiPQSKMS+HGQPeQtcOl1dPKeSSV10vEYVYmWMB6xgAna5JKtbyb4fBJTLdv
+gvRgp0gJcmYzgeFpmWBh15mFnsVNT1ylxBHAHbFZexZZd2ad4TqSijSvusJY/qjE
+dkI5yUIdwxGb9bR2mSBpeDJ7HFNF73RqeYOEHwVuJTQQCrJNTpq70LF8apW9TDwO
+QPaeFhKs7rKLmQhslRFucgQnOJM5C/RriZs2KGsOvxlHu5iE9zLKJ9qCsZtdwMx/
+iIVxSRCIiyMQxPkxnUELNOZDO5AD4hdruZUldFYQbolSFjuLpZJTDMWqCutDrTmP
+6el7qlI9ekQxZ3w9OvBxnkdduFypWvUIm+q+sFsvqrSJa6YPgciEcqV7RqgogmoM
+37RG+BiRgtK/XqxOwcxd6vWZyKE+SCNUBtF//dyDRLbGaYSoaKqS+gIieghpUOsM
+hwHtWNxih3a5g4guEXWjUjBQMA4GA1UdDwEB/wQEAwIFIDAdBgNVHQ4EFgQU2oIY
+LDnr2zUNkE7kvFB7cgQ/+iMwHwYDVR0jBBgwFoAUiYhnULV8JNs/wBLmHt5ZdTM3
+N08wCwYJYIZIAWUDBAMTA4ISFAB0Ilvfx69mChnV48hOgGE9RRQLmMKyjFn4sKDx
+FO8grAAsxKw9hdEkv+TKqayLkCkxeDnhL/HIOnDRXxZ9iVUMcCUrhcerYIIZiUeu
+CJYYHAk0Wv/eQF+qzT3UNREKdljBD7rlem7wRC7oT6vf304BFsDOQmL3yL3gh8hI
+ycxU5SMh3dH6Gj1wSug91LVBV/QhLebDixXuKOe/q5dyNQRk1lI4im5ysGCkGzdq
+UZuanqBYvvE0c1dvvgeG9+qV9ARQOxmOaKYQMENVVA9HbzGV66GUrR19jK9z1bRI
+OSzFCba83oGHKyC9bHCLfvtXFXRxNVlDHGk7dRm2dAOds/iWJL4cu/M2O8rWaxIt
+ypfeieyKbr6CQjGzWqQ5lNYC3piMO9Byl6QxvZqBPhFeLbXYc3ZFhk250oz7m+LF
+DpHX0+uf4SROW51EDoo3gN3hQPp9usgYQcfprP/SpxGmxJ03GaHv/tFF/pEwCAT+
+sGPjYGsT14KVNG//guI4cHs9pE6s5Y8lslD1AUjFg8VQlIqF2JCPnaOGyagdEem3
+mazLJ0y2KCnFMhqp3oGaVWXC2LSwyOLe0XKeJWRbuvXQ4Wl81OItyLX86fjol8bO
+nCG83V3w4L3Omizd9SdnBtd6uv+1S6oxEvNcs7+pw6TN/6EuUaRPhi/jYr8Zpplq
+JfsCOUoLs6hJLjrD5QMmCCxYCrV76ea6Moyyr1/0mfElOkkTLMLzKN5p4vqPEdAd
+N5vDAT8g4Yn0MsRPqqK0pXyUA7Ax9ISGuQebeF9rBEtoEIG+bq4wXBWxmG2gQ3Ki
+ctNDS5LUZS23n85pZ8t002IX6fXD3JYtn4UMJEjbSh3+s6WY3A1qG00bLJL4chIq
++G8mBAZm0/e0Kxb+H7Y1tWZnTe+pi08fKwRcPTEdHXLKU8bS53e3A851y8cNrGs0
+dNHaDQHjcboFgDhXS4geBY6iwzHGdmfDKcA5mxURP+XUgG6HBLuCYCmx0S5OzP+F
+ZY+bChnR7z0j8bTl4YOOIiaHyh2CW8frGsIlw1tBINezLWa7sr+4rx6C1CK0F2J/
+IdYIdEMLiL8Yx85wL0q0EufDoc/HPQRe3hDDtYsex3RMr83osZI+okf+3vtMoLv3
+CJxyZIp8Di65SuZRHZ5KNW/DGFWGAobRHbS6Va37KTjzysg1VsdM6wqcIYFvOMV/
+mvUVJ2MbXSawQuwKVMjYeibT8n55S9iL7mcfnivLgl7QNO86vaks8ZRpnZEA+FVS
+QiS0K9eZnBTI7L4bzJKZHgTg0tcd13qZXZtUpQdXxquS63o0lDZs7k5iKx7Xt3Pz
+T1f2y5ADQIrSPJ9Ytw71TubGotB39vkiqwvrF2fl7n/Ia8aEHp3k6x1OUbOcQ7G7
+PW+sE2mdgy+2FcSlyomFXDent9ayH135V2k87/YYwtJjt2rFMSRogut01AtKJ/On
+C1E2X5s5U9FXmeuy1ss/U6zHZ+VEiSSZlBu1ej6/yrsCAsu03/HepXMfbh4NuB4X
+yUTGRYg4rF12nH8ah9Er33b4iYM6zf5JVPRPba+6oDjQHYAjvD+gRF9D5t64PcaQ
+JAA381HRYqtigLpS1NaAD2bUvg2JYsZEkymXs1w+iG8aLBcakJpqmwKazFczcpZJ
+nAfhVAopjRQTyGxyslH+01Kd4ZUiP4LKZCkNrQjsNspIHIaAPMp0kL/FA03tfGwe
+sZvcvlnJYD7PIrwxCWdIFW24A6yaGKg4xE1NO9oJQWLRNDDY6IyOYf9jw4YNlcG5
+wsJ5IsbUcUckGOPHiRx9IHSiOFewb5KWjQUN79wA9/w1SWToG2fUSrfUSNhEvsV5
+F+As9EcQvgVGtINulzWWHxfCGbfVHZ8EO35xQG077xcEGMhMz9eNWQR8GdQOLy2k
+QjNlZV9U9pKa5CcVjkBRHPpfsFOMT4qHW6Arv6VoNcTwUuobFtl6DYWTeU/qrmN3
+e5gM176CKneRS8IoDF8nZeCDCeHAD17g4V9UUKNaeHaVQZ4elvvVwPhZvdrTGoIp
++VZrYIJqltUCZwvBvsxy6ILzZHCGTLTQwWaHSiaRLVKUPVymXVBnzj2cReDb4pk8
+/bQu/03ZSquOub6PTV/8U7ejb4fXXa6TEWQa2Sao7ziqYIUTfwoPzNfvz4eLFMPw
+j7USnBXe8mV+MOgL2ncK7aobOIyfPwal5IEAA5ovPmY63T1JQGdAoumKTO7NOVb5
+hR/fXq25OrWf77Df3vlNdi5n1GC7UFXN2FdJ4wJl3X8my5L3sVOtzAWKMAqBLbqN
+cKFKxMvbYI6gBT79Vm9f4LgwGEf9lFQUk3ysP/uQFwURGGglzPN4GmIrNHPNx5yB
+bUU74kQ8d5KOYmP09S6gyxVd17nau6i4BkxwA69HnIS7RDXfg7kFnrnNvk0ySHFb
+a8YmLTK4n5HEO2KRSoayIjMq5j7CvTZZag/emL3dSdFsNsnqJclUl5RImlXg5xnv
+nf5x+lXcx7IZ3fBau3yE001C4W+ljlh9EzaRqTt0vT2JuJ/Mn4iRws/a7CYdX3+L
+FINsrgkOJwbgUOFZGG/LShXe1OjPxbVnE0TMl35QqC6tYyY+57lqb1cBc3+ZPmTc
+Q7yOeHfGAhdI7aYRV8Gqt2nx8ZwuhCJRuuxWGYjbpx9StbbVeSmQyQODoUUeXvBR
+7DjFqKVRz3CXFW0j8SMRJiXCk8pQb3J+cbyA2AuXJkBlkIYswLVgH2NT3onbnhO6
+0YbkUiv7d8AARktu1VHDpJWr5JgMSQ05k5b2rqKD0CPHWphapFFyEDBESeLLmnUH
+WXf0aNl7VrYrXYRzEXzUGDf61yUJbBw9gTLMDC8WGHl/NPth57aZ1Ao/IB8Ir3z2
+vXABqKz3Byk8klGzEa37tist+sZjN87DhKGjAUcolgoOn8F9p+SAwnLVLMhBo+Yi
+Fpu5hwAIggzYhC+fgH17Oz8m8SEL+o6LUoAtleMZPQCgbSb88CvBZPHBPa3l6+qF
+cORCrafkR7eKWUBCcJejSzUvap2ViqDSnerLHl0cppKvL0B9Jf++DO5RARKhTLdL
+BKCHsfGVWJh+cpePHdMM0Kzax5K46RjbKrK0v7qD5oHfHQOI6RV3oJ/SXuZr5HRq
+jHgy6quxwksp5w1il324kdoQ+VzaVHNbd7Oyngk8hM1RC2/HVyE/8xJjlZUxMolx
+/D460FpuXdxyuYg7Z46sHNv1o3O7sRiOFXJfOH9wVb6H4PAo3T8kK1HASaA4fXq1
+lj4NGV4eSD0bxDNJv+7uywbUTTKzy5ObF4swVgkfQHtRkGoXZwSTkIGnGw+bwOwO
+GIz2W0T4YZVwbHs6gChn7cCQnqUmrFH+wZn54qY5FDX9ZyGsP2qxeb5zh7GtZx4T
+WjcEkEok2O2YwvteSxYUPM/5lkol5edy9e5kua8YKEEFue04CghZv37ROQnh5+/s
+NFZooNTzP7iPDcYuPMYSCpbowrVaRRxu7A3+IK37n9gkB9NMXT4xXizv79ey3gO9
+xrk+2aa8GTC4JEXM3EUjiLIhlQ/GFLk6xPi0y9/dX4txmRzGi6DEyi6yfpog2xho
+56zUqHZ2qcKBmEyrKzd99JmDe3Riw9C0Lci3SzKP1DvNQktDerm5TkyhJbOQl5Y5
+fjkksJjUdEvWOGysJHx7GlUZRGPytXgTuXKEZ6oMObXt6+/lQFdB4117dsamPdl+
+IXyc9FxgwMCyaECP72CuvJwCNRrPEIxlRJAaMPYhalgltqGGFm8vDhyKgfbAyhIv
+OrkH6/7oOY8V/9SS6XtRIZD8WpLsxIKhB+spvtFSA3mkgLOw+Vx46CtV+91f5rJd
+HcDAqOMl/KebHbt0gTKiIncx4ICUS3OcTmF5MEhSxwBHqTGeF2u6w62h9jlpp+JD
+m34hh9A1gH3OwsnBGcBMxb6H23iXNGYZYyWyneIluQTvRT0CnKra8hgm8ONjXK6F
+N8BZepxBL1Bu7TQIH1iYUW5LnQzIEm6eIf/iaUz6S4RRT042Cek8YWWpkhAf4ko0
+0syLPVpPPxSZMpj2rUKmyOiPxLtHeVhE1QHeUS9YqkjEH9W31g68lzI/1OwIAPmX
+8/0W2ehncAXZzcvaqKn3sVF0ntfY6zexcvkWKnQntyrVik6feikCRDym5CguxGzv
+leBp4PVF9kMJ+lbRTCgvu+rAu70sm7HRYkbtvUQzdAkdIQYNGYa5Ah9+y/oI0vy1
+C4Yz5c5D4XLN6lomHL/N/e2A6RPwCa4i5BdVDButLBAiXg8QLeicikPLxmnzVJdV
+hat/2VgWDPmrW2hOfHgka+S4muOUcxHkLLKz4vIy4H6aUztSnjod5P/03JrQOm8q
+iBzhOYA9tzOKxNOn8SxlWlJHhT8vb7KX3pT9dKmWqfTPn5gYlnT8rexudJkcX0pY
+Qm9cLNKThdRAwP/t7Yk9evt6qh7g///JMZjKMIHtPE+mL5m/xiBjGNiA1JkV5/vl
+55tWqRGoJMv0qgcPvM9IKvUMk65x2gjH5os1fuV52BgVOpcwhbLJEmHG4wd/IEo9
+GrW7rFFGL4vyUNhxxXsmAsfhYsoSRR/s3GlX1FwPDxqUw+VS2duVCHYvKDBsZaLP
+Ergt6fDalHKZVTnI2tVGNH3fFpAmBC5V8Iq8thzK4fRK2yF8nGP4HYSWNqQc2P5o
+hB8wvEofpGjitBdNqlujkBMcNsLPPk9ZnUmQ3/erzFw34b0jTMUBrsfleaG2Kf1S
+9CG6YUiULoMoRh8cPSSrvaGCxfNx9M/WkaI8JvDsEL19ASBYqu3bOV2bCutPgbfP
+Bd1C6N8fNNzJ7hPSVAqz980TtfmgK+dj4NqhEw5AaVxy4+9IVGt6JhYAT8F//ATK
+xfAe44nD1Bj8UGN+seYwEk7dKaCd703yP6CNu9447k/3xkvtwcwtL40Kqmza6913
+B64HvQ2GjSaOdIAkaPq1ACy+2OI+S1kIvOTKBemHF3KMJf02+1ZdAhwJ4uJSnGDi
+uVT8svHM779FgIUMZjOmdE8dI7jpRKsw3czgucG2r/EPYRVa1B8cQd9iq8Xw1/Ce
+7CbgROAqmfboMupDgA+QEV9Nf2aAwqQTEs6yG5saOtoNiCULXwNmh18RPWhZhKqm
+voXPxnZyZ2VsN3jlcFB2WG5lngf+r//d32QX8ptGQHmETXxIvMmRG2p2TS7PAthx
+T45SNsbL5jNQFysjJQWTlGGYGjNGQJHtqhmiIwpUICoJNymGfYEkrg84QKo7+NdX
+xZFd7HAAw9MdSl1tvkLX+uiFzl+2d/d+SvAxHD3qDitg/90tUDLAoAxmaYO3lmFy
+kTuJUMVJLhkavp3LC2Q5K+mgevqlnw4h+sw2lY0a7RVLLnHc6/FVi/sC/Smu1u8u
+019R3unx8faluUtqsRvlxAjtH1feQdIApy5FFp5m8t+Ixpe1QipBTN3Aa+g3bph0
+hWw7u9JgPOja0lIJDDyGwWhyv4iCsII1OSKhHdLn3U34BCQ8nTY2DPqvojpRKg7u
+PVnSPpbAdLnfSU3Z+x4eQZiZLKQ8LwcOnU6+J8S2Mneboj4t8chpblbFqXEX2GDy
+jE6JffIAEtZan8bJyuD9lNJgr4raeyt2rqRLmpoY1Emk5HSioIjsgUTu92FeMp/b
+YWP6Fc/rXHoYl5xR5kUW4BtiB+592H/XdJzPHJQx2kjzS4gh1NH5s0yENMOWYTar
+0HJecZth4BF3SNDzElWcOvGWnMQj/fpkHgAq+aqXa2UCd4P/FaEXVUOuxy+vnHwe
+qqigp/mWD19+DiTyv7WEe+o/AomHctLyigGFlR2zs3yLXSwNnDJ6YANpgMlEspwS
+3ToM7PbcVC9vDfjKhGdAhvdVT1lr7IU0fYeMVppE6HkoKS6tbsokb9qtbvtvWCfz
+I6342qm7BW6/SiZEx/Sl/DzF8qA3eLHM0xFR2kvHsn+5AB5ucy2ZOJF2W9XuwYSU
+BPoRrmdIWKQYC8/MD5PtZMqUoEGvHl6jFpfbO6+RP6NakpA+q4Tl4xuDNyeKqOdD
+9+XdE3acWR/r+JseircGaBDDkpjBElcYgZuLfqKrx1+G5i6t6gWopcNtLmVcuAWv
+HVT854OIkNIUoqfnESODrczb3C5kjJ230df4V156qMbJBwwcJFtzf5ObyO3ycnd/
+kNggIp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIDxcdKS4x
+-----END CERTIFICATE-----
+</pre><a href="#appendix-C.3-8" class="pilcrow">¶</a>
+</div>
+<div class="alignLeft art-text artwork" id="appendix-C.3-9">
+<pre>
+  TODO insert ASN.1 Pretty Print for ML-KEM-768.pem
+</pre><a href="#appendix-C.3-9" class="pilcrow">¶</a>
+</div>
+</section>
+</div>
+</section>
+</div>
+<div id="acknowledgments">
+<section id="appendix-D">
+      <h2 id="name-acknowledgments">
+<a href="#name-acknowledgments" class="section-name selfRef">Acknowledgments</a>
+      </h2>
+<p id="appendix-D-1">TODO acknowledge.<a href="#appendix-D-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="authors-addresses">
+<section id="appendix-E">
+      <h2 id="name-authors-addresses">
+<a href="#name-authors-addresses" class="section-name selfRef">Authors' Addresses</a>
+      </h2>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Sean Turner</span></div>
+<div dir="auto" class="left"><span class="org">sn3rd</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:sean@sn3rd.com" class="email">sean@sn3rd.com</a>
+</div>
+</address>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Panos Kampanakis</span></div>
+<div dir="auto" class="left"><span class="org">AWS</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:kpanos@amazon.com" class="email">kpanos@amazon.com</a>
+</div>
+</address>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Jake Massimo</span></div>
+<div dir="auto" class="left"><span class="org">AWS</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:jakemas@amazon.com" class="email">jakemas@amazon.com</a>
+</div>
+</address>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Bas Westerbaan</span></div>
+<div dir="auto" class="left"><span class="org">Cloudflare</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:bas@westerbaan.name" class="email">bas@westerbaan.name</a>
+</div>
+</address>
+</section>
+</div>
+<script>const toc = document.getElementById("toc");
+toc.querySelector("h2").addEventListener("click", e => {
+  toc.classList.toggle("active");
+});
+toc.querySelector("nav").addEventListener("click", e => {
+  toc.classList.remove("active");
+});
+</script>
+</body>
+</html>
diff --git a/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.txt b/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.txt
new file mode 100644
index 0000000..2d7ae29
--- /dev/null
+++ b/seanturner-cert-examples/draft-ietf-lamps-kyber-certificates.txt
@@ -0,0 +1,1353 @@
+
+
+
+
+LAMPS                                                          S. Turner
+Internet-Draft                                                     sn3rd
+Intended status: Standards Track                           P. Kampanakis
+Expires: 15 June 2025                                         J. Massimo
+                                                                     AWS
+                                                           B. Westerbaan
+                                                              Cloudflare
+                                                        12 December 2024
+
+
+Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the
+       Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM)
+               draft-ietf-lamps-kyber-certificates-latest
+
+Abstract
+
+   The Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) is a
+   quantum-resistant key-encapsulation mechanism (KEM).  This document
+   describes the conventions for using the ML-KEM in X.509 Public Key
+   Infrastructure.  The conventions for the subject public keys and
+   private keys are also described.
+
+About This Document
+
+   This note is to be removed before publishing as an RFC.
+
+   The latest revision of this draft can be found at https://lamps-
+   wg.github.io/kyber-certificates/#go.draft-ietf-lamps-kyber-
+   certificates.html.  Status information for this document may be found
+   at https://datatracker.ietf.org/doc/draft-ietf-lamps-kyber-
+   certificates/.
+
+   Discussion of this document takes place on the Limited Additional
+   Mechanisms for PKIX and SMIME (lamps) Working Group mailing list
+   (mailto:spasm@ietf.org), which is archived at
+   https://mailarchive.ietf.org/arch/browse/spasm/.  Subscribe at
+   https://www.ietf.org/mailman/listinfo/spasm/.
+
+   Source for this draft and an issue tracker can be found at
+   https://github.com/lamps-wg/kyber-certificates.
+
+Status of This Memo
+
+   This Internet-Draft is submitted in full conformance with the
+   provisions of BCP 78 and BCP 79.
+
+   Internet-Drafts are working documents of the Internet Engineering
+   Task Force (IETF).  Note that other groups may also distribute
+   working documents as Internet-Drafts.  The list of current Internet-
+   Drafts is at https://datatracker.ietf.org/drafts/current/.
+
+   Internet-Drafts are draft documents valid for a maximum of six months
+   and may be updated, replaced, or obsoleted by other documents at any
+   time.  It is inappropriate to use Internet-Drafts as reference
+   material or to cite them other than as "work in progress."
+
+   This Internet-Draft will expire on 15 June 2025.
+
+Copyright Notice
+
+   Copyright (c) 2024 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents (https://trustee.ietf.org/
+   license-info) in effect on the date of publication of this document.
+   Please review these documents carefully, as they describe your rights
+   and restrictions with respect to this document.  Code Components
+   extracted from this document must include Revised BSD License text as
+   described in Section 4.e of the Trust Legal Provisions and are
+   provided without warranty as described in the Revised BSD License.
+
+Table of Contents
+
+   1.  Introduction
+     1.1.  Applicability Statement
+   2.  Conventions and Definitions
+   3.  Algorithm Identifiers
+   4.  Subject Public Key Fields
+   5.  Private Key Format
+   6.  Security Considerations
+   7.  IANA Considerations
+   8.  References
+     8.1.  Normative References
+     8.2.  Informative References
+   Appendix A.  ASN.1 Module
+   Appendix B.  Security Strengths
+   Appendix C.  Examples
+     C.1.  Example Private Key
+     C.2.  Example Public Key
+     C.3.  Example Certificates
+   Acknowledgments
+   Authors' Addresses
+
+1.  Introduction
+
+   The Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM)
+   standardized in [FIPS203] is a quantum-resistant key-encapsulation
+   mechanism (KEM) standardized by the US National Institute of
+   Standards and Technology (NIST) PQC Project [NIST-PQC].  Prior to
+   standardization, the earlier versions of the mechanism were known as
+   Kyber.  ML-KEM and Kyber are not compatible.  This document specifies
+   the use of ML-KEM in Public Key Infrastructure X.509 (PKIX)
+   certificates [RFC5280] at three security levels: ML-KEM-512, ML-KEM-
+   768, and ML-KEM-1024, using object identifiers assigned by NIST.  The
+   private key format is also specified.
+
+1.1.  Applicability Statement
+
+   ML-KEM certificates are used in protocols where the public key is
+   used to generate and encapsulate a shared secret used to derive a
+   symmetric key used to encrypt a payload; see
+   [I-D.ietf-lamps-cms-kyber].  To be used in TLS, ML-KEM certificates
+   could only be used as end-entity identity certificates and would
+   require significant updates to the protocol; see
+   [I-D.celi-wiggers-tls-authkem].
+
+2.  Conventions and Definitions
+
+   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+   "OPTIONAL" in this document are to be interpreted as described in
+   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
+   capitals, as shown here.
+
+3.  Algorithm Identifiers
+
+   The AlgorithmIdentifier type is defined in [RFC5912] as follows:
+
+    AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::=
+      SEQUENCE {
+        algorithm   ALGORITHM-TYPE.&id({AlgorithmSet}),
+        parameters  ALGORITHM-TYPE.
+                      &Params({AlgorithmSet}{@algorithm}) OPTIONAL
+      }
+
+      |  NOTE: The above syntax is from [RFC5912] and is compatible with
+      |  the 2021 ASN.1 syntax [X680].  See [RFC5280] for the 1988 ASN.1
+      |  syntax.
+
+   The fields in AlgorithmIdentifier have the following meanings:
+
+   *  algorithm identifies the cryptographic algorithm with an object
+      identifier.
+
+   *  parameters, which are optional, are the associated parameters for
+      the algorithm identifier in the algorithm field.
+
+   The AlgorithmIdentifier for a ML-KEM public key MUST use one of the
+   id-alg-ml-kem object identifiers listed below, based on the security
+   level.  The parameters field of the AlgorithmIdentifier for the ML-
+   KEM public key MUST be absent.
+
+   When any of the ML-KEM AlgorithmIdentifier appears in the
+   SubjectPublicKeyInfo field of an X.509 certificate, the key usage
+   certificate extension MUST only contain keyEncipherment
+   Section 4.2.1.3 of [RFC5280].
+
+     nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+       country(16) us(840) organization(1) gov(101) csor(3)
+       nistAlgorithm(4) }
+
+     kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+     id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+     id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+     id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
+     pk-ml-kem-512 PUBLIC-KEY ::= {
+       IDENTIFIER id-alg-ml-kem-512
+       -- KEY no ASN.1 wrapping --
+       PARAMS ARE absent
+       CERT-KEY-USAGE { keyEncipherment }
+       --- PRIVATE-KEY no ASN.1 wrapping --
+       }
+
+     pk-ml-kem-768 PUBLIC-KEY ::= {
+       IDENTIFIER id-alg-ml-kem-768
+       -- KEY no ASN.1 wrapping --
+       PARAMS ARE absent
+       CERT-KEY-USAGE { keyEncipherment }
+       --- PRIVATE-KEY no ASN.1 wrapping --
+       }
+
+     pk-ml-kem-1024 PUBLIC-KEY ::= {
+       IDENTIFIER id-alg-ml-kem-1024
+       -- KEY no ASN.1 wrapping --
+       PARAMS ARE absent
+       CERT-KEY-USAGE { keyEncipherment }
+       --- PRIVATE-KEY no ASN.1 wrapping --
+       }
+
+       ML-KEM-PublicKey ::= OCTET STRING
+
+       ML-KEM-PrivateKey ::= OCTET STRING
+
+   No additional encoding of the ML-KEM public key value is applied in
+   the SubjectPublicKeyInfo field of an X.509 certificate [RFC5280].
+   However, whenever the ML-KEM public key value appears outside of a
+   certificate, it MAY be encoded as an OCTET STRING.
+
+   No additional encoding of the ML-KEM private key value is applied in
+   the PrivateKeyInfo field of an Asymmetric Key Package [RFC5958].
+   However, whenever the ML-KEM private key value appears outside of a
+   Asymmetric Key Package, it MAY be encoded as an OCTET STRING.
+
+4.  Subject Public Key Fields
+
+   In the X.509 certificate, the subjectPublicKeyInfo field has the
+   SubjectPublicKeyInfo type, which has the following ASN.1 syntax:
+
+     SubjectPublicKeyInfo {PUBLIC-KEY: IOSet} ::= SEQUENCE {
+         algorithm        AlgorithmIdentifier {PUBLIC-KEY, {IOSet}},
+         subjectPublicKey BIT STRING
+     }
+
+      |  NOTE: The above syntax is from [RFC5912] and is compatible with
+      |  the 2021 ASN.1 syntax [X680].  See [RFC5280] for the 1988 ASN.1
+      |  syntax.
+
+   The fields in SubjectPublicKeyInfo have the following meaning:
+
+   *  algorithm is the algorithm identifier and parameters for the
+      public key (see above).
+
+   *  subjectPublicKey contains the byte stream of the public key.
+
+   Appendix C.2 contains examples for ML-KEM public keys encoded using
+   the textual encoding defined in [RFC7468].
+
+5.  Private Key Format
+
+   In short, an ML-KEM private key is encoded by storing its 64-octet
+   seed in the privateKey field as follows.
+
+   [FIPS203] specifies two formats for an ML-KEM private key: a 64-octet
+   seed and an (expanded) private key, which is referred to as the
+   decapsulation key.  The expanded private key (and public key) is
+   computed from the seed using ML-KEM.KeyGen_internal(d,z) (algorithm
+   16) using the first 32 octets as _d_ and the remaining 32 octets as
+   _z_.
+
+   A keypair is generated by sampling 64 octets uniformly at random for
+   the seed (private key) from a cryptographically secure pseudorandom
+   number generator (CSPRNGs).  The public key can then be computed
+   using ML-KEM.KeyGen_internal(d,z) as described earlier.
+
+   "Asymmetric Key Packages" [RFC5958] describes how to encode a private
+   key in a structure that both identifies what algorithm the private
+   key is for and allows for the public key and additional attributes
+   about the key to be included as well.  For illustration, the ASN.1
+   structure OneAsymmetricKey is replicated below.
+
+     OneAsymmetricKey ::= SEQUENCE {
+       version                  Version,
+       privateKeyAlgorithm      SEQUENCE {
+       algorithm                PUBLIC-KEY.&id({PublicKeySet}),
+       parameters               PUBLIC-KEY.&Params({PublicKeySet}
+                                  {@privateKeyAlgorithm.algorithm})
+                                     OPTIONAL}
+       privateKey               OCTET STRING (CONTAINING
+                                  PUBLIC-KEY.&PrivateKey({PublicKeySet}
+                                    {@privateKeyAlgorithm.algorithm})),
+       attributes           [0] Attributes OPTIONAL,
+       ...,
+       [[2: publicKey       [1] BIT STRING (CONTAINING
+                                  PUBLIC-KEY.&Params({PublicKeySet}
+                                    {@privateKeyAlgorithm.algorithm})
+                                    OPTIONAL,
+       ...
+     }
+
+      |  NOTE: The above syntax is from [RFC5958] and is compatible with
+      |  the 2021 ASN.1 syntax [X680].
+
+   When used in a OneAsymmetricKey type, the privateKey OCTET STRING
+   contains the raw octet string encoding of the 64-octet seed.  The
+   publicKey field SHOULD be omitted because the public key can be
+   computed as noted earlier in this section.
+
+   Appendix C.1 contains examples for ML-KEM private keys encoded using
+   the textual encoding defined in [RFC7468].
+
+6.  Security Considerations
+
+   The Security Considerations section of [RFC5280] applies to this
+   specification as well.
+
+   Protection of the private-key information, i.e., the seed, is vital
+   to public-key cryptography.  Disclosure of the private-key material
+   to another entity can lead to masquerades.
+
+   For ML-KEM specific security considerations refer to
+   [I-D.sfluhrer-cfrg-ml-kem-security-considerations].
+
+   The generation of private keys relies on random numbers.  The use of
+   inadequate pseudo-random number generators (PRNGs) to generate these
+   values can result in little or no security.  An attacker may find it
+   much easier to reproduce the PRNG environment that produced the keys,
+   searching the resulting small set of possibilities, rather than brute
+   force searching the whole key space.  The generation of quality
+   random numbers is difficult, and [RFC4086] offers important guidance
+   in this area.
+
+   ML-KEM key generation as standardized in [FIPS203] has specific
+   requirements around randomness generation, described in section 3.3,
+   'Randomness generation'.
+
+   Key formats have implications on KEM binding properties, initially
+   formalized in [CDM23].  Per the analysis of the final [FIPS203] in
+   [KEMMY24], a compliant instantiation of ML-KEM is LEAK-BIND-K-PK-
+   secure and LEAK-BIND-K-CT-secure when using the expanded key format,
+   but not MAL-BIND-K-PK-secure nor MAL-BIND-K-CT-secure.  This means
+   that the computed shared secret binds to the encapsulation key used
+   to compute it against a malicious adversary that has access to
+   leaked, honestly-generated key material but is not capable of
+   manufacturing maliciously generated keypairs.  This binding to the
+   encapsulation key broadly protects against re-encapsulation attacks
+   but not completely.
+
+   Using the 64-byte seed format provides a step up in binding security
+   by mitigating an attack enabled by the hash of the public
+   encapsulation key stored in the expanded private decapsulation key
+   format, providing MAL-BIND-K-CT security and LEAK-BIND-K-PK security.
+
+7.  IANA Considerations
+
+   For the ASN.1 Module in Appendix A, IANA is requested to assign an
+   object identifier (OID) for the module identifier (TBD) with a
+   Description of "id-mod-x509-ml-kem-2024".  The OID for the module
+   should be allocated in the "SMI Security for PKIX Module Identifier"
+   registry (1.3.6.1.5.5.7.0).
+
+8.  References
+
+8.1.  Normative References
+
+   [FIPS203]  "Module-lattice-based key-encapsulation mechanism
+              standard", National Institute of Standards and Technology
+              (U.S.), DOI 10.6028/nist.fips.203, August 2024,
+              <https://doi.org/10.6028/nist.fips.203>.
+
+   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
+              Requirement Levels", BCP 14, RFC 2119,
+              DOI 10.17487/RFC2119, March 1997,
+              <https://www.rfc-editor.org/rfc/rfc2119>.
+
+   [RFC5280]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
+              Housley, R., and W. Polk, "Internet X.509 Public Key
+              Infrastructure Certificate and Certificate Revocation List
+              (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
+              <https://www.rfc-editor.org/rfc/rfc5280>.
+
+   [RFC5912]  Hoffman, P. and J. Schaad, "New ASN.1 Modules for the
+              Public Key Infrastructure Using X.509 (PKIX)", RFC 5912,
+              DOI 10.17487/RFC5912, June 2010,
+              <https://www.rfc-editor.org/rfc/rfc5912>.
+
+   [RFC5958]  Turner, S., "Asymmetric Key Packages", RFC 5958,
+              DOI 10.17487/RFC5958, August 2010,
+              <https://www.rfc-editor.org/rfc/rfc5958>.
+
+   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
+              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
+              May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.
+
+   [RFC9629]  Housley, R., Gray, J., and T. Okubo, "Using Key
+              Encapsulation Mechanism (KEM) Algorithms in the
+              Cryptographic Message Syntax (CMS)", RFC 9629,
+              DOI 10.17487/RFC9629, August 2024,
+              <https://www.rfc-editor.org/rfc/rfc9629>.
+
+   [X680]     ITU-T, "Information technology - Abstract Syntax Notation
+              One (ASN.1): Specification of basic notation", ITU-T
+              Recommendation X.680, ISO/IEC 8824-1:2021, February 2021,
+              <https://www.itu.int/rec/T-REC-X.680>.
+
+   [X690]     ITU-T, "Information technology - Abstract Syntax Notation
+              One (ASN.1): ASN.1 encoding rules: Specification of Basic
+              Encoding Rules (BER), Canonical Encoding Rules (CER) and
+              Distinguished Encoding Rules (DER)", ITU-T
+              Recommendation X.690, ISO/IEC 8825-1:2021, February 2021,
+              <https://www.itu.int/rec/T-REC-X.690>.
+
+8.2.  Informative References
+
+   [CDM23]    Cremers, C., Dax, A., and N. Medinger, "Keeping Up with
+              the KEMs: Stronger Security Notions for KEMs and automated
+              analysis of KEM-based protocols", 2023,
+              <https://eprint.iacr.org/2023/1933.pdf>.
+
+   [I-D.celi-wiggers-tls-authkem]
+              Wiggers, T., Celi, S., Schwabe, P., Stebila, D., and N.
+              Sullivan, "KEM-based Authentication for TLS 1.3", Work in
+              Progress, Internet-Draft, draft-celi-wiggers-tls-authkem-
+              04, 17 October 2024,
+              <https://datatracker.ietf.org/doc/html/draft-celi-wiggers-
+              tls-authkem-04>.
+
+   [I-D.ietf-lamps-cms-kyber]
+              Prat, J., Ounsworth, M., and D. Van Geest, "Use of ML-KEM
+              in the Cryptographic Message Syntax (CMS)", Work in
+              Progress, Internet-Draft, draft-ietf-lamps-cms-kyber-06,
+              11 December 2024, <https://datatracker.ietf.org/doc/html/
+              draft-ietf-lamps-cms-kyber-06>.
+
+   [I-D.lamps-dilithium-certificates]
+              "*** BROKEN REFERENCE ***".
+
+   [I-D.sfluhrer-cfrg-ml-kem-security-considerations]
+              Fluhrer, S., Dang, Q., Mattsson, J. P., Milner, K., and D.
+              Shiu, "ML-KEM Security Considerations", Work in Progress,
+              Internet-Draft, draft-sfluhrer-cfrg-ml-kem-security-
+              considerations-02, 19 November 2024,
+              <https://datatracker.ietf.org/doc/html/draft-sfluhrer-
+              cfrg-ml-kem-security-considerations-02>.
+
+   [KEMMY24]  Schmieg, S., "Unbindable Kemmy Schmidt: ML-KEM is neither
+              MAL-BIND-K-CT nor MAL-BIND-K-PK", 2024,
+              <https://eprint.iacr.org/2024/523.pdf>.
+
+   [NIST-PQC] National Institute of Standards and Technology (NIST),
+              "Post-Quantum Cryptography Project", 20 December 2016,
+              <https://csrc.nist.gov/projects/post-quantum-
+              cryptography>.
+
+   [RFC4086]  Eastlake 3rd, D., Schiller, J., and S. Crocker,
+              "Randomness Requirements for Security", BCP 106, RFC 4086,
+              DOI 10.17487/RFC4086, June 2005,
+              <https://www.rfc-editor.org/rfc/rfc4086>.
+
+   [RFC7468]  Josefsson, S. and S. Leonard, "Textual Encodings of PKIX,
+              PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468,
+              April 2015, <https://www.rfc-editor.org/rfc/rfc7468>.
+
+Appendix A.  ASN.1 Module
+
+   This appendix includes the ASN.1 module [X680] for the ML-KEM.  Note
+   that as per [RFC5280], certificates use the Distinguished Encoding
+   Rules; see [X690].  This module imports objects from [RFC5912] and
+   [RFC9629].
+
+   <CODE BEGINS>
+   X509-ML-KEM-2024
+   { iso(1) identified-organization(3) dod(6)
+     internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+     id-mod-x509-ml-kem-2024(TBD) }
+
+   DEFINITIONS IMPLICIT TAGS ::= BEGIN
+
+   EXPORTS ALL;
+
+   IMPORTS
+     PUBLIC-KEY
+       FROM AlgorithmInformation-2009  -- [RFC 5912]
+         { iso(1) identified-organization(3) dod(6) internet(1)
+           security(5) mechanisms(5) pkix(7) id-mod(0)
+           id-mod-algorithmInformation-02(58) }
+
+     KEM-ALGORITHM
+       FROM KEMAlgorithmInformation-2023  -- [RFC 9629]
+         { iso(1) identified-organization(3) dod(6) internet(1)
+           security(5) mechanisms(5) pkix(7) id-mod(0)
+           id-mod-kemAlgorithmInformation-2023(109) };
+
+   --
+   -- ML-KEM Identifiers
+   --
+
+   nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+     country(16) us(840) organization(1) gov(101) csor(3)
+     nistAlgorithm(4) }
+
+   kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+   id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+   id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+   id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
+     --
+     -- Public Key Algorithms
+     --
+     -- To use the following with the PKIX1Explicit-2009 [RFC5912], replace
+     -- the PublicKeyAlgorithms therein with the following:
+     --
+     -- PublicKeyAlgorithms PUBLIC-KEY ::= {
+     --   PKIXAlgs-2009.PublicKeys,
+     --   ...,
+     --   PKIX1-PSS-OAEP-Algorithms-2009.PublicKeys,
+     --   X509-ML-KEM-2024.PublicKeys }
+
+     --
+     -- Public Key (pk-) Algorithms
+     --
+
+   PublicKeys PUBLIC-KEY ::= {
+     -- This expands PublicKeys from RFC 5912
+     pk-ml-kem-512 |
+     pk-ml-kem-768 |
+     pk-ml-kem-1024,
+     ...
+     }
+
+   --
+   -- ML-KEM Public Keys
+   --
+
+   pk-ml-kem-512 PUBLIC-KEY ::= {
+     IDENTIFIER id-alg-ml-kem-512
+     -- KEY no ASN.1 wrapping --
+     PARAMS ARE absent
+     CERT-KEY-USAGE { keyEncipherment }
+     --- PRIVATE-KEY no ASN.1 wrapping --
+     }
+
+   pk-ml-kem-768 PUBLIC-KEY ::= {
+     IDENTIFIER id-alg-ml-kem-768
+     -- KEY no ASN.1 wrapping --
+     PARAMS ARE absent
+     CERT-KEY-USAGE { keyEncipherment }
+     --- PRIVATE-KEY no ASN.1 wrapping --
+     }
+
+   pk-ml-kem-1024 PUBLIC-KEY ::= {
+     IDENTIFIER id-alg-ml-kem-1024
+     -- KEY no ASN.1 wrapping --
+     PARAMS ARE absent
+     CERT-KEY-USAGE { keyEncipherment }
+     --- PRIVATE-KEY no ASN.1 wrapping --
+     }
+
+   END
+   <CODE ENDS>
+
+Appendix B.  Security Strengths
+
+   Instead of defining the strength of a quantum algorithm in a
+   traditional manner using the imprecise notion of bits of security,
+   NIST has defined security levels by picking a reference scheme, which
+   NIST expects to offer notable levels of resistance to both quantum
+   and classical attack.  To wit, a KEM algorithm that achieves NIST PQC
+   security must require computational resources to break IND-CCA2
+   security comparable or greater than that required for key search on
+   AES-128, AES-192, and AES-256 for Levels 1, 3, and 5, respectively.
+   Levels 2 and 4 use collision search for SHA-256 and SHA-384 as
+   reference.
+
+      |  TODO: what should go in this table?
+
+    +=======+===============+=============+========+============+====+
+    | Level | Parameter Set | Encap.  Key | Decap. | Ciphertext | SS |
+    |       |               |             | Key    |            |    |
+    +=======+===============+=============+========+============+====+
+    | 1     | ML-KEM-512    | 800         | 1632   | 768        | 32 |
+    +-------+---------------+-------------+--------+------------+----+
+    | 3     | ML-KEM-768    | 1184        | 2400   | 1952       | 32 |
+    +-------+---------------+-------------+--------+------------+----+
+    | 5     | ML-KEM-1024   | 1568        | 3168   | 2592       | 32 |
+    +-------+---------------+-------------+--------+------------+----+
+
+                    Table 1: ML-KEM security strengths
+
+Appendix C.  Examples
+
+   This appendix contains examples of ML-KEM public keys, private keys
+   and certificates.
+
+C.1.  Example Private Key
+
+   The following is an example of a ML-KEM-512 private key with hex seed
+   0001…3f:
+
+   -----BEGIN PRIVATE KEY-----
+   MFICAQAwCwYJYIZIAWUDBAQBBEAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob
+   HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/
+   -----END PRIVATE KEY-----
+
+   0  82: SEQUENCE
+   2   2:  INTEGER 0
+   5  11:  SEQUENCE {
+   7   9:   OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.1'
+        :   }
+   18 64:  OCTET STRING
+        :    00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+        :    10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+        :    20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+        :    30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f
+        :  }
+
+   The following is an example of a ML-KEM-768 private key from the same
+   seed.
+
+   -----BEGIN PRIVATE KEY-----
+   MFICAQAwCwYJYIZIAWUDBAQCBEAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob
+   HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/
+   -----END PRIVATE KEY-----
+
+   0  82: SEQUENCE
+   2   2:  INTEGER 0
+   5  11:  SEQUENCE {
+   7   9:   OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.2'
+        :   }
+   18 64:  OCTET STRING
+        :    00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+        :    10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+        :    20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+        :    30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f
+        :  }
+
+   The following is an example of a ML-KEM-1024 private key from the
+   same seed.
+
+   -----BEGIN PRIVATE KEY-----
+   MFICAQAwCwYJYIZIAWUDBAQDBEAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob
+   HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/
+   -----END PRIVATE KEY-----
+
+   0  82: SEQUENCE
+   2   2:  INTEGER 0
+   5  11:  SEQUENCE {
+   7   9:   OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.3'
+        :   }
+   18 64:  OCTET STRING
+        :    00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+        :    10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+        :    20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+        :    30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f
+        :  }
+
+      |  NOTE: The private key is the seed and all three examples keys
+      |  use the same seed; therefore, the private above are the same
+      |  except for the OID used to represent the ML-KEM algorithm's
+      |  security strength.
+
+C.2.  Example Public Key
+
+   The following is the ML-KEM-512 public key corresponding to the
+   private key in the previous section.
+
+   -----BEGIN PUBLIC KEY-----
+   MIIDMjALBglghkgBZQMEBAEDggMhADmVgV5ZfRBDVc8pqlMzyTJRhp1bzb5IcST2
+   Ari2pmwWxHYWSK12XPXYAGtRXpBafwrAdrDGLvoygVPnylcBaZ8TBfHmvG+QsOSb
+   aTUSts6ZKouAFt38GmYsfj+WGcvYad13GvMIlszVkYrGy3dGbF53mZbWf/mqvJdQ
+   Pyx7fi0ADYZFD7GAfKTKvaRlgloxx4mht6SRqzhydl0yDQtxkg+iE8lAk0Frg7gS
+   Tmn2XmLLUADcw3qpoP/3OXDEdy81fSQYnKb1MFVowOI3ajdipoxgXlY8XSCVcuD8
+   dTLKKUcpU1VntfxBPF6HktJGRTbMgI+YrddGZPFBVm+QFqkKVBgpqYoEZM5BqLtE
+   wtT6PCwglGByjvFKGnxMm5jRIgO0zDUpFgqasteDj3/2tTrgWqMafWRrevpsRZMl
+   JqPDdVYZvplMIRwqMcBbNEeDbLIVC+GCna5rBMVTXP9Ubjkrp5dBFyD5JPSQpaxU
+   lfITVtVQt4KmTBaItrZVvMeEIZekNML2Vjtbfwmni8xIgjJ4NWHRb0y6tnVUAAUH
+   gVcMZmBLgXrRJSKUc26LAYYaS1p0UZuLb+UUiaUHI5Llh2JscTd2V10zgGocjicy
+   r5fCaA9RZmMxxOuLvAQxxPloMtrxs8RVKPuhU/bHixwZhwKUfM0zdyekb7U7oR3l
+   y0GRNGhZUWy2rXJADzzyCbI2rvNaWArIfrPjD6/WaXPKin3SZ1r0H3oXthQzzRr4
+   D3cIhp9mVIhJeYCxrBCgzctjagDthoGzXkKRJMqANQcluF+DperDpKPMFgCQPmUp
+   NWC5szblrw1SnawaBIEZMCy3qbzBELlIUb8CEX8ZncSFqFK3Rz8JuDGmgx1bVMC3
+   kNIlz2u5LZRiomzbM92lEjx6rw4moLg2Ve6ii/OoB0clAY/WuuS2Ac9huqtxp6PT
+   UZejQ+dLSicsEl1UCJZCbYW3lY07OKa6mH7DciXHtEzbEt3kU5tKsII2NoPwS/eg
+   nMXEHf6DChsWLgsyQzQ2LwhKFEZ3IzRLrdAA+NjFN8SPmY8FMHzr0e3guBw7xZoG
+   WhttY7Js
+   -----END PUBLIC KEY-----
+
+   0  818: SEQUENCE {
+   4   11:   SEQUENCE {
+   6    9:     OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.1'
+         :     }
+   17 801:   BIT STRING
+         :     00 39 95 81 5e 59 7d 10 43 55 cf 29 aa 53 33 c9
+         :     32 51 86 9d 5b cd be 48 71 24 f6 02 b8 b6 a6 6c
+         :     7f 0a c0 76 b0 c6 2e fa 32 81 53 e7 ca 57 01 69
+         :     9f 13 05 f1 e6 bc 6f 90 b0 e4 9b 69 35 12 b6 ce
+         :     99 2a 8b 80 16 dd fc 1a 66 2c 7e 3f 96 19 cb d8
+         :     69 dd 77 1a f3 08 96 cc d5 91 8a c6 cb 77 46 6c
+         :     5e 77 99 96 d6 7f f9 aa bc 97 50 3f 2c 7b 7e 2d
+         :     00 0d 86 45 0f b1 80 7c a4 ca bd a4 65 82 5a 31
+         :     c7 89 a1 b7 a4 91 ab 38 72 76 5d 32 0d 0b 71 92
+         :     0f a2 13 c9 40 93 41 6b 83 b8 12 4e 69 f6 5e 62
+         :     cb 50 00 dc c3 7a a9 a0 ff f7 39 70 c4 77 2f 35
+         :     7d 24 18 9c a6 f5 30 55 68 c0 e2 37 6a 37 62 a6
+         :     8c 60 5e 56 3c 5d 20 95 72 e0 fc 75 32 ca 29 47
+         :     29 53 55 67 b5 fc 41 3c 5e 87 92 d2 46 45 36 cc
+         :     80 8f 98 ad d7 46 64 f1 41 56 6f 90 16 a9 0a 54
+         :     18 29 a9 8a 04 64 ce 41 a8 bb 44 c2 d4 fa 3c 2c
+         :     20 94 60 72 8e f1 4a 1a 7c 4c 9b 98 d1 22 03 b4
+         :     cc 35 29 16 0a 9a b2 d7 83 8f 7f f6 b5 3a e0 5a
+         :     a3 1a 7d 64 6b 7a fa 6c 45 93 25 26 a3 c3 75 56
+         :     19 be 99 4c 21 1c 2a 31 c0 5b 34 47 83 6c b2 15
+         :     0b e1 82 9d ae 6b 04 c5 53 5c ff 54 6e 39 2b a7
+         :     97 41 17 20 f9 24 f4 90 a5 ac 54 95 f2 13 56 d5
+         :     50 b7 82 a6 4c 16 88 b6 b6 55 bc c7 84 21 97 a4
+         :     34 c2 f6 56 3b 5b 7f 09 a7 8b cc 48 82 32 78 35
+         :     61 d1 6f 4c ba b6 75 54 00 05 07 81 57 0c 66 60
+         :     4b 81 7a d1 25 22 94 73 6e 8b 01 86 1a 4b 5a 74
+         :     51 9b 8b 6f e5 14 89 a5 07 23 92 e5 87 62 6c 71
+         :     37 76 57 5d 33 80 6a 1c 8e 27 32 af 97 c2 68 0f
+         :     51 66 63 31 c4 eb 8b bc 04 31 c4 f9 68 32 da f1
+         :     b3 c4 55 28 fb a1 53 f6 c7 8b 1c 19 87 02 94 7c
+         :     cd 33 77 27 a4 6f b5 3b a1 1d e5 cb 41 91 34 68
+         :     59 51 6c b6 ad 72 40 0f 3c f2 09 b2 36 ae f3 5a
+         :     58 0a c8 7e b3 e3 0f af d6 69 73 ca 8a 7d d2 67
+         :     5a f4 1f 7a 17 b6 14 33 cd 1a f8 0f 77 08 86 9f
+         :     66 54 88 49 79 80 b1 ac 10 a0 cd cb 63 6a 00 ed
+         :     86 81 b3 5e 42 91 24 ca 80 35 07 25 b8 5f 83 a5
+         :     ea c3 a4 a3 cc 16 00 90 3e 65 29 35 60 b9 b3 36
+         :     e5 af 0d 52 9d ac 1a 04 81 19 30 2c b7 a9 bc c1
+         :     10 b9 48 51 bf 02 11 7f 19 9d c4 85 a8 52 b7 47
+         :     3f 09 b8 31 a6 83 1d 5b 54 c0 b7 90 d2 25 cf 6b
+         :     b9 2d 94 62 a2 6c db 33 dd a5 12 3c 7a af 0e 26
+         :     a0 b8 36 55 ee a2 8b f3 a8 07 47 25 01 8f d6 ba
+         :     e4 b6 01 cf 61 ba ab 71 a7 a3 d3 51 97 a3 43 e7
+         :     4b 4a 27 2c 12 5d 54 08 96 42 6d 85 b7 95 8d 3b
+         :     38 a6 ba 98 7e c3 72 25 c7 b4 4c db 12 dd e4 53
+         :     9b 4a b0 82 36 36 83 f0 4b f7 a0 9c c5 c4 1d fe
+         :     83 0a 1b 16 2e 0b 32 43 34 36 2f 08 4a 14 46 77
+         :     23 34 4b ad d0 00 f8 d8 c5 37 c4 8f 99 8f 05 30
+         :     7c eb d1 ed e0 b8 1c 3b c5 9a 06 5a 1b 6d 63 b2
+         :     6c
+         :   }
+
+   The following is the ML-KEM-768 public key corresponding to the
+   private key in the previous section.
+
+   -----BEGIN PUBLIC KEY-----
+   MIIEsjALBglghkgBZQMEBAIDggShACmKoQ1CPI3aBp0CvFnmzfA6CWuLPaTKubgM
+   pKFJB2cszvHsT68jSgvFt+nUc/KzEzs7JqHRdctnp4BZGWmcAvdlMbmcX4kYBwS7
+   TKRTXFuJcmecZgoHxeUUuHAJyGLrj1FXaV77P8QKne9rgcHMAqJJrk8JStDZvTSF
+   wcHGgIBSCnyMYyAyzuc4FU5cUXbAfaVgJHdqQw/nbqz2ZaP3uDIQIhW8gvEJOcg1
+   VwQzao+sHYHkuwSFql18dNa1m75cXpcqDYusQRtVtdVVfNaAoaj3G064a8SMmgUJ
+   cxpUvZ1ykLJ5Y+Q3Lcmxmc/crAsBrNKKYjlREuTENkjWIsSMgjTQFEDozDdskn8j
+   pa/JrAR0xmInTkJFJchVLs47P+JlFt6QG8fVFb3olVjmJslcgLkzQvgBAATznmxs
+   lIccXjRMqzlmyDX5qWpZr9McQChrOLHBp4RwurlHUYk0RTzoZzapGfH1ptUQqG9U
+   VPw5gMtcdlvSvV97NrFBDWY1yM60fE3aDXaijqyTnHHDAkgEhmxxYmZYRCFjwsIh
+   F+UKzvzmN4qYVlIwKk7wws4Mxxa3eW4ray43d9+hrD2iWaMbWptTD4y2OKgaYqww
+   GEmrr5WnMBvaMAaJCb/bfmfbzLs4pVUaJbGjoPaFdIrVdT2IgPABbGJ0hhZjhMVX
+   H+I2WQA2TQODEeLYdds2ZoaTK17GAkMKNp6Hpu9cM4eGZXglvUwFes65I+sJNeaQ
+   XmO0ztf4CFenc91ksVDSZhLqmsEgUtsgF78YQ8y0sygbaQ3HKK36hcACgbjjwJKH
+   M1+Fa0/CiS9povV5Ia2gGRTECYhmLVd2lmKnhjUbm2ZJPat5WU2YbeIQDWW6D/Tq
+   WLgVONJKRDWiWPrCVASqf0H2WLE4UGXhWNy2ARVzJyD0BFmqrBXkBpU6kKxSmX0c
+   zQcAYO/GXbnmUzVEZ/rVbscTyG51QMQjrPJmn1L6b0rGiI2HHvPoR8ApqKr7uS4X
+   skqgebH0GbphdbRCr7EZCdSla3CgM1soc5IYqnyTSOLDwvPrPRWkHmQXwN2Uv+sh
+   QZsxGnuxOhgLvoMyGKmmsXRHzIXyJYWVh6cwdwSay8/UTQ8CVDjhXRU4Jw1Ybhv4
+   MZKpRZz2PA6XL4UpdnmDHs8SFQmFHLg0D28Qew+hoO/Rs2qBibwIXE9ct4TlU/Qb
+   kY+AOXzhlW94W+43fKmqi+aZitowwmt8PYxrVSVMyWIDsgxCruCsTh67QI5JqeP4
+   edCrB4XrcCVCXRMFoimcAV4SDRY7DhlJTOVyU9AkbRgnRcuBl6t0OLPBu3lyvsWj
+   BuujVnhVwBRpn+9lrlTHcKDYXBhADPZCrtxmB3e6SxOFAr1aeBL2IfhKSClrmN1D
+   IrbxWCi4qPDgCoukSlPDqLFDVxsHQKvVZ9rxzenHnCBLbV4lnRdmoxu7y05qBc9F
+   AhdrMBwcL0Ekd1AVe87IXoCbMKTWDXdHzdD1uZqoyCaYdRd5OqqAgKCxJKhVjfcr
+   vje3X07btr6CFtbGM/srIoDiURPYaV5DSBw+6zl+sZJQUim2eiAeqJPD4ssy2ovD
+   QvpN6gV4
+   -----END PUBLIC KEY-----
+
+   0 1202: SEQUENCE {
+   4   11:   SEQUENCE {
+   6    9:     OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.2'
+         :     }
+   17 801:   BIT STRING
+         :     00 29 8a a1 0d 42 3c 8d da 06 9d 02 bc 59 e6 cd
+         :     f0 3a 09 6b 8b 3d a4 ca b9 b8 0c a4 a1 49 07 67
+         :     2c ce f1 ec 4f af 23 4a 0b c5 b7 e9 d4 73 f2 b3
+         :     13 3b 3b 26 a1 d1 75 cb 67 a7 80 59 19 69 9c 02
+         :     f7 65 31 b9 9c 5f 89 18 07 04 bb 4c a4 53 5c 5b
+         :     89 72 67 9c 66 0a 07 c5 e5 14 b8 70 09 c8 62 eb
+         :     8f 51 57 69 5e fb 3f c4 0a 9d ef 6b 81 c1 cc 02
+         :     a2 49 ae 4f 09 4a d0 d9 bd 34 85 c1 c1 c6 80 80
+         :     52 0a 7c 8c 63 20 32 ce e7 38 15 4e 5c 51 76 c0
+         :     7d a5 60 24 77 6a 43 0f e7 6e ac f6 65 a3 f7 b8
+         :     32 10 22 15 bc 82 f1 09 39 c8 35 57 04 33 6a 8f
+         :     ac 1d 81 e4 bb 04 85 aa 5d 7c 74 d6 b5 9b be 5c
+         :     5e 97 2a 0d 8b ac 41 1b 55 b5 d5 55 7c d6 80 a1
+         :     a8 f7 1b 4e b8 6b c4 8c 9a 05 09 73 1a 54 bd 9d
+         :     72 90 b2 79 63 e4 37 2d c9 b1 99 cf dc ac 0b 01
+         :     ac d2 8a 62 39 51 12 e4 c4 36 48 d6 22 c4 8c 82
+         :     34 d0 14 40 e8 cc 37 6c 92 7f 23 a5 af c9 ac 04
+         :     74 c6 62 27 4e 42 45 25 c8 55 2e ce 3b 3f e2 65
+         :     16 de 90 1b c7 d5 15 bd e8 95 58 e6 26 c9 5c 80
+         :     b9 33 42 f8 01 00 04 f3 9e 6c 6c 94 87 1c 5e 34
+         :     4c ab 39 66 c8 35 f9 a9 6a 59 af d3 1c 40 28 6b
+         :     38 b1 c1 a7 84 70 ba b9 47 51 89 34 45 3c e8 67
+         :     36 a9 19 f1 f5 a6 d5 10 a8 6f 54 54 fc 39 80 cb
+         :     5c 76 5b d2 bd 5f 7b 36 b1 41 0d 66 35 c8 ce b4
+         :     7c 4d da 0d 76 a2 8e ac 93 9c 71 c3 02 48 04 86
+         :     6c 71 62 66 58 44 21 63 c2 c2 21 17 e5 0a ce fc
+         :     e6 37 8a 98 56 52 30 2a 4e f0 c2 ce 0c c7 16 b7
+         :     79 6e 2b 6b 2e 37 77 df a1 ac 3d a2 59 a3 1b 5a
+         :     9b 53 0f 8c b6 38 a8 1a 62 ac 30 18 49 ab af 95
+         :     a7 30 1b da 30 06 89 09 bf db 7e 67 db cc bb 38
+         :     a5 55 1a 25 b1 a3 a0 f6 85 74 8a d5 75 3d 88 80
+         :     f0 01 6c 62 74 86 16 63 84 c5 57 1f e2 36 59 00
+         :     36 4d 03 83 11 e2 d8 75 db 36 66 86 93 2b 5e c6
+         :     02 43 0a 36 9e 87 a6 ef 5c 33 87 86 65 78 25 bd
+         :     4c 05 7a ce b9 23 eb 09 35 e6 90 5e 63 b4 ce d7
+         :     f8 08 57 a7 73 dd 64 b1 50 d2 66 12 ea 9a c1 20
+         :     52 db 20 17 bf 18 43 cc b4 b3 28 1b 69 0d c7 28
+         :     ad fa 85 c0 02 81 b8 e3 c0 92 87 33 5f 85 6b 4f
+         :     c2 89 2f 69 a2 f5 79 21 ad a0 19 14 c4 09 88 66
+         :     2d 57 76 96 62 a7 86 35 1b 9b 66 49 3d ab 79 59
+         :     4d 98 6d e2 10 0d 65 ba 0f f4 ea 58 b8 15 38 d2
+         :     4a 44 35 a2 58 fa c2 54 04 aa 7f 41 f6 58 b1 38
+         :     50 65 e1 58 dc b6 01 15 73 27 20 f4 04 59 aa ac
+         :     15 e4 06 95 3a 90 ac 52 99 7d 1c cd 07 00 60 ef
+         :     c6 5d b9 e6 53 35 44 67 fa d5 6e c7 13 c8 6e 75
+         :     40 c4 23 ac f2 66 9f 52 fa 6f 4a c6 88 8d 87 1e
+         :     f3 e8 47 c0 29 a8 aa fb b9 2e 17 b2 4a a0 79 b1
+         :     f4 19 ba 61 75 b4 42 af b1 19 09 d4 a5 6b 70 a0
+         :     33 5b 28 73 92 18 aa 7c 93 48 e2 c3 c2 f3 eb 3d
+         :     15 a4 1e 64 17 c0 dd 94 bf eb 21 41 9b 31 1a 7b
+         :     b1 3a 18 0b be 83 32 18 a9 a6 b1 74 47 cc 85 f2
+         :     25 85 95 87 a7 30 77 04 9a cb cf d4 4d 0f 02 54
+         :     38 e1 5d 15 38 27 0d 58 6e 1b f8 31 92 a9 45 9c
+         :     f6 3c 0e 97 2f 85 29 76 79 83 1e cf 12 15 09 85
+         :     1c b8 34 0f 6f 10 7b 0f a1 a0 ef d1 b3 6a 81 89
+         :     bc 08 5c 4f 5c b7 84 e5 53 f4 1b 91 8f 80 39 7c
+         :     e1 95 6f 78 5b ee 37 7c a9 aa 8b e6 99 8a da 30
+         :     c2 6b 7c 3d 8c 6b 55 25 4c c9 62 03 b2 0c 42 ae
+         :     e0 ac 4e 1e bb 40 8e 49 a9 e3 f8 79 d0 ab 07 85
+         :     eb 70 25 42 5d 13 05 a2 29 9c 01 5e 12 0d 16 3b
+         :     0e 19 49 4c e5 72 53 d0 24 6d 18 27 45 cb 81 97
+         :     ab 74 38 b3 c1 bb 79 72 be c5 a3 06 eb a3 56 78
+         :     55 c0 14 69 9f ef 65 ae 54 c7 70 a0 d8 5c 18 40
+         :     0c f6 42 ae dc 66 07 77 ba 4b 13 85 02 bd 5a 78
+         :     12 f6 21 f8 4a 48 29 6b 98 dd 43 22 b6 f1 58 28
+         :     b8 a8 f0 e0 0a 8b a4 4a 53 c3 a8 b1 43 57 1b 07
+         :     40 ab d5 67 da f1 cd e9 c7 9c 20 4b 6d 5e 25 9d
+         :     17 66 a3 1b bb cb 4e 6a 05 cf 45 02 17 6b 30 1c
+         :     1c 2f 41 24 77 50 15 7b ce c8 5e 80 9b 30 a4 d6
+         :     0d 77 47 cd d0 f5 b9 9a a8 c8 26 98 75 17 79 3a
+         :     aa 80 80 a0 b1 24 a8 55 8d f7 2b be 37 b7 5f 4e
+         :     db b6 be 82 16 d6 c6 33 fb 2b 22 80 e2 51 13 d8
+         :     69 5e 43 48 1c 3e eb 39 7e b1 92 50 52 29 b6 7a
+         :     20 1e a8 93 c3 e2 cb 32 da 8b c3 42 fa 4d ea 05
+         :     78
+         :   }
+
+   The following is the ML-KEM-1024 public key corresponding to the
+   private key in the previous section.
+
+   -----BEGIN PUBLIC KEY-----
+   MIIGMjALBglghkgBZQMEBAMDggYhAEuUwpRQERGRgjs1FMmsHqPZglzLhjk6LfsE
+   ZU+iGS03v60cSXxlAu7lyoCnO/zguvWlSohYWkATl6PSMvQmp6+wgrwhpEMXCQ6q
+   x1ksLqiKZTxEkeoZOTEzX1LpiaPEzFbZxVNzLVfEcPtBq3WbZdLQREU4L82cTjRK
+   ESj6nhHgQ1jhku0BSyMjKn7isi4jcX9EER7jNXU5nDdkbamBPsmyEq/pTl3FwjMK
+   cpTMH0I0ptP7tPFoWriJLASssXzRwXDXsGEbanF2x5TMjGf1X8kjwq0gMQDzZZkY
+   gsMCQ9d4E4Q7XsfJZAMiY3BgkuzwDHUWvmTkWYykImwGm7XmfkF1zyKGyN1cSIps
+   WGHzG6oL0CaUcOi1Ud07zTjIbBL5zbF2x33ItsAqcB9HiQLIVT9pTA2CcntMSlws
+   EEEhKqEnSAi4IRGzd+x1IU6bGXj3YATUE52YYT9LjpjSCve1NAc6UJqVm3p1ZPm0
+   DKIYv2GCkyCoUCAXlU0yjXrGx2nsKXAHVuewaFs0DV4RgFlQSkmppQoQGY6xCleE
+   Z460J9e0uruVUpM7BiiXlz4TGOrwoOrDdYSmVAGxcD4EKszYN1MUg/JBytzRwdN4
+   EZ5pRCnbGZrIkeTFNDdXCFuzrng2ZzUMRFjZdnLoYegLHSZ5UQ6jpvI2DHekaULH
+   oGpVTSKAgMhLR67xTbF2IMsWwGqzChvkzacIK+n4fpwhHEaRY0mluo6qUgHHKUo8
+   CIW1O2V0UhCIJexkbJCgRhIyTufQMa/lNDEyy+9ntu+xpewoCbdzU4znez2LBOsL
+   PCJWAR5McWwZqLoHUr9xSSEXZJ8GFcMpD8KaRv3kvVLbkobWAziCRCWcFaesK2QK
+   YMwDN2pYQaP7ikc1aPqbGiZyFfNMAWl7Dw5icXXXIQW3cHwpueYUvcM6b2yBipU3
+   C0J4gte0dnlqnsbrmTJ0zZsjkagrpF4zk9Lprpchyp1sG5iLWCdxP5CmWF3pQzUo
+   wCsDzhC7X3IBOND7tMMMEma5GOUpJd/hezf5XSK8pU9HWRmshZCYwPDQisWHXvKb
+   Vv0UHm7xX3AKC2bzlZXFiBdzc8RmmyG8Bx5MOqXwtKMbYljzXaJKw80px/IJJBDF
+   B4NVsTj7U6a5rm4LnAgkPnuqRcRzduuMfxPUz1Gqc2+jFUDJJB83DaVEv5+cKNml
+   fi8qfKlaTktGbmQas7zHat8ROdVnpvErUvOmXn7AquJryqjFWDOwTlmZjryaGTD7
+   ttIjPFPSwfi5UY48Lec6Gd7ms4Clsylxz2ThKf1sH6bnXUojRQHpZt06VAr1yPTz
+   SmtKJT7ihJJWbV5nxvVYVfywUG+wbBVnRNmgOjGib6lMrRTxV7fzA9B6acdzdo/L
+   TQecCQWXA6DDqU3kuZ6jovFlg9D5Fwo5UNsHtPC8MIApJ/n3lhtiWYkmNqlQKicF
+   MDY3eZ3TRNpFHBz3v2eEDOsweauMa4wZJ/ZAU8YSRQxFyeYDvBZmbllrNHHhA7bx
+   VEdCTRcCIEgRH/vTfhxnD2TxS4p7MrlMGkm0XdL8OM1SidkQrWNgLPXhMELGSsZ5
+   e4n7VRrQjgWpLSAMzLfnEu8jyTEss1DwKatTfihzR/0wdawQkGp4PxxsB8y4j0Ei
+   jEvhxkD3kLXDpdXTynkklddLxGFWJljAesYAJ2uSSrW8m+HwSUy3b4L0YKdICXJm
+   M4HhaZlgYdeZhZ7FTU9cpcQRwB2xWXsWWXdmneE6koo0r7rCWP6oxHZCOclCHcMR
+   m/W0dpkgaXgyexxTRe90anmDhB8FbiU0EAqyTU6au9CxfGqVvUw8DkD2nhYSrO6y
+   i5kIbJURbnIEJziTOQv0a4mbNihrDr8ZR7uYhPcyyifagrGbXcDMf4iFcUkQiIsj
+   EMT5MZ1BCzTmQzuQA+IXa7mVJXRWEG6JUhY7i6WSUwzFqgrrQ605j+npe6pSPXpE
+   MWd8PTrwcZ5HXbhcqVr1CJvqvrBbL6q0iWumD4HIhHKle0aoKIJqDN+0RvgYkYLS
+   v16sTsHMXer1mcihPkgjVAbRf/3cg0S2xmmEqGiqkvoCInoIaVDrDIcB7VjcYod2
+   uYOILhF1
+   -----END PUBLIC KEY-----
+
+   0  1586: SEQUENCE {
+   4    11:   SEQUENCE {
+   6     9:     OBJECT IDENTIFIER '2.16.840.1.101.3.4.4.3'
+          :     }
+   17 1569:   BIT STRING
+          :     00 4b 94 c2 94 50 11 11 91 82 3b 35 14 c9 ac 1e
+          :     a3 d9 82 5c cb 86 39 3a 2d fb 04 65 4f a2 19 2d
+          :     37 bf ad 1c 49 7c 65 02 ee e5 ca 80 a7 3b fc e0
+          :     ba f5 a5 4a 88 58 5a 40 13 97 a3 d2 32 f4 26 a7
+          :     af b0 82 bc 21 a4 43 17 09 0e aa c7 59 2c 2e a8
+          :     8a 65 3c 44 91 ea 19 39 31 33 5f 52 e9 89 a3 c4
+          :     cc 56 d9 c5 53 73 2d 57 c4 70 fb 41 ab 75 9b 65
+          :     d2 d0 44 45 38 2f cd 9c 4e 34 4a 11 28 fa 9e 11
+          :     e0 43 58 e1 92 ed 01 4b 23 23 2a 7e e2 b2 2e 23
+          :     71 7f 44 11 1e e3 35 75 39 9c 37 64 6d a9 81 3e
+          :     c9 b2 12 af e9 4e 5d c5 c2 33 0a 72 94 cc 1f 42
+          :     34 a6 d3 fb b4 f1 68 5a b8 89 2c 04 ac b1 7c d1
+          :     c1 70 d7 b0 61 1b 6a 71 76 c7 94 cc 8c 67 f5 5f
+          :     c9 23 c2 ad 20 31 00 f3 65 99 18 82 c3 02 43 d7
+          :     78 13 84 3b 5e c7 c9 64 03 22 63 70 60 92 ec f0
+          :     0c 75 16 be 64 e4 59 8c a4 22 6c 06 9b b5 e6 7e
+          :     41 75 cf 22 86 c8 dd 5c 48 8a 6c 58 61 f3 1b aa
+          :     0b d0 26 94 70 e8 b5 51 dd 3b cd 38 c8 6c 12 f9
+          :     cd b1 76 c7 7d c8 b6 c0 2a 70 1f 47 89 02 c8 55
+          :     3f 69 4c 0d 82 72 7b 4c 4a 5c 2c 10 41 21 2a a1
+          :     27 48 08 b8 21 11 b3 77 ec 75 21 4e 9b 19 78 f7
+          :     60 04 d4 13 9d 98 61 3f 4b 8e 98 d2 0a f7 b5 34
+          :     07 3a 50 9a 95 9b 7a 75 64 f9 b4 0c a2 18 bf 61
+          :     82 93 20 a8 50 20 17 95 4d 32 8d 7a c6 c7 69 ec
+          :     29 70 07 56 e7 b0 68 5b 34 0d 5e 11 80 59 50 4a
+          :     49 a9 a5 0a 10 19 8e b1 0a 57 84 67 8e b4 27 d7
+          :     b4 ba bb 95 52 93 3b 06 28 97 97 3e 13 18 ea f0
+          :     a0 ea c3 75 84 a6 54 01 b1 70 3e 04 2a cc d8 37
+          :     53 14 83 f2 41 ca dc d1 c1 d3 78 11 9e 69 44 29
+          :     db 19 9a c8 91 e4 c5 34 37 57 08 5b b3 ae 78 36
+          :     67 35 0c 44 58 d9 76 72 e8 61 e8 0b 1d 26 79 51
+          :     0e a3 a6 f2 36 0c 77 a4 69 42 c7 a0 6a 55 4d 22
+          :     80 80 c8 4b 47 ae f1 4d b1 76 20 cb 16 c0 6a b3
+          :     0a 1b e4 cd a7 08 2b e9 f8 7e 9c 21 1c 46 91 63
+          :     49 a5 ba 8e aa 52 01 c7 29 4a 3c 08 85 b5 3b 65
+          :     74 52 10 88 25 ec 64 6c 90 a0 46 12 32 4e e7 d0
+          :     31 af e5 34 31 32 cb ef 67 b6 ef b1 a5 ec 28 09
+          :     b7 73 53 8c e7 7b 3d 8b 04 eb 0b 3c 22 56 01 1e
+          :     4c 71 6c 19 a8 ba 07 52 bf 71 49 21 17 64 9f 06
+          :     15 c3 29 0f c2 9a 46 fd e4 bd 52 db 92 86 d6 03
+          :     38 82 44 25 9c 15 a7 ac 2b 64 0a 60 cc 03 37 6a
+          :     58 41 a3 fb 8a 47 35 68 fa 9b 1a 26 72 15 f3 4c
+          :     01 69 7b 0f 0e 62 71 75 d7 21 05 b7 70 7c 29 b9
+          :     e6 14 bd c3 3a 6f 6c 81 8a 95 37 0b 42 78 82 d7
+          :     b4 76 79 6a 9e c6 eb 99 32 74 cd 9b 23 91 a8 2b
+          :     a4 5e 33 93 d2 e9 ae 97 21 ca 9d 6c 1b 98 8b 58
+          :     27 71 3f 90 a6 58 5d e9 43 35 28 c0 2b 03 ce 10
+          :     bb 5f 72 01 38 d0 fb b4 c3 0c 12 66 b9 18 e5 29
+          :     25 df e1 7b 37 f9 5d 22 bc a5 4f 47 59 19 ac 85
+          :     90 98 c0 f0 d0 8a c5 87 5e f2 9b 56 fd 14 1e 6e
+          :     f1 5f 70 0a 0b 66 f3 95 95 c5 88 17 73 73 c4 66
+          :     9b 21 bc 07 1e 4c 3a a5 f0 b4 a3 1b 62 58 f3 5d
+          :     a2 4a c3 cd 29 c7 f2 09 24 10 c5 07 83 55 b1 38
+          :     fb 53 a6 b9 ae 6e 0b 9c 08 24 3e 7b aa 45 c4 73
+          :     76 eb 8c 7f 13 d4 cf 51 aa 73 6f a3 15 40 c9 24
+          :     1f 37 0d a5 44 bf 9f 9c 28 d9 a5 7e 2f 2a 7c a9
+          :     5a 4e 4b 46 6e 64 1a b3 bc c7 6a df 11 39 d5 67
+          :     a6 f1 2b 52 f3 a6 5e 7e c0 aa e2 6b ca a8 c5 58
+          :     33 b0 4e 59 99 8e bc 9a 19 30 fb b6 d2 23 3c 53
+          :     d2 c1 f8 b9 51 8e 3c 2d e7 3a 19 de e6 b3 80 a5
+          :     b3 29 71 cf 64 e1 29 fd 6c 1f a6 e7 5d 4a 23 45
+          :     01 e9 66 dd 3a 54 0a f5 c8 f4 f3 4a 6b 4a 25 3e
+          :     e2 84 92 56 6d 5e 67 c6 f5 58 55 fc b0 50 6f b0
+          :     6c 15 67 44 d9 a0 3a 31 a2 6f a9 4c ad 14 f1 57
+          :     b7 f3 03 d0 7a 69 c7 73 76 8f cb 4d 07 9c 09 05
+          :     97 03 a0 c3 a9 4d e4 b9 9e a3 a2 f1 65 83 d0 f9
+          :     17 0a 39 50 db 07 b4 f0 bc 30 80 29 27 f9 f7 96
+          :     1b 62 59 89 26 36 a9 50 2a 27 05 30 36 37 79 9d
+          :     d3 44 da 45 1c 1c f7 bf 67 84 0c eb 30 79 ab 8c
+          :     6b 8c 19 27 f6 40 53 c6 12 45 0c 45 c9 e6 03 bc
+          :     16 66 6e 59 6b 34 71 e1 03 b6 f1 54 47 42 4d 17
+          :     02 20 48 11 1f fb d3 7e 1c 67 0f 64 f1 4b 8a 7b
+          :     32 b9 4c 1a 49 b4 5d d2 fc 38 cd 52 89 d9 10 ad
+          :     63 60 2c f5 e1 30 42 c6 4a c6 79 7b 89 fb 55 1a
+          :     d0 8e 05 a9 2d 20 0c cc b7 e7 12 ef 23 c9 31 2c
+          :     b3 50 f0 29 ab 53 7e 28 73 47 fd 30 75 ac 10 90
+          :     6a 78 3f 1c 6c 07 cc b8 8f 41 22 8c 4b e1 c6 40
+          :     f7 90 b5 c3 a5 d5 d3 ca 79 24 95 d7 4b c4 61 56
+          :     26 58 c0 7a c6 00 27 6b 92 4a b5 bc 9b e1 f0 49
+          :     4c b7 6f 82 f4 60 a7 48 09 72 66 33 81 e1 69 99
+          :     60 61 d7 99 85 9e c5 4d 4f 5c a5 c4 11 c0 1d b1
+          :     59 7b 16 59 77 66 9d e1 3a 92 8a 34 af ba c2 58
+          :     fe a8 c4 76 42 39 c9 42 1d c3 11 9b f5 b4 76 99
+          :     20 69 78 32 7b 1c 53 45 ef 74 6a 79 83 84 1f 05
+          :     6e 25 34 10 0a b2 4d 4e 9a bb d0 b1 7c 6a 95 bd
+          :     4c 3c 0e 40 f6 9e 16 12 ac ee b2 8b 99 08 6c 95
+          :     11 6e 72 04 27 38 93 39 0b f4 6b 89 9b 36 28 6b
+          :     0e bf 19 47 bb 98 84 f7 32 ca 27 da 82 b1 9b 5d
+          :     c0 cc 7f 88 85 71 49 10 88 8b 23 10 c4 f9 31 9d
+          :     41 0b 34 e6 43 3b 90 03 e2 17 6b b9 95 25 74 56
+          :     10 6e 89 52 16 3b 8b a5 92 53 0c c5 aa 0a eb 43
+          :     ad 39 8f e9 e9 7b aa 52 3d 7a 44 31 67 7c 3d 3a
+          :     f0 71 9e 47 5d b8 5c a9 5a f5 08 9b ea be b0 5b
+          :     2f aa b4 89 6b a6 0f 81 c8 84 72 a5 7b 46 a8 28
+          :     82 6a 0c df b4 46 f8 18 91 82 d2 bf 5e ac 4e c1
+          :     cc 5d ea f5 99 c8 a1 3e 48 23 54 06 d1 7f fd dc
+          :     83 44 b6 c6 69 84 a8 68 aa 92 fa 02 22 7a 08 69
+          :     50 eb 0c 87 01 ed 58 dc 62 87 76 b9 83 88 2e 11
+          :     75
+          :   }
+
+   The following example, in addition to encoding the ML-KEM-768 private
+   key, has an attribute included as well as the public key:
+
+     -----BEGIN PRIVATE KEY-----
+     TODO insert example private key with attribute
+     -----END PRIVATE KEY-------
+
+C.3.  Example Certificates
+
+   The following is the ML-KEM-512 certificate that corresponding to the
+   public key in the previous section signed with the ML-DSA-44 private
+   key from [I-D.lamps-dilithium-certificates].
+
+   -----BEGIN CERTIFICATE-----
+   MIINpDCCBBqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44808wCwYJYIZIAWUDBAMR
+   MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0
+   MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI
+   TEFNUFMgV0cwggMyMAsGCWCGSAFlAwQEAQOCAyEAOZWBXll9EENVzymqUzPJMlGG
+   nVvNvkhxJPYCuLambBbEdhZIrXZc9dgAa1FekFp/CsB2sMYu+jKBU+fKVwFpnxMF
+   8ea8b5Cw5JtpNRK2zpkqi4AW3fwaZix+P5YZy9hp3Xca8wiWzNWRisbLd0ZsXneZ
+   ltZ/+aq8l1A/LHt+LQANhkUPsYB8pMq9pGWCWjHHiaG3pJGrOHJ2XTINC3GSD6IT
+   yUCTQWuDuBJOafZeYstQANzDeqmg//c5cMR3LzV9JBicpvUwVWjA4jdqN2KmjGBe
+   VjxdIJVy4Px1MsopRylTVWe1/EE8XoeS0kZFNsyAj5it10Zk8UFWb5AWqQpUGCmp
+   igRkzkGou0TC1Po8LCCUYHKO8UoafEybmNEiA7TMNSkWCpqy14OPf/a1OuBaoxp9
+   ZGt6+mxFkyUmo8N1Vhm+mUwhHCoxwFs0R4NsshUL4YKdrmsExVNc/1RuOSunl0EX
+   IPkk9JClrFSV8hNW1VC3gqZMFoi2tlW8x4Qhl6Q0wvZWO1t/CaeLzEiCMng1YdFv
+   TLq2dVQABQeBVwxmYEuBetElIpRzbosBhhpLWnRRm4tv5RSJpQcjkuWHYmxxN3ZX
+   XTOAahyOJzKvl8JoD1FmYzHE64u8BDHE+Wgy2vGzxFUo+6FT9seLHBmHApR8zTN3
+   J6RvtTuhHeXLQZE0aFlRbLatckAPPPIJsjau81pYCsh+s+MPr9Zpc8qKfdJnWvQf
+   ehe2FDPNGvgPdwiGn2ZUiEl5gLGsEKDNy2NqAO2GgbNeQpEkyoA1ByW4X4Ol6sOk
+   o8wWAJA+ZSk1YLmzNuWvDVKdrBoEgRkwLLepvMEQuUhRvwIRfxmdxIWoUrdHPwm4
+   MaaDHVtUwLeQ0iXPa7ktlGKibNsz3aUSPHqvDiaguDZV7qKL86gHRyUBj9a65LYB
+   z2G6q3Gno9NRl6ND50tKJywSXVQIlkJthbeVjTs4prqYfsNyJce0TNsS3eRTm0qw
+   gjY2g/BL96CcxcQd/oMKGxYuCzJDNDYvCEoURncjNEut0AD42MU3xI+ZjwUwfOvR
+   7eC4HDvFmgZaG21jsmyjUjBQMA4GA1UdDwEB/wQEAwIFIDAdBgNVHQ4EFgQUDsWS
+   pZcefo2geKhuRnTy+xH26NcwHwYDVR0jBBgwFoAUMpoHsfq7SPUqMJ8RoYmPhI4j
+   Iv8wCwYJYIZIAWUDBAMRA4IJdQDcV8LA/De8Ss6UL3tMcHXKc0iTXaBPPLyoCimW
+   KG/BhZ299qdyg6Qv/hWMxXfuQLvBIJUiE9boIUvDJH1Bv5q+wBXDM4Pcb585a972
+   fB7Lj7rTYwGezp4QRGsn4bMOUHtOS/9MaD9LAw8XlEDSl69KgN+jN+Cak+PS1Q3O
+   u+TpeM2fo304+3vTfHlNiePSNOqkd1pzs2nwVIbQGIWctpF1rIHC7NJ/XOO3ZsN3
+   Cr758OLyAotCdGCRnj16Fhxh1rJ976b6y+Yo96CDMgl22lYPJoihlBekuKc4ugkE
+   g4vJEwAtPlMoaogn7XJcWkKIhGKp1M7nG9KvgQxCRvIfRURuDyHaiOAkOayK+Hp6
+   4AV02pbYX/w1X9bW1KOeId42EUQpF2iFu3ilOJi1JmMFyMP8lZZYq/8fPv3KGZPF
+   YJpd6yaA7ReIQaNiFgCMqx7nw/Zti7sa2a5dor3YqYRjZ8UlJUuYUKxNDde/u46W
+   mIEGSYcynpOiEYbyeWmXW4ye7qhT1Q7bmFPV8Mjzn3rXytzUzUZfrK8j9cHxAozY
+   sF7RDuBmauliYfV1jaroCcHrohVTnSSiSMQKV4q6HjKPIpf4qENs4SVh9xkWXdbB
+   OaiGgFhsI+sxlDGPRwbKrj6gVcbyFuJIPRL1LylJ2qFXzpzHyfAS3fHFvgv+S0AJ
+   DnfNk3OcT7G9jQhESQOkTXA4LqxPI+0c6asvauXlICnN8RdOjraY4+DQL8cYidEi
+   SAnXsOKNSzj+b225zdPvfBB/4eJTtV7VdnQOhETJErofxEWbpA8zobl/+bu2smdY
+   Pg1a83hwVo+HxfkSz1iHW9WT9+iwhnm28RqzLdmmzZGJSfgEFkADriwXUEr+LIkX
+   0xeMGvyXxdxv9S6Y6y+n0Al0ql0tzGviVoDqA0xNLU+Mupou5ftDTJj7U1oxIUHj
+   HlFeE06+JRoTPbDcl+cBil31SlxuZ1u7cOE33nbPOw0jWDXeA8M5uE3aMQah5VRf
+   tZXmdijH4zEN1/++Q5oJAF1SCTsnTkZ0lk3ZlIfpO0H1sJpINzLlBO04dLlQx2Nc
+   NFIExuPsVO7kW1rDLqkh8srBKrdUa/8ngD3kppXW7iaBhSnUE0N6lrwi5g/fJbNU
+   H0W7r0b31u0KDQ8cNKlK8PZL5pu/ulJTGZ5Dz4HORwVt2aXQojZfGQ0rashKxes8
+   F+Ewgse7NUAt3HqX94+0SWpfpNCVlZknK5XfhZJV08XVZ2TkTDoJ6aBLqua/a5Xg
+   jWTwroAJuB84jx2B1eCeYxjt+3cEaB274XU++H6m5kP/1QtJ3L1r545NaRQAylZF
+   MwCtCTVyAavhrTcrQwhl8rVGAKOlXaCfHSln8y9u26qMHeL9BIP7JeMeZxCYQQ5b
+   QxN0WvGmK11W6XG2CTc0qQ0RdUOvfrXTfl5A+I6DS4T2Z26APgkoq2JSQihO3JEg
+   S7zknl2NoAummhweGU/qSPzX+4/KlxwcCCs8mD8ZkkwhdB5poU4uTES/eCO+rrm3
+   wxLmiIcv2RwNdN8bRkxm35SQCCfc6riit4AxkaRKz5b27FWedfkH9bOgQaQGxm/v
+   5IwGHsFGeQFJyV1pNvo0aB9vvMTL3VZOsoXooxrdlc0kv7jJ9Q6eF8ZAFYXvxnaS
+   D+/OsH1b1+6WCVZIDRzRsMauvaifYUZNMQQ/CKSkDkFPjBDY5Xca9yZkGl+S+Pzz
+   7ODu6y3lvvUk+V6sPKEAS4ejZOocriV75SPfz0WlRZoljJXOm3tKCo6L2e56ntVs
+   hRiIBaLG5stQf2EihTSZUf21zNjb15E7KcdbTtr8TE0iJAuVYxBtNRWsVhExOMO/
+   QqXWnHL015pv8Dubwt6iDr8ObCDNOItPtszlNjCz4yN51aGTrHGZ0CJcbcUWqxOm
+   W1wrQmnYWUaz1eDahmbnowXshqI8RcGqvzUlZ0/g6nEbAJZgbk7jozC1VlwOKMM4
+   erhkw5mrrpicX3cvP3wl3JyhB6vbAfK4XQH3CfrnK12BhpgG0+9V5DKxTL02f+5m
+   ckJI9cZqSYx8rhlDlNbR33kSOY0Ba2RwvmMxhdypd38l5S8oSwTRu5eJ4VrrSeeM
+   wiW3gIxLA+o+SD2iFKyafsWLeu+Axx5/HlIVB+g82dGKkZrrESEvO9LpdlaS+AMW
+   9BccbDD2SGE2UZKlK4zx2QwYvnFG/ZDRjmvQV0dQOxiy0j2l7WHmbedlTTUUd5FU
+   0cfSG+cJHnToa/VRU4mDHvFpnV+AF0dA1s0oemhN5vOqhDzHnKasFFpUDH88mS7K
+   gbXELYiHTQEB/s/Hr0crjwVQQCbJFe4bBJzhcnwuOcdNUKLmF7MidvoyKYYu20oE
+   P6F0/RoDwS2FW3RyrKeSzlLWnuarfTq84iMaPgKrOl8XNfaSgGRsG3kxGe0s3rVs
+   iwzaO8THoCLp6WpEebfucmSCMXtKfVG/28u/dvQkz1D0oqTcWqhQiDLqZI3HjdDr
+   io44DARVGKAsEvq75Jq91GXP+1R8yejpP1lZU4onX1i0E8DMuVEU85JN+kFXbS83
+   6nZHmYhgwj93IvetNiK5cJs2M19LnJj5GrONmPMizoXCIBjzDx0MO/3CoRF5achF
+   p598lYloyvlS1VYhwmLrpFmz0BB9OEepvdq0ZX11XM532I6WIF4lAUh0YEx1FInO
+   XJ74LC2uMxa92W6nceJAjiraJKhi4VnURhPa7MUt/2oA5WY8zzmVGn94UlPsEmPj
+   /nl7vXBVLb9Nojt9AkIO637bT+1wszCvOH8nelnzNDsCBi9B8+mdgzizEN08UKSk
+   dCaNbCB86LVeo+umyY5abmgr2NOI7XaSTqWMs7ezemR5AkIUka35LgVIKvZw2WEz
+   G3KxZImSviV+XMsakqGTdXof7k1usEcmbJ/EJLi9ecaxMZKuLjT9sFtNo8uvE/m1
+   1pf4bGnGXgBERGpZsqnm+JNxDDTbD1WntdPpyeF8/6iXd/eNiHboV830Olj0dXJ4
+   YbTrQBcWbfUeZ8+8gGJ0bgshMtPCrOdYVMAfWfcu7DyFi0tQdtS1pmo5Co+OwLxe
+   IyKgwlIYOghCE3r6SBCrx0+sTP0sixV5Refu2JIBkjoywPavmK3+109l1F0BkzST
+   fQ1pAwENGx0oLVFdZHB1f4CSlZaiq8Te7AtOfX6Qtba4w8bP1+j2FSVCWGt4goSv
+   s7TAwcrR1drv9BRiaH2qytnr8PcAAAAAAAAAAAAAAAAAAAAAFSM2QA==
+   -----END CERTIFICATE-----
+
+     TODO insert ASN.1 Pretty Print for ML-KEM-512.pem
+
+   The following is the ML-KEM-768 certificate that corresponding to the
+   public key in the previous section signed with the ML-DSA-65 private
+   key from [I-D.lamps-dilithium-certificates].
+
+   -----BEGIN CERTIFICATE-----
+   MIISnTCCBZqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44808wCwYJYIZIAWUDBAMS
+   MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0
+   MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI
+   TEFNUFMgV0cwggSyMAsGCWCGSAFlAwQEAgOCBKEAKYqhDUI8jdoGnQK8WebN8DoJ
+   a4s9pMq5uAykoUkHZyzO8exPryNKC8W36dRz8rMTOzsmodF1y2engFkZaZwC92Ux
+   uZxfiRgHBLtMpFNcW4lyZ5xmCgfF5RS4cAnIYuuPUVdpXvs/xAqd72uBwcwCokmu
+   TwlK0Nm9NIXBwcaAgFIKfIxjIDLO5zgVTlxRdsB9pWAkd2pDD+durPZlo/e4MhAi
+   FbyC8Qk5yDVXBDNqj6wdgeS7BIWqXXx01rWbvlxelyoNi6xBG1W11VV81oChqPcb
+   TrhrxIyaBQlzGlS9nXKQsnlj5DctybGZz9ysCwGs0opiOVES5MQ2SNYixIyCNNAU
+   QOjMN2ySfyOlr8msBHTGYidOQkUlyFUuzjs/4mUW3pAbx9UVveiVWOYmyVyAuTNC
+   +AEABPOebGyUhxxeNEyrOWbINfmpalmv0xxAKGs4scGnhHC6uUdRiTRFPOhnNqkZ
+   8fWm1RCob1RU/DmAy1x2W9K9X3s2sUENZjXIzrR8TdoNdqKOrJOcccMCSASGbHFi
+   ZlhEIWPCwiEX5QrO/OY3iphWUjAqTvDCzgzHFrd5bitrLjd336GsPaJZoxtam1MP
+   jLY4qBpirDAYSauvlacwG9owBokJv9t+Z9vMuzilVRolsaOg9oV0itV1PYiA8AFs
+   YnSGFmOExVcf4jZZADZNA4MR4th12zZmhpMrXsYCQwo2noem71wzh4ZleCW9TAV6
+   zrkj6wk15pBeY7TO1/gIV6dz3WSxUNJmEuqawSBS2yAXvxhDzLSzKBtpDccorfqF
+   wAKBuOPAkoczX4VrT8KJL2mi9XkhraAZFMQJiGYtV3aWYqeGNRubZkk9q3lZTZht
+   4hANZboP9OpYuBU40kpENaJY+sJUBKp/QfZYsThQZeFY3LYBFXMnIPQEWaqsFeQG
+   lTqQrFKZfRzNBwBg78ZdueZTNURn+tVuxxPIbnVAxCOs8mafUvpvSsaIjYce8+hH
+   wCmoqvu5LheySqB5sfQZumF1tEKvsRkJ1KVrcKAzWyhzkhiqfJNI4sPC8+s9FaQe
+   ZBfA3ZS/6yFBmzEae7E6GAu+gzIYqaaxdEfMhfIlhZWHpzB3BJrLz9RNDwJUOOFd
+   FTgnDVhuG/gxkqlFnPY8DpcvhSl2eYMezxIVCYUcuDQPbxB7D6Gg79GzaoGJvAhc
+   T1y3hOVT9BuRj4A5fOGVb3hb7jd8qaqL5pmK2jDCa3w9jGtVJUzJYgOyDEKu4KxO
+   HrtAjkmp4/h50KsHhetwJUJdEwWiKZwBXhINFjsOGUlM5XJT0CRtGCdFy4GXq3Q4
+   s8G7eXK+xaMG66NWeFXAFGmf72WuVMdwoNhcGEAM9kKu3GYHd7pLE4UCvVp4EvYh
+   +EpIKWuY3UMitvFYKLio8OAKi6RKU8OosUNXGwdAq9Vn2vHN6cecIEttXiWdF2aj
+   G7vLTmoFz0UCF2swHBwvQSR3UBV7zshegJswpNYNd0fN0PW5mqjIJph1F3k6qoCA
+   oLEkqFWN9yu+N7dfTtu2voIW1sYz+ysigOJRE9hpXkNIHD7rOX6xklBSKbZ6IB6o
+   k8PiyzLai8NC+k3qBXijUjBQMA4GA1UdDwEB/wQEAwIFIDAdBgNVHQ4EFgQUQry1
+   oWf6MwRJYS29gYcFanUY94cwHwYDVR0jBBgwFoAUGwVj480zRhScjJ688jsKTlqQ
+   DuowCwYJYIZIAWUDBAMSA4IM7gDya3x1P7gnc/43+gwI1bbPyLFhkbPTUdbp8wrj
+   S6y1IBreYKD5+OSNsHx1sQ+vThL20hYZunwSyzM3ud/UFZJcpTYE3hLIqWYYlFfD
+   KXc9OUYfL4xYtwY9L7NuV9GitoPOZqXGxC8uFBcCPtgXnKKm+2VcUcp3WAdgnW6T
+   ohOKPc1JMN1ElgywyAeUKGyVu26WhQxltO/tD9NyWjjx88GJQB0EAhd+CUx2gJoG
+   71QWYaHKKKY2Ap66VvNY8EwfG8xHfd1agWXl+dR7OldlYHAflSrZyczt/m97CBfT
+   gz0q59YrtpgFC6A8f27DOns49/pcvFrFvnqbrB6olgn4g95w9a+zTjK+0LEOLuZ7
+   coxK7G52UM4+zm89rgiV6Lf57E+gq6PIg6VJQzWeNlii8vK2c4D9+ru9DWxrQYIp
+   lO011cW7q37cw1UenD7ouG6zd0Rgq5LIaoeQgwngLFoAEGl213xGJ7nFmPKweq6m
+   jEWArh8WFdQS8xaArVxh16Qhijpk9aIMRXP8kv7x8ORXIOQkfE2zVQnnjMt7zTO7
+   YbKY0ujPJwEga8UsP95V3ApLLNc4S9EIm/URSL9i1eA5Yf0/7qZub4512LN3tH9f
+   QGr96wtIGKmMmD/M/ON86GXWRMvQW8w3DSgi73RuM5WH+IVZ8kRgdwx6ff/Flbd3
+   PXXmxziQd6JdOIDn2JeTaEfZd6MxJ8juknEQTotIzOhSNJ08zcQqkCu0OQIcNMaK
+   vzbzEDP+VbiIGxL6n7Y3JRnp+ACA2pWbB5lUl7Ex2OMCO9zrGAL5f98+5RFId7Mz
+   2gQOah/y2FFHVw72TB3XFzyPuThiTSeXW/sQUMkvGXcb6cgUA25Umuq+tvKuktLt
+   H7Rrj13+g+cSgkDMKpHPx2aVTaZ3hchDqQhplLu8adVkjaXldrrU/le3JYUwZCsL
+   4ZCbWfEZeRgq7rVirSSEm8U1psE5mFZ0LqewLz87FKIYmTFVY25Xew+T4O/BC35P
+   k3xp5pP99ShC+0o0YyStQziC2PmNNzjm6xHGYAYas7gyfpqVz93ooN5lg9uMTnLs
+   SdAD/jsumB9nLGFPJ9tNYmL6AbnlBZiBwg2oSuIlSUBTCMFmbt+4QvsgeqjHx7nQ
+   Z+oc8x7D3tSiVcf+sTICFRO6br2FF2PHDlTvKudW6ziFLsYWkkNK4K68p4GO983H
+   R8pd0uXyhICMHSgriODpHmbTvyV2Vzh9+AKCt8PLiixeKzBL0Q6A2lquMk+cJP8f
+   Q4QJL/TbUJ1B0yy1GVy6oToID+zM7ZUwI85VEqBnwWqA/UU3pggJg1CjItGrgM9x
+   fGkPVjPZ9IjadgB0tgfHZ97gW6YiocaXmu6rrYF6rxYkWDaww9Uq8CQsrv7YRb2Q
+   OeLCem1jyo/98YeMxVxBXZtAqMfgbAd2f0pa9Y3u84OBvdLNIyHXDWgmIhHG4uy1
+   6JO6OxdU9qoEyw3s/8hCAQbQZfEHTsTTbR+ij35PCZHfYOZiFUZozMCSslHSrbIc
+   +hmjd5slvDnbuxwCnhJX5dOnWRQtWzbUg4kJFwSven+MCQ6d8CS6RZbEHOwvCD4B
+   qIHUaR1+lT9bW8kynPMZk6GdKCvyAEVnf9ka4mIiJrzycqBwwdOTlfKsESviE2yd
+   9YyBF3adS6eOKiuE71HJ7h1gnpxQJLtrC0q4y4Rmh9arwDb5nQ7QrF4mG+jUMFLL
+   sR8jd+/QHGmpZ5qhUfxyti2qQOteGjDlXtA2guahqCSX71GUpXLTY3VYisnWzoM/
+   xdoMhKy+maEJ1mOeyrPnmOXh/mxLWpwcN42QH3u+iktGa66LKNwk5P4+1aSjV62k
+   6jWvWAF6bSgr7hhffyt8Nr70HklYQg3NZpo5ivpzYzCJ6r5dm0yuL6pxJg098RYu
+   3CfyjyOHB/FVhx+e9ADQ1I/NbkGyDvIj/AqD0TLbG9AyXU968SP3AEmedi3IZLGO
+   EtA373hLW/rnVCa15+3rcLcQACfJwv8VwbIpeZSBh7fZ26KcR2Rj0vV7Qn786ZbK
+   6aG9SlHpRCsV6hiQdsCYr1k+X0a7wrRr80fHrCd07vqG/hl4dbFu/IhMeQ243K6n
+   3FTnHclYDoKaUQCmlOfgp9/3djAb/rOVwiPMoXkVS8JAJPa3gazejnITG+W209T1
+   ukA+AYvpAR2qd1ysBjZnZxbEswAWKk2z6O/056/F1AQaIVRgKBIYzuwE1lLNLNV4
+   OgLUZ791oEfjVx/1QqhgLBd3pY/U3535OlM8lCURjdMo0EuxsrIY3AxDQHdnSTsw
+   EzE6ZDFLCFEKEEw/iVJul8qKUtFuoqsQMX51A2L1AosbaPzawY6RU2/BWFqew2A4
+   K5Wm5YDwilHYlpBy3+F1ByNUI5+ayXMFwQi0dqpD6QXpuRm38Ze+qy2YKtaAljeJ
+   xfcJjdIrx2LiAvKGHO6yMb+JVGliBZr38wS5fJX3sZY1gWE3uG82qMo9ft5ovmoE
+   ZMMb4GSBfX8WTyncPmO/t7/wv+JbVP/Hx0yv/7WWVY1pPoC6boEtY4YrIHve7lxv
+   S8NSixJ8ESLzffJZTGc9D/tDM6FRHobUZItSoFZwHpGGbfOrOD1Q8mWaVj2OxXh7
+   nlWrKX+WSZX59sR+Ez4eHejnNXFT2FGWrUfK05+0YooTn/4jZE/u8X9tSf/HJkKb
+   NyKoDeJ9lwf60iJFbQNf1zXVc0U3I9y833CvUz3V1XKZoZ6AQXcc5NW+lNpj0CPD
+   3Z3tjwYGIdpQopZW6qYk66yektO780fYKdqG3W+0QvFmV25DjKx0DcNXDgs6AXn8
+   Dehq70ogiRaqisQuXE0+Qy9MdXwx/9ytN6m3Th25dNg7PPKuPugbFAg3ev+RuPv0
+   a3BwLozRyAIp5VGuG7Iu0E80kAXQixkN3YQpcWhXTsJBfsrFyUVJLejYgX0Xmkj+
+   +2pf4+9IRf2nAwqcYRZylt1N0/x2/vVy7pz57NIoWGsQ9Vy8HcgK/rus1PWRhN36
+   ic5IoCgko/ctVpKZfX3Rhhm4qjWXEgzsiMj8/RhbKC2m/MobcCNCQUK26fwetMri
+   Sq62x3XTyaI4HU5kCQUdXcuaa13UvmFxNKqhKqJSYopCOk+2tP49qewc4dPKebbc
+   qYF8kVhpJB5cwifB3ieaRjU66PaTX2AwZNa0k3XrXmql9pQ6h6K7QJ+DucAJn1n0
+   FH0XElKBX2ebUC9luqUjHRKeJW/FDZEijj9ez8ssGMD4Elcut/qM1hNh1GB0hDN1
+   x8yE3KNwHJfs9bQxphoRYnw78rINuwUU9Yild15XLEa9CzUvwmOcwQXku/X4aVPv
+   0qsUnF414LGeySk/8XUcJewV/u9EdIm1XvL77iifRaV9CeRu4yEYPn737QCW7j+F
+   Ex4WrWbokI54n+SeBuvZ6Jfs/12lPjFVIsD9MM+YaIVA2846cVJ0Idc+o7MGXK5e
+   6p/2PjlRktXrYPVHrIRP3Ouc2js0IBEK6STubJFbSnAHTSRQqmcxph1BXLf6A1dd
+   7dt7R7tKbepBxWKYq5liC9Rqq2oatrbMARH59EWscoEAzZP0L0rio1KPknvM0ZBI
+   ibiszAb7sqkh7Hq7EoicirdXTjItOitSQWshGiuiKVqCE0jANM7lFhfO63XsFo7G
+   GuOuqQKDJTx+8F5qHs2s7yC4uZDDmMx+pZ36J6Mae5CcyeXVQDgkBZdU47tVCeB0
+   7WqaXFAdbJTKVwEkG3PSg9qp8SoDL6c9eQye/Hk1Z/vmf1tYHoPg8iJpx0iD/dEk
+   /73iGZEAr7U7NM/ldcDxCXO1mfBNSmixq6zp5jJEH9TCo+usT0dQKGW0N1zPyDrH
+   0qHWt1xSO0G6FPK4zTyEY/84z+ecXFvxxynXLYYCm5kEhK06PYiVY5OKOaBe9vma
+   qS66MzHNpfjNblJfG9O/HeiJLJ3vV7/F3U/kfxs3PStrMgoXMRt1KBrmIBB3F1xE
+   5WCaEONmuYSmJMZPbdkB+7rEsbC4v1cnyE0800BAGNYpVyPyTYbfPBthNEmYsBIV
+   KSYuVQ1259Ju69UE22dqnXnorsCZCXWEpmcmRO8/Gvb0Y7OYFWltDeGLFJRbJ4av
+   5dtNm2ZH53uLPi3aYsZU9cyfxh7AcbKSfQlRSVKCj6o0BQ3ZvmBPPOvcsUbUU5oo
+   FgCPOse60fvnKhEEO9zEnuU3RObcQPkDQRmMQ3OhibiGzOEOaU6PCEVJ3P+N+lJm
+   /0M2lNaYgaks0kmKoYdEmpLdmdGSCCB6HJ+nIIlwodrM0wK9SZUqkd+kFoGvGf7+
+   XkFvmlJbGn4UCaaHOUaDZsFBMiAcMAAcPv9FIM+A9NIjbC2imd0TJf+tLf6tLA6P
+   gFHtzTF9yuL8FSI+bbLr9go0PG2SnqPM4RQha4s2OoOvtNkQI2Smvu0AAAAAAAAA
+   AAAAAAAAAAAAAAAFDBUZHyU=
+   -----END CERTIFICATE-----
+
+     TODO insert ASN.1 Pretty Print for ML-KEM-768.pem
+
+   The following is the ML-KEM-1024 certificate that corresponding to
+   the public key in the previous section signed with the ML-DSA-87
+   private key from [I-D.lamps-dilithium-certificates].
+
+   -----BEGIN CERTIFICATE-----
+   MIIZQzCCBxqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44808wCwYJYIZIAWUDBAMT
+   MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0
+   MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI
+   TEFNUFMgV0cwggYyMAsGCWCGSAFlAwQEAwOCBiEAS5TClFAREZGCOzUUyaweo9mC
+   XMuGOTot+wRlT6IZLTe/rRxJfGUC7uXKgKc7/OC69aVKiFhaQBOXo9Iy9Canr7CC
+   vCGkQxcJDqrHWSwuqIplPESR6hk5MTNfUumJo8TMVtnFU3MtV8Rw+0GrdZtl0tBE
+   RTgvzZxONEoRKPqeEeBDWOGS7QFLIyMqfuKyLiNxf0QRHuM1dTmcN2RtqYE+ybIS
+   r+lOXcXCMwpylMwfQjSm0/u08WhauIksBKyxfNHBcNewYRtqcXbHlMyMZ/VfySPC
+   rSAxAPNlmRiCwwJD13gThDtex8lkAyJjcGCS7PAMdRa+ZORZjKQibAabteZ+QXXP
+   IobI3VxIimxYYfMbqgvQJpRw6LVR3TvNOMhsEvnNsXbHfci2wCpwH0eJAshVP2lM
+   DYJye0xKXCwQQSEqoSdICLghEbN37HUhTpsZePdgBNQTnZhhP0uOmNIK97U0BzpQ
+   mpWbenVk+bQMohi/YYKTIKhQIBeVTTKNesbHaewpcAdW57BoWzQNXhGAWVBKSaml
+   ChAZjrEKV4RnjrQn17S6u5VSkzsGKJeXPhMY6vCg6sN1hKZUAbFwPgQqzNg3UxSD
+   8kHK3NHB03gRnmlEKdsZmsiR5MU0N1cIW7OueDZnNQxEWNl2cuhh6AsdJnlRDqOm
+   8jYMd6RpQsegalVNIoCAyEtHrvFNsXYgyxbAarMKG+TNpwgr6fh+nCEcRpFjSaW6
+   jqpSAccpSjwIhbU7ZXRSEIgl7GRskKBGEjJO59Axr+U0MTLL72e277Gl7CgJt3NT
+   jOd7PYsE6ws8IlYBHkxxbBmougdSv3FJIRdknwYVwykPwppG/eS9UtuShtYDOIJE
+   JZwVp6wrZApgzAM3alhBo/uKRzVo+psaJnIV80wBaXsPDmJxddchBbdwfCm55hS9
+   wzpvbIGKlTcLQniC17R2eWqexuuZMnTNmyORqCukXjOT0umulyHKnWwbmItYJ3E/
+   kKZYXelDNSjAKwPOELtfcgE40Pu0wwwSZrkY5Skl3+F7N/ldIrylT0dZGayFkJjA
+   8NCKxYde8ptW/RQebvFfcAoLZvOVlcWIF3NzxGabIbwHHkw6pfC0oxtiWPNdokrD
+   zSnH8gkkEMUHg1WxOPtTprmubgucCCQ+e6pFxHN264x/E9TPUapzb6MVQMkkHzcN
+   pUS/n5wo2aV+Lyp8qVpOS0ZuZBqzvMdq3xE51Wem8StS86ZefsCq4mvKqMVYM7BO
+   WZmOvJoZMPu20iM8U9LB+LlRjjwt5zoZ3uazgKWzKXHPZOEp/WwfpuddSiNFAelm
+   3TpUCvXI9PNKa0olPuKEklZtXmfG9VhV/LBQb7BsFWdE2aA6MaJvqUytFPFXt/MD
+   0Hppx3N2j8tNB5wJBZcDoMOpTeS5nqOi8WWD0PkXCjlQ2we08LwwgCkn+feWG2JZ
+   iSY2qVAqJwUwNjd5ndNE2kUcHPe/Z4QM6zB5q4xrjBkn9kBTxhJFDEXJ5gO8FmZu
+   WWs0ceEDtvFUR0JNFwIgSBEf+9N+HGcPZPFLinsyuUwaSbRd0vw4zVKJ2RCtY2As
+   9eEwQsZKxnl7iftVGtCOBaktIAzMt+cS7yPJMSyzUPApq1N+KHNH/TB1rBCQang/
+   HGwHzLiPQSKMS+HGQPeQtcOl1dPKeSSV10vEYVYmWMB6xgAna5JKtbyb4fBJTLdv
+   gvRgp0gJcmYzgeFpmWBh15mFnsVNT1ylxBHAHbFZexZZd2ad4TqSijSvusJY/qjE
+   dkI5yUIdwxGb9bR2mSBpeDJ7HFNF73RqeYOEHwVuJTQQCrJNTpq70LF8apW9TDwO
+   QPaeFhKs7rKLmQhslRFucgQnOJM5C/RriZs2KGsOvxlHu5iE9zLKJ9qCsZtdwMx/
+   iIVxSRCIiyMQxPkxnUELNOZDO5AD4hdruZUldFYQbolSFjuLpZJTDMWqCutDrTmP
+   6el7qlI9ekQxZ3w9OvBxnkdduFypWvUIm+q+sFsvqrSJa6YPgciEcqV7RqgogmoM
+   37RG+BiRgtK/XqxOwcxd6vWZyKE+SCNUBtF//dyDRLbGaYSoaKqS+gIieghpUOsM
+   hwHtWNxih3a5g4guEXWjUjBQMA4GA1UdDwEB/wQEAwIFIDAdBgNVHQ4EFgQU2oIY
+   LDnr2zUNkE7kvFB7cgQ/+iMwHwYDVR0jBBgwFoAUiYhnULV8JNs/wBLmHt5ZdTM3
+   N08wCwYJYIZIAWUDBAMTA4ISFAB0Ilvfx69mChnV48hOgGE9RRQLmMKyjFn4sKDx
+   FO8grAAsxKw9hdEkv+TKqayLkCkxeDnhL/HIOnDRXxZ9iVUMcCUrhcerYIIZiUeu
+   CJYYHAk0Wv/eQF+qzT3UNREKdljBD7rlem7wRC7oT6vf304BFsDOQmL3yL3gh8hI
+   ycxU5SMh3dH6Gj1wSug91LVBV/QhLebDixXuKOe/q5dyNQRk1lI4im5ysGCkGzdq
+   UZuanqBYvvE0c1dvvgeG9+qV9ARQOxmOaKYQMENVVA9HbzGV66GUrR19jK9z1bRI
+   OSzFCba83oGHKyC9bHCLfvtXFXRxNVlDHGk7dRm2dAOds/iWJL4cu/M2O8rWaxIt
+   ypfeieyKbr6CQjGzWqQ5lNYC3piMO9Byl6QxvZqBPhFeLbXYc3ZFhk250oz7m+LF
+   DpHX0+uf4SROW51EDoo3gN3hQPp9usgYQcfprP/SpxGmxJ03GaHv/tFF/pEwCAT+
+   sGPjYGsT14KVNG//guI4cHs9pE6s5Y8lslD1AUjFg8VQlIqF2JCPnaOGyagdEem3
+   mazLJ0y2KCnFMhqp3oGaVWXC2LSwyOLe0XKeJWRbuvXQ4Wl81OItyLX86fjol8bO
+   nCG83V3w4L3Omizd9SdnBtd6uv+1S6oxEvNcs7+pw6TN/6EuUaRPhi/jYr8Zpplq
+   JfsCOUoLs6hJLjrD5QMmCCxYCrV76ea6Moyyr1/0mfElOkkTLMLzKN5p4vqPEdAd
+   N5vDAT8g4Yn0MsRPqqK0pXyUA7Ax9ISGuQebeF9rBEtoEIG+bq4wXBWxmG2gQ3Ki
+   ctNDS5LUZS23n85pZ8t002IX6fXD3JYtn4UMJEjbSh3+s6WY3A1qG00bLJL4chIq
+   +G8mBAZm0/e0Kxb+H7Y1tWZnTe+pi08fKwRcPTEdHXLKU8bS53e3A851y8cNrGs0
+   dNHaDQHjcboFgDhXS4geBY6iwzHGdmfDKcA5mxURP+XUgG6HBLuCYCmx0S5OzP+F
+   ZY+bChnR7z0j8bTl4YOOIiaHyh2CW8frGsIlw1tBINezLWa7sr+4rx6C1CK0F2J/
+   IdYIdEMLiL8Yx85wL0q0EufDoc/HPQRe3hDDtYsex3RMr83osZI+okf+3vtMoLv3
+   CJxyZIp8Di65SuZRHZ5KNW/DGFWGAobRHbS6Va37KTjzysg1VsdM6wqcIYFvOMV/
+   mvUVJ2MbXSawQuwKVMjYeibT8n55S9iL7mcfnivLgl7QNO86vaks8ZRpnZEA+FVS
+   QiS0K9eZnBTI7L4bzJKZHgTg0tcd13qZXZtUpQdXxquS63o0lDZs7k5iKx7Xt3Pz
+   T1f2y5ADQIrSPJ9Ytw71TubGotB39vkiqwvrF2fl7n/Ia8aEHp3k6x1OUbOcQ7G7
+   PW+sE2mdgy+2FcSlyomFXDent9ayH135V2k87/YYwtJjt2rFMSRogut01AtKJ/On
+   C1E2X5s5U9FXmeuy1ss/U6zHZ+VEiSSZlBu1ej6/yrsCAsu03/HepXMfbh4NuB4X
+   yUTGRYg4rF12nH8ah9Er33b4iYM6zf5JVPRPba+6oDjQHYAjvD+gRF9D5t64PcaQ
+   JAA381HRYqtigLpS1NaAD2bUvg2JYsZEkymXs1w+iG8aLBcakJpqmwKazFczcpZJ
+   nAfhVAopjRQTyGxyslH+01Kd4ZUiP4LKZCkNrQjsNspIHIaAPMp0kL/FA03tfGwe
+   sZvcvlnJYD7PIrwxCWdIFW24A6yaGKg4xE1NO9oJQWLRNDDY6IyOYf9jw4YNlcG5
+   wsJ5IsbUcUckGOPHiRx9IHSiOFewb5KWjQUN79wA9/w1SWToG2fUSrfUSNhEvsV5
+   F+As9EcQvgVGtINulzWWHxfCGbfVHZ8EO35xQG077xcEGMhMz9eNWQR8GdQOLy2k
+   QjNlZV9U9pKa5CcVjkBRHPpfsFOMT4qHW6Arv6VoNcTwUuobFtl6DYWTeU/qrmN3
+   e5gM176CKneRS8IoDF8nZeCDCeHAD17g4V9UUKNaeHaVQZ4elvvVwPhZvdrTGoIp
+   +VZrYIJqltUCZwvBvsxy6ILzZHCGTLTQwWaHSiaRLVKUPVymXVBnzj2cReDb4pk8
+   /bQu/03ZSquOub6PTV/8U7ejb4fXXa6TEWQa2Sao7ziqYIUTfwoPzNfvz4eLFMPw
+   j7USnBXe8mV+MOgL2ncK7aobOIyfPwal5IEAA5ovPmY63T1JQGdAoumKTO7NOVb5
+   hR/fXq25OrWf77Df3vlNdi5n1GC7UFXN2FdJ4wJl3X8my5L3sVOtzAWKMAqBLbqN
+   cKFKxMvbYI6gBT79Vm9f4LgwGEf9lFQUk3ysP/uQFwURGGglzPN4GmIrNHPNx5yB
+   bUU74kQ8d5KOYmP09S6gyxVd17nau6i4BkxwA69HnIS7RDXfg7kFnrnNvk0ySHFb
+   a8YmLTK4n5HEO2KRSoayIjMq5j7CvTZZag/emL3dSdFsNsnqJclUl5RImlXg5xnv
+   nf5x+lXcx7IZ3fBau3yE001C4W+ljlh9EzaRqTt0vT2JuJ/Mn4iRws/a7CYdX3+L
+   FINsrgkOJwbgUOFZGG/LShXe1OjPxbVnE0TMl35QqC6tYyY+57lqb1cBc3+ZPmTc
+   Q7yOeHfGAhdI7aYRV8Gqt2nx8ZwuhCJRuuxWGYjbpx9StbbVeSmQyQODoUUeXvBR
+   7DjFqKVRz3CXFW0j8SMRJiXCk8pQb3J+cbyA2AuXJkBlkIYswLVgH2NT3onbnhO6
+   0YbkUiv7d8AARktu1VHDpJWr5JgMSQ05k5b2rqKD0CPHWphapFFyEDBESeLLmnUH
+   WXf0aNl7VrYrXYRzEXzUGDf61yUJbBw9gTLMDC8WGHl/NPth57aZ1Ao/IB8Ir3z2
+   vXABqKz3Byk8klGzEa37tist+sZjN87DhKGjAUcolgoOn8F9p+SAwnLVLMhBo+Yi
+   Fpu5hwAIggzYhC+fgH17Oz8m8SEL+o6LUoAtleMZPQCgbSb88CvBZPHBPa3l6+qF
+   cORCrafkR7eKWUBCcJejSzUvap2ViqDSnerLHl0cppKvL0B9Jf++DO5RARKhTLdL
+   BKCHsfGVWJh+cpePHdMM0Kzax5K46RjbKrK0v7qD5oHfHQOI6RV3oJ/SXuZr5HRq
+   jHgy6quxwksp5w1il324kdoQ+VzaVHNbd7Oyngk8hM1RC2/HVyE/8xJjlZUxMolx
+   /D460FpuXdxyuYg7Z46sHNv1o3O7sRiOFXJfOH9wVb6H4PAo3T8kK1HASaA4fXq1
+   lj4NGV4eSD0bxDNJv+7uywbUTTKzy5ObF4swVgkfQHtRkGoXZwSTkIGnGw+bwOwO
+   GIz2W0T4YZVwbHs6gChn7cCQnqUmrFH+wZn54qY5FDX9ZyGsP2qxeb5zh7GtZx4T
+   WjcEkEok2O2YwvteSxYUPM/5lkol5edy9e5kua8YKEEFue04CghZv37ROQnh5+/s
+   NFZooNTzP7iPDcYuPMYSCpbowrVaRRxu7A3+IK37n9gkB9NMXT4xXizv79ey3gO9
+   xrk+2aa8GTC4JEXM3EUjiLIhlQ/GFLk6xPi0y9/dX4txmRzGi6DEyi6yfpog2xho
+   56zUqHZ2qcKBmEyrKzd99JmDe3Riw9C0Lci3SzKP1DvNQktDerm5TkyhJbOQl5Y5
+   fjkksJjUdEvWOGysJHx7GlUZRGPytXgTuXKEZ6oMObXt6+/lQFdB4117dsamPdl+
+   IXyc9FxgwMCyaECP72CuvJwCNRrPEIxlRJAaMPYhalgltqGGFm8vDhyKgfbAyhIv
+   OrkH6/7oOY8V/9SS6XtRIZD8WpLsxIKhB+spvtFSA3mkgLOw+Vx46CtV+91f5rJd
+   HcDAqOMl/KebHbt0gTKiIncx4ICUS3OcTmF5MEhSxwBHqTGeF2u6w62h9jlpp+JD
+   m34hh9A1gH3OwsnBGcBMxb6H23iXNGYZYyWyneIluQTvRT0CnKra8hgm8ONjXK6F
+   N8BZepxBL1Bu7TQIH1iYUW5LnQzIEm6eIf/iaUz6S4RRT042Cek8YWWpkhAf4ko0
+   0syLPVpPPxSZMpj2rUKmyOiPxLtHeVhE1QHeUS9YqkjEH9W31g68lzI/1OwIAPmX
+   8/0W2ehncAXZzcvaqKn3sVF0ntfY6zexcvkWKnQntyrVik6feikCRDym5CguxGzv
+   leBp4PVF9kMJ+lbRTCgvu+rAu70sm7HRYkbtvUQzdAkdIQYNGYa5Ah9+y/oI0vy1
+   C4Yz5c5D4XLN6lomHL/N/e2A6RPwCa4i5BdVDButLBAiXg8QLeicikPLxmnzVJdV
+   hat/2VgWDPmrW2hOfHgka+S4muOUcxHkLLKz4vIy4H6aUztSnjod5P/03JrQOm8q
+   iBzhOYA9tzOKxNOn8SxlWlJHhT8vb7KX3pT9dKmWqfTPn5gYlnT8rexudJkcX0pY
+   Qm9cLNKThdRAwP/t7Yk9evt6qh7g///JMZjKMIHtPE+mL5m/xiBjGNiA1JkV5/vl
+   55tWqRGoJMv0qgcPvM9IKvUMk65x2gjH5os1fuV52BgVOpcwhbLJEmHG4wd/IEo9
+   GrW7rFFGL4vyUNhxxXsmAsfhYsoSRR/s3GlX1FwPDxqUw+VS2duVCHYvKDBsZaLP
+   Ergt6fDalHKZVTnI2tVGNH3fFpAmBC5V8Iq8thzK4fRK2yF8nGP4HYSWNqQc2P5o
+   hB8wvEofpGjitBdNqlujkBMcNsLPPk9ZnUmQ3/erzFw34b0jTMUBrsfleaG2Kf1S
+   9CG6YUiULoMoRh8cPSSrvaGCxfNx9M/WkaI8JvDsEL19ASBYqu3bOV2bCutPgbfP
+   Bd1C6N8fNNzJ7hPSVAqz980TtfmgK+dj4NqhEw5AaVxy4+9IVGt6JhYAT8F//ATK
+   xfAe44nD1Bj8UGN+seYwEk7dKaCd703yP6CNu9447k/3xkvtwcwtL40Kqmza6913
+   B64HvQ2GjSaOdIAkaPq1ACy+2OI+S1kIvOTKBemHF3KMJf02+1ZdAhwJ4uJSnGDi
+   uVT8svHM779FgIUMZjOmdE8dI7jpRKsw3czgucG2r/EPYRVa1B8cQd9iq8Xw1/Ce
+   7CbgROAqmfboMupDgA+QEV9Nf2aAwqQTEs6yG5saOtoNiCULXwNmh18RPWhZhKqm
+   voXPxnZyZ2VsN3jlcFB2WG5lngf+r//d32QX8ptGQHmETXxIvMmRG2p2TS7PAthx
+   T45SNsbL5jNQFysjJQWTlGGYGjNGQJHtqhmiIwpUICoJNymGfYEkrg84QKo7+NdX
+   xZFd7HAAw9MdSl1tvkLX+uiFzl+2d/d+SvAxHD3qDitg/90tUDLAoAxmaYO3lmFy
+   kTuJUMVJLhkavp3LC2Q5K+mgevqlnw4h+sw2lY0a7RVLLnHc6/FVi/sC/Smu1u8u
+   019R3unx8faluUtqsRvlxAjtH1feQdIApy5FFp5m8t+Ixpe1QipBTN3Aa+g3bph0
+   hWw7u9JgPOja0lIJDDyGwWhyv4iCsII1OSKhHdLn3U34BCQ8nTY2DPqvojpRKg7u
+   PVnSPpbAdLnfSU3Z+x4eQZiZLKQ8LwcOnU6+J8S2Mneboj4t8chpblbFqXEX2GDy
+   jE6JffIAEtZan8bJyuD9lNJgr4raeyt2rqRLmpoY1Emk5HSioIjsgUTu92FeMp/b
+   YWP6Fc/rXHoYl5xR5kUW4BtiB+592H/XdJzPHJQx2kjzS4gh1NH5s0yENMOWYTar
+   0HJecZth4BF3SNDzElWcOvGWnMQj/fpkHgAq+aqXa2UCd4P/FaEXVUOuxy+vnHwe
+   qqigp/mWD19+DiTyv7WEe+o/AomHctLyigGFlR2zs3yLXSwNnDJ6YANpgMlEspwS
+   3ToM7PbcVC9vDfjKhGdAhvdVT1lr7IU0fYeMVppE6HkoKS6tbsokb9qtbvtvWCfz
+   I6342qm7BW6/SiZEx/Sl/DzF8qA3eLHM0xFR2kvHsn+5AB5ucy2ZOJF2W9XuwYSU
+   BPoRrmdIWKQYC8/MD5PtZMqUoEGvHl6jFpfbO6+RP6NakpA+q4Tl4xuDNyeKqOdD
+   9+XdE3acWR/r+JseircGaBDDkpjBElcYgZuLfqKrx1+G5i6t6gWopcNtLmVcuAWv
+   HVT854OIkNIUoqfnESODrczb3C5kjJ230df4V156qMbJBwwcJFtzf5ObyO3ycnd/
+   kNggIp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIDxcdKS4x
+   -----END CERTIFICATE-----
+
+     TODO insert ASN.1 Pretty Print for ML-KEM-768.pem
+
+Acknowledgments
+
+   TODO acknowledge.
+
+Authors' Addresses
+
+   Sean Turner
+   sn3rd
+   Email: sean@sn3rd.com
+
+
+   Panos Kampanakis
+   AWS
+   Email: kpanos@amazon.com
+
+
+   Jake Massimo
+   AWS
+   Email: jakemas@amazon.com
+
+
+   Bas Westerbaan
+   Cloudflare
+   Email: bas@westerbaan.name
diff --git a/seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.html b/seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.html
new file mode 100644
index 0000000..9ebd51d
--- /dev/null
+++ b/seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.html
@@ -0,0 +1,1597 @@
+<!DOCTYPE html>
+<html lang="en" class="Internet-Draft">
+<head>
+<meta charset="utf-8">
+<meta content="Common,Latin" name="scripts">
+<meta content="initial-scale=1.0" name="viewport">
+<title>Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet X.509 Public Key Infrastructure</title>
+<meta content="Sean Turner" name="author">
+<meta content="Panos Kampanakis" name="author">
+<meta content="Jake Massimo" name="author">
+<meta content="Bas Westerbaan" name="author">
+<meta content="
+       This document specifies algorithm identifiers and ASN.1 encoding format
+for the US NIST's PQC KEM (United States National Institute of Standards
+and Technology's Post Quantum Cryptography Key Encapsulation Mechanism)
+algorithms. The algorithms covered are Candidate TBD1. The
+encoding for public key and private key is also provided. 
+       [EDNOTE:
+This draft is not expected to be finalized before the NIST PQC Project
+has standardized PQ algorithms. After NIST has standardized its first
+algorithms, this document will replace TBD, with the appropriate
+algorithms and parameters before proceeding to ratification. The
+algorithm Candidate TBD1 has been added as an example in this draft, to
+provide a more detailed illustration of the content - it by no means
+indicates its inclusion in the final version. This specification will
+use object identifiers for the new algorithms that are assigned by NIST,
+and will use placeholders until these are released.] 
+    " name="description">
+<meta content="xml2rfc 3.25.0" name="generator">
+<meta content="Internet-Draft" name="keyword">
+<meta content="draft-turner-lamps-nist-pqc-kem-certificates-latest" name="ietf.draft">
+<!-- Generator version information:
+  xml2rfc 3.25.0
+    Python 3.12.7
+    ConfigArgParse 1.7
+    google-i18n-address 3.1.1
+    intervaltree 3.1.0
+    Jinja2 3.1.4
+    lxml 5.3.0
+    platformdirs 4.3.6
+    pycountry 22.3.5
+    PyYAML 6.0.1
+    requests 2.32.3
+    setuptools 70.3.0
+    wcwidth 0.2.13
+-->
+<link href="draft-turner-lamps-nist-pqc-kem-certificates.xml" rel="alternate" type="application/rfc+xml">
+<link href="#copyright" rel="license">
+<style type="text/css">@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-vietnamese.woff2') format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+1EA0-1EF9, U+20AB;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+
+@font-face {
+  font-family: 'Lora';
+  font-style: italic;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Italic'), local('Lora-Italic'), url('https://martinthomson.github.io/rfc-css/fonts/lora-italic-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-cyrillic.woff2') format('woff2');
+  unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-vietnamese.woff2') format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+1EA0-1EF9, U+20AB;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Lora Regular'), local('Lora-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/lora-regular-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-cyrillic.woff2') format('woff2');
+  unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-vietnamese.woff2') format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+1EA0-1EF9, U+20AB;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 700;
+  font-display: swap;
+  src: local('Lora Bold'), local('Lora-Bold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-bold-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+@font-face {
+  font-family: 'Lora';
+  font-style: normal;
+  font-weight: 600;
+  font-display: swap;
+  src: local('Lora SemiBold'), local('Lora-SemiBold'), url('https://martinthomson.github.io/rfc-css/fonts/lora-semibold-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+@font-face {
+  font-family: 'Oxygen Mono';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Oxygen Mono'), local('OxygenMono-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/oxygenmono-regular-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Oxygen Mono';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: local('Oxygen Mono'), local('OxygenMono-Regular'), url('https://martinthomson.github.io/rfc-css/fonts/oxygenmono-regular-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-cyrillic.woff2') format('woff2');
+  unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-greek.woff2') format('woff2');
+  unicode-range: U+0370-0377, U+037A-037F, U+0384-038A, U+038C, U+038E-03A1, U+03A3-03FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: italic;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-italic-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-cyrillic-ext.woff2') format('woff2');
+  unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-cyrillic.woff2') format('woff2');
+  unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-greek.woff2') format('woff2');
+  unicode-range: U+0370-0377, U+037A-037F, U+0384-038A, U+038C, U+038E-03A1, U+03A3-03FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-latin-ext.woff2') format('woff2');
+  unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+@font-face {
+  font-family: 'Sofia Sans Semi Condensed';
+  font-style: normal;
+  font-weight: 1 1000;
+  src: url('https://martinthomson.github.io/rfc-css/fonts/sofiasanssemicondensed-regular-latin.woff2') format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+
+:root {
+  color-scheme: light dark;
+  --background-color: #fff;
+  --text-color: #222;
+  --title-color: #191919;
+  --link-color: #2a6496;
+  --highlight-color: #f9f9f9;
+  --line-color: #eee;
+  --pilcrow-weak: #ddd;
+  --pilcrow-strong: #bbb;
+  --small-font-size: 14.5px;
+  --font-mono: 'Oxygen Mono', monospace;
+  --font-title: "Sofia Sans Semi Condensed", sans-serif;
+  scrollbar-color: #bbb #eee;
+}
+body {
+  max-width: 600px;
+  margin: 75px auto;
+  padding: 0 5px;
+  color: var(--text-color);
+  background-color: var(--background-color);
+  font: 16px/22px "Lora", serif;
+  scroll-behavior: smooth;
+}
+
+.ears {
+  display: none;
+}
+
+/* headings */
+section {
+  clear: both;
+}
+.section-number {
+  padding-right: 0.5em;
+}
+h1, h2, h3, h4, h5, h6 {
+  font-family: var(--font-title);
+  font-weight: 680;
+  margin: 0.8em 0 0.3em;
+  font-size-adjust: 0.5;
+  color: var(--title-color);
+}
+h1#title {
+  font-size: 32px;
+  line-height: 40px;
+  clear: both;
+}
+h1#title, h1#rfcnum {
+  margin: 1.5em 0 0.2em;
+}
+h1#rfcnum + h1#title {
+  margin: 0.2em 0;
+}
+
+h1, h2, h3 {
+  font-size: 22px;
+  line-height: 27px;
+}
+h4, h5, h6 {
+  font-size: 20px;
+  line-height: 24px;
+}
+
+/* general structure */
+.author {
+  padding-bottom: 0.3em;
+  vertical-align: top;
+}
+#abstract+p {
+  font-size: 18px;
+  line-height: 24px;
+}
+#abstract+p code, #abstract+p samp, #abstract+p tt {
+  font-size: 16px;
+  line-height: 0;
+}
+
+p {
+  padding: 0;
+  margin: 0.5em 0;
+  text-align: left;
+}
+div {
+  margin: 0;
+}
+.alignRight.art-text {
+  background-color: var(--highlight-color);
+  border: 1px solid var(--line-color);
+  border-radius: 3px;
+  padding: 0.5em 1em 0;
+  margin-bottom: 0.5em;
+}
+.alignRight.art-text pre {
+  padding: 0;
+  width: auto;
+}
+.alignRight {
+  margin: 1em 0;
+}
+.alignRight > *:first-child {
+  border: none;
+  margin: 0;
+  float: right;
+  clear: both;
+}
+.alignRight > *:nth-child(2) {
+  clear: both;
+  display: block;
+  border: none;
+}
+svg {
+  display: block;
+}
+/* font-family isn't space-separated, but =~ will have to do */
+svg[font-family~="monospace" i], svg [font-family~="monospace" i] {
+  font-family: var(--font-mono);
+}
+.alignCenter.art-text {
+  background-color: var(--highlight-color);
+  border: 1px solid var(--line-color);
+  border-radius: 3px;
+  padding: 0.5em 1em 0;
+  margin-bottom: 0.5em;
+}
+.alignCenter.art-text pre {
+  padding: 0;
+  width: auto;
+}
+.alignCenter {
+  margin: 1em 0;
+}
+.alignCenter > *:first-child {
+  border: none;
+  /* this isn't optimal, but it's an existence proof.  PrinceXML doesn't
+     support flexbox yet.
+  */
+  display: table;
+  margin: 0 auto;
+}
+
+/* lists */
+ol, ul {
+  padding: 0;
+  margin: 0 0 0.5em 2em;
+  & :is(ol, ul) {
+    margin-left: 1em;
+  }
+}
+li {
+  margin: 0 0 0.25em 0;
+}
+ul.empty, .ulEmpty {
+  list-style-type: none;
+  & li {
+    margin-top: 0.5em;
+  }
+}
+:is(ul, ol).compact, .ulCompact, .olCompact {
+  margin: 0 0 0 2em;
+  & li {
+    margin: 0;
+    & :first-child { margin-top: 0; }
+    & :last-child { margin-bottom: 0; }
+  }
+}
+
+/* definition lists */
+dl {
+  clear: left;
+  --indent: 3ch;
+  /* --indent: attr(indent ch); not supported in any browser, but we can dream */
+  &.olPercent {
+    --indent: 5ch;
+    & > dt {
+      min-width: calc(var(--indent) - 2ch);
+    }
+  }
+  &.olPercent > dt {
+    float: none;
+  }
+
+  dl > dd > & {
+    margin-top: 0.5em;
+    margin-bottom: 0;
+  }
+}
+dl > dt {
+  float: left;
+  margin-right: 2ch;
+  min-width: 8ch;
+}
+dl > dd {
+  margin-bottom: .8em;
+  margin-left: var(--indent) !important; /* stupid element overrides */
+  min-height: 2ex;
+}
+:is(dl.compact, .dlCompact) > dd {
+  margin-bottom: 0;
+  & > :is(:first-child, .break:first-child + *) {
+    margin-top: 0;
+  }
+  & > :is(:last-child) {
+    margin-bottom: 0;
+  }
+}
+:is(dd, span).break {
+  display: none;
+}
+
+/* links */
+a, a[href].selfRef:hover {
+  text-decoration: none;
+}
+a[href] {
+  color: var(--link-color);
+}
+a[href].selfRef, .iref + a[href].internal {
+  color: var(--text-color);
+}
+a[href]:hover {
+  text-decoration: underline;
+}
+a[href].selfRef:hover {
+  background-color: var(--highlight-color);
+}
+a.xref:is(.cite, .auto), :is(#status-of-memo, #copyright) a {
+  white-space: nowrap;
+}
+
+/* Figures */
+tt, code, pre {
+  background-color: var(--highlight-color);
+  font: 14px/22px var(--font-mono);
+}
+tt, code {
+  /* changing the font for inline elements leads to different ascender
+     and descender heights; as we want to retain baseline alignment,
+     remove leading to avoid altering the final height of lines
+     note: this fails if these blocks take an entire line,
+     a different solution would be great */
+  line-height: 0;
+}
+:is(h1, h2, h3, h4, h5, h6) :is(tt, code) {
+  font-size: 84%;
+}
+pre {
+  border: 1px solid var(--line-color);
+  font-size: 13.5px;
+  line-height: 16px;
+  letter-spacing: -0.2px;
+  margin: 5px;
+  padding: 5px;
+}
+img {
+  max-width: 100%;
+}
+figure {
+  margin: 0.5em 0;
+  padding: 0;
+}
+figure blockquote {
+  margin: 0.8em 0.4em 0.4em;
+}
+figcaption, caption {
+  font-style: italic;
+  margin: 0.5em 1.5em;
+  text-align: left;
+  caption-side: bottom;
+}
+@media screen {
+  /* Auto-collapse boilerplate. */
+  :is(#status-of-memo, #copyright) p {
+    margin: -2px 0;
+    max-height: 0;
+    transition: max-height 2s ease, margin 0.5s ease 0.5s;
+    overflow: hidden;
+  }
+  :is(#status-of-memo, #copyright):hover p,
+  :is(#status-of-memo, #copyright) h2:target ~ p {
+    margin: 0.5em 0;
+    max-height: 500px;
+    overflow: auto;
+  }
+  pre, svg {
+    display: inline-block;
+    /* In the horizontal direction, sometimes people make over-sized figures.
+       Scrollbars for those is therefore necessary: auto adds them as necessary..
+       In the vertical direction, the line-height can combine with the font
+       asender/descender height to produce scrollbars: hidden avoids that. */
+    overflow: auto hidden;
+  }
+  pre {
+    max-width: 100%;
+    width: calc(100% - 22px - 1em);
+  }
+  svg {
+    max-width: calc(100% - 22px - 1em);
+  }
+  figure pre {
+    display: block;
+    width: calc(100% - 25px);
+  }
+  :is(pre, svg) + .pilcrow {
+    display: inline-block;
+    vertical-align: text-bottom;
+    padding-bottom: 8px;
+  }
+}
+
+/* aside, blockquote */
+aside, blockquote {
+  margin-left: 0;
+  padding: 0 2em;
+  font-style: italic;
+}
+blockquote {
+  margin: 1em 0;
+}
+cite {
+  display: block;
+  text-align: right;
+  font-style: italic;
+}
+
+/* tables */
+table {
+  width: auto;
+  max-width: 100%;
+  margin: 0 0 1em;
+  border-collapse: collapse;
+}
+table.right {
+  margin-left: auto;
+}
+table.center {
+  margin-left: auto;
+  margin-right: auto;
+}
+table.left {
+  margin-right: auto;
+}
+table .text-left {
+  text-align: left;
+}
+table .text-center {
+  text-align: center;
+}
+table .text-right {
+  text-align: right;
+}
+
+thead, tbody {
+  border: 1px solid var(--line-color);
+}
+th, td {
+  text-align: left;
+  vertical-align: top;
+  padding: 5px 10px;
+}
+th {
+  background-color: var(--line-color);
+}
+:is(tr:nth-child(2n), thead+tbody > tr:nth-child(2n+1)) > td {
+  background-color: var(--background-color);
+}
+:is(tr:nth-child(2n+1), thead+tbody > tr:nth-child(2n)) > td {
+  background-color: var(--highlight-color);
+}
+table caption {
+  margin: 0;
+  padding: 3px 0 3px 1em;
+}
+table p {
+  margin: 0;
+}
+
+/* pilcrow */
+a.pilcrow {
+  margin-left: 3px;
+  opacity: 0.2;
+  user-select: none;
+  &[href] {
+    color: var(--pilcrow-weak);
+    &:hover { text-decoration: none; }
+  }
+}
+@media not print {
+  :hover > a.pilcrow {
+    opacity: 1;
+  }
+  a.pilcrow[href]:hover {
+    color: var(--pilcrow-strong);
+    background-color: transparent;
+  }
+}
+@media print {
+  a.pilcrow {
+    display: none;
+  }
+}
+
+/* misc */
+hr {
+  border: 0;
+  border-top: 1px solid var(--line-color);
+}
+.bcp14 {
+  font-variant: small-caps;
+  font-weight: 600;
+  font-size: var(--small-font-size);
+}
+.role {
+  font-variant: all-small-caps;
+}
+sub, sup {
+  line-height: 1;
+  font-size: 80%;
+}
+
+/* info block */
+#identifiers {
+  margin: 0;
+  font-size: var(--small-font-size);
+  line-height: 18px;
+  --identifier-width: 15ch;
+  & dt {
+    width: var(--identifier-width);
+    min-width: var(--identifier-width);
+    clear: left;
+    float: left;
+    text-align: right;
+    margin-right: 1ch;
+  }
+  & dd {
+    margin: 0;
+    margin-left: calc(1em + var(--identifier-width)) !important;
+    min-width: 5em;
+  }
+  & .authors {
+    & .author {
+      display: inline-block;
+      margin-right: 1.5em;
+    }
+    & .org {
+      font-style: italic;
+    }
+  }
+}
+
+/* The prepared/rendered info at the very bottom of the page */
+.docInfo {
+  color: #999;
+  font-size: 0.9em;
+  font-style: italic;
+  margin-top: 2em;
+}
+.docInfo .prepared {
+  float: right;
+}
+
+/* table of contents */
+#toc {
+  padding: 0.75em 0 2em 0;
+  margin-bottom: 1em;
+
+  & nav {
+    & ul {
+      margin: 0 0.5em 0 0;
+      padding: 0;
+      list-style: none;
+    }
+    & li {
+      line-height: 1.3em;
+      margin: 2px 0;
+      padding-left: 1.2em;
+      text-indent: -1.2em;
+    }
+  }
+  & a.xref {
+    white-space: normal;
+  }
+}
+
+.references {
+  & > dt {
+    text-align: right;
+    font-weight: bold;
+    min-width: 10ch;
+    margin-right: 1.5ch;
+    &:target::before {
+      content: "⇒";
+      margin: 0 10px 0 -25px;
+    }
+  }
+  & > dd {
+    margin-left: 12ch !important;
+    overflow: visible;
+    & .refInstance {
+      margin-bottom: 0.8em;
+    }
+    & .ascii {
+      margin-bottom: 0.25em;
+    }
+  }
+}
+
+#rfc\.index\.index + ul {
+  margin-left: 0;
+}
+
+/* authors */
+address.vcard {
+  font-style: normal;
+  max-width: 20em;
+  margin: 1em auto 1em 0;
+
+  & .nameRole {
+    font-weight: 700;
+    margin-left: 0;
+  }
+  & .label {
+    margin: 0.5em 0;
+  }
+  & .type {
+    display: none;
+  }
+  & .alternative-contact {
+    margin: 0.5em 0 0.25em 0;
+  }
+  & .non-ascii {
+    margin: 0 0 0 2em;
+  }
+  & div.left {
+    text-align: left;
+  }
+  & div.right {
+    text-align: right;
+  }
+}
+
+hr.addr {
+  border-top: 1px dashed;
+  margin: 0;
+  color: #ddd;
+  max-width: calc(100% - 16px);
+}
+@media (min-width: 500px) {
+  #authors-addresses > section {
+    column-count: 2;
+    column-gap: 20px;
+  }
+  #authors-addresses > section > h2 {
+    column-span: all;
+  }
+  /* hack for break-inside: avoid-column */
+  #authors-addresses address {
+    display: inline-block;
+    break-inside: avoid-column;
+  }
+}
+
+/* Comments */
+.rfcEditorRemove p:first-of-type {
+  font-style: italic;
+}
+.cref {
+  background-color: rgba(249, 232, 105, 0.3);
+  padding: 2px 4px;
+}
+.crefSource {
+  font-style: italic;
+}
+
+@media screen {
+  #toc nav {
+    font-family: var(--font-title);
+    font-weight: 360;
+    & > ul { margin-bottom: 2em; }
+    & ul {
+      margin: 0 0 0 4px;
+      & :is(p, li) {
+        margin: 2px 0;
+      }
+    }
+  }
+  #toc a.toplink {
+    float: right;
+  }
+}
+@media not screen {
+  #toc a.toplink {
+    display: none;
+  }
+}
+
+
+/* TOC layout for smaller screens */
+@media screen and (max-width: 929px) {
+  #toc {
+    position: fixed;
+    z-index: 2;
+    top: 0;
+    right: 0;
+    padding: 1px 0 0 0;
+    margin: 0;
+    border-bottom: 1px solid #ccc;
+    opacity: 0.6;
+  }
+  #toc h2 {
+    margin: 0;
+    padding: 2px 0 2px 6px;
+    padding-right: 1em;
+    font-size: 18px;
+    line-height: 24px;
+    min-width: 190px;
+    text-align: right;
+    background-color: #444;
+    color: white;
+    cursor: pointer;
+    &::before { /* css hamburger */
+      float: right;
+      position: relative;
+      width: 1em;
+      height: 1px;
+      left: -164px;
+      margin: 8px 0 0 0;
+      background: white none repeat scroll 0 0;
+      box-shadow: 0 4px 0 0 white, 0 8px 0 0 white;
+      content: "";
+    }
+  }
+  #toc nav {
+    display: none;
+    background-color: var(--background-color);
+    padding: 0.5em 1em 1em;
+    overflow: auto;
+    overscroll-behavior: contain;
+    height: calc(100vh - 48px);
+    border-left: 1px solid #ddd;
+  }
+  #toc.active {
+    opacity: 1;
+    & nav { display: block; }
+  }
+  /* Make the collapsed ToC header render white on gray also when it's a link */
+  #toc h2 a,
+  #toc h2 a:is(:link, :focus, :hover),
+  #toc a.toplink,
+  #toc a.toplink:hover {
+    color: white;
+    background-color: #444;
+    text-decoration: none;
+  }
+  #toc a.toplink {
+    margin: 2px 0.5em 0;
+  }
+}
+
+/* TOC layout for wide screens */
+@media screen and (min-width: 930px) {
+  body {
+    padding-right: 360px;
+    padding-right: calc(min(180px + 20%, 500px));
+  }
+  #toc {
+    position: fixed;
+    bottom: 0;
+    right: 0;
+    right: calc(50vw - 480px);
+    width: 312px;
+    margin: 0;
+    padding: 0;
+    z-index: 1;
+  }
+  #toc h2 {
+    margin: 0;
+    padding: 0.25em 1em 1em 0;
+  }
+  #toc nav {
+    display: block;
+    height: calc(90vh - 84px);
+    bottom: 0;
+    padding: 0.5em 0 2em;
+    overflow: auto;
+    overscroll-behavior: contain;
+    scrollbar-width: thin;
+  }
+  img { /* future proofing */
+    max-width: 100%;
+    height: auto;
+  }
+  #toc a.toplink {
+    margin: 8px 0.5em 0;
+  }
+}
+
+/* pagination */
+@media print {
+  body {
+    width: 100%;
+  }
+  p {
+    orphans: 3;
+    widows: 3;
+  }
+  #n-copyright-notice {
+    border-bottom: none;
+  }
+  #toc, #n-introduction {
+    page-break-before: always;
+  }
+  #toc {
+    border-top: none;
+    padding-top: 0;
+  }
+  figure, pre, .vcard {
+    page-break-inside: avoid;
+  }
+  h1, h2, h3, h4, h5, h6 {
+    page-break-after: avoid;
+  }
+  :is(h2, h3, h4, h5, h6)+*, dd {
+    page-break-before: avoid;
+  }
+  pre {
+    white-space: pre-wrap;
+    word-wrap: break-word;
+    font-size: 10pt;
+  }
+  table {
+    border: 1px solid #ddd;
+  }
+  td {
+    border-top: 1px solid #ddd;
+  }
+}
+
+@page :first {
+  padding-top: 0;
+  @top-left {
+    content: normal;
+    border: none;
+  }
+  @top-center {
+    content: normal;
+    border: none;
+  }
+  @top-right {
+    content: normal;
+    border: none;
+  }
+}
+
+@page {
+  size: A4;
+  margin-bottom: 45mm;
+  padding-top: 20px;
+}
+
+/* Dark mode. */
+@media (prefers-color-scheme: dark) {
+:root {
+  --background-color: #121212;
+  --text-color: #f0f0f0;
+  --title-color: #fff;
+  --link-color: #4da4f0;
+  --highlight-color: #282828;
+  --line-color: #444;
+  --pilcrow-weak: #444;
+  --pilcrow-strong: #666;
+  scrollbar-color: #777 #333;
+}
+}
+
+/* SVG Trick: a prefix match works because only black and white are allowed */
+svg :is([stroke="black"], [stroke^="#000"]) {
+  stroke: var(--text-color);
+}
+svg :is([stroke="white"], [stroke^="#fff"]) {
+  stroke: var(--background-color);
+}
+svg :is([fill="black"], [fill^="#000"], :not([fill])) {
+  fill: var(--text-color);
+}
+svg :is([fill="white"], [fill^="#fff"]) {
+  fill: var(--background-color);
+}
+</style>
+
+</head>
+<body class="xml2rfc">
+<table class="ears">
+<thead><tr>
+<td class="left">Internet-Draft</td>
+<td class="center">PQC KEM for Certificates</td>
+<td class="right">December 2024</td>
+</tr></thead>
+<tfoot><tr>
+<td class="left">Turner, et al.</td>
+<td class="center">Expires 15 June 2025</td>
+<td class="right">[Page]</td>
+</tr></tfoot>
+</table>
+<div id="external-metadata" class="document-information"></div>
+<div id="internal-metadata" class="document-information">
+<dl id="identifiers">
+<dt class="label-workgroup">Workgroup:</dt>
+<dd class="workgroup">None</dd>
+<dt class="label-internet-draft">Internet-Draft:</dt>
+<dd class="internet-draft">draft-turner-lamps-nist-pqc-kem-certificates-latest</dd>
+<dt class="label-published">Published:</dt>
+<dd class="published">
+<time datetime="2024-12-12" class="published">12 December 2024</time>
+    </dd>
+<dt class="label-intended-status">Intended Status:</dt>
+<dd class="intended-status">Standards Track</dd>
+<dt class="label-expires">Expires:</dt>
+<dd class="expires"><time datetime="2025-06-15">15 June 2025</time></dd>
+<dt class="label-authors">Authors:</dt>
+<dd class="authors">
+<div class="author">
+      <div class="author-name">S. Turner</div>
+<div class="org">sn3rd</div>
+</div>
+<div class="author">
+      <div class="author-name">P. Kampanakis</div>
+<div class="org">AWS</div>
+</div>
+<div class="author">
+      <div class="author-name">J. Massimo</div>
+<div class="org">AWS</div>
+</div>
+<div class="author">
+      <div class="author-name">B. Westerbaan</div>
+<div class="org">Cloudflare</div>
+</div>
+</dd>
+</dl>
+</div>
+<h1 id="title">Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet X.509 Public Key Infrastructure</h1>
+<section id="section-abstract">
+      <h2 id="abstract"><a href="#abstract" class="selfRef">Abstract</a></h2>
+<p id="section-abstract-1">This document specifies algorithm identifiers and ASN.1 encoding format
+for the US NIST's PQC KEM (United States National Institute of Standards
+and Technology's Post Quantum Cryptography Key Encapsulation Mechanism)
+algorithms. The algorithms covered are Candidate TBD1. The
+encoding for public key and private key is also provided.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
+<p id="section-abstract-2">[EDNOTE:
+This draft is not expected to be finalized before the NIST PQC Project
+has standardized PQ algorithms. After NIST has standardized its first
+algorithms, this document will replace TBD, with the appropriate
+algorithms and parameters before proceeding to ratification. The
+algorithm Candidate TBD1 has been added as an example in this draft, to
+provide a more detailed illustration of the content - it by no means
+indicates its inclusion in the final version. This specification will
+use object identifiers for the new algorithms that are assigned by NIST,
+and will use placeholders until these are released.]<a href="#section-abstract-2" class="pilcrow">¶</a></p>
+</section>
+<section class="note rfcEditorRemove" id="section-note.1">
+      <h2 id="name-about-this-document">
+<a href="#name-about-this-document" class="section-name selfRef">About This Document</a>
+      </h2>
+<p id="section-note.1-1">This note is to be removed before publishing as an RFC.<a href="#section-note.1-1" class="pilcrow">¶</a></p>
+<p id="section-note.1-2">
+        Status information for this document may be found at <span><a href="https://datatracker.ietf.org/doc/draft-turner-lamps-nist-pqc-kem-certificates/">https://datatracker.ietf.org/doc/draft-turner-lamps-nist-pqc-kem-certificates/</a></span>.<a href="#section-note.1-2" class="pilcrow">¶</a></p>
+<p id="section-note.1-3">
+        Discussion of this document takes place on the
+        Limited Additional Mechanisms for PKIX and SMIME (lamps) Working Group mailing list (<span><a href="mailto:spasm@ietf.org">mailto:spasm@ietf.org</a></span>),
+        which is archived at <span><a href="https://mailarchive.ietf.org/arch/browse/spasm/">https://mailarchive.ietf.org/arch/browse/spasm/</a></span>.
+        Subscribe at <span><a href="https://www.ietf.org/mailman/listinfo/spasm/">https://www.ietf.org/mailman/listinfo/spasm/</a></span>.<a href="#section-note.1-3" class="pilcrow">¶</a></p>
+<p id="section-note.1-4">Source for this draft and an issue tracker can be found at
+        <span><a href="https://github.com/seanturner/draft-turner-lamps-nist-pqc-kem-certificates">https://github.com/seanturner/draft-turner-lamps-nist-pqc-kem-certificates</a></span>.<a href="#section-note.1-4" class="pilcrow">¶</a></p>
+</section>
+<div id="status-of-memo">
+<section id="section-boilerplate.1">
+        <h2 id="name-status-of-this-memo">
+<a href="#name-status-of-this-memo" class="section-name selfRef">Status of This Memo</a>
+        </h2>
+<p id="section-boilerplate.1-1">
+        This Internet-Draft is submitted in full conformance with the
+        provisions of BCP 78 and BCP 79.<a href="#section-boilerplate.1-1" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.1-2">
+        Internet-Drafts are working documents of the Internet Engineering Task
+        Force (IETF). Note that other groups may also distribute working
+        documents as Internet-Drafts. The list of current Internet-Drafts is
+        at <span><a href="https://datatracker.ietf.org/drafts/current/">https://datatracker.ietf.org/drafts/current/</a></span>.<a href="#section-boilerplate.1-2" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.1-3">
+        Internet-Drafts are draft documents valid for a maximum of six months
+        and may be updated, replaced, or obsoleted by other documents at any
+        time. It is inappropriate to use Internet-Drafts as reference
+        material or to cite them other than as "work in progress."<a href="#section-boilerplate.1-3" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.1-4">
+        This Internet-Draft will expire on 15 June 2025.<a href="#section-boilerplate.1-4" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="copyright">
+<section id="section-boilerplate.2">
+        <h2 id="name-copyright-notice">
+<a href="#name-copyright-notice" class="section-name selfRef">Copyright Notice</a>
+        </h2>
+<p id="section-boilerplate.2-1">
+            Copyright (c) 2024 IETF Trust and the persons identified as the
+            document authors. All rights reserved.<a href="#section-boilerplate.2-1" class="pilcrow">¶</a></p>
+<p id="section-boilerplate.2-2">
+            This document is subject to BCP 78 and the IETF Trust's Legal
+            Provisions Relating to IETF Documents
+            (<span><a href="https://trustee.ietf.org/license-info">https://trustee.ietf.org/license-info</a></span>) in effect on the date of
+            publication of this document. Please review these documents
+            carefully, as they describe your rights and restrictions with
+            respect to this document. Code Components extracted from this
+            document must include Revised BSD License text as described in
+            Section 4.e of the Trust Legal Provisions and are provided without
+            warranty as described in the Revised BSD License.<a href="#section-boilerplate.2-2" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="toc">
+<section id="section-toc.1">
+        <a href="#" onclick="scroll(0,0)" class="toplink">▲</a><h2 id="name-table-of-contents">
+<a href="#name-table-of-contents" class="section-name selfRef">Table of Contents</a>
+        </h2>
+<nav class="toc"><ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.1">
+            <p id="section-toc.1-1.1.1" class="keepWithNext"><a href="#section-1" class="auto internal xref">1</a>.  <a href="#name-introduction" class="internal xref">Introduction</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2">
+            <p id="section-toc.1-1.2.1" class="keepWithNext"><a href="#section-2" class="auto internal xref">2</a>.  <a href="#name-conventions-and-definitions" class="internal xref">Conventions and Definitions</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.3">
+            <p id="section-toc.1-1.3.1" class="keepWithNext"><a href="#section-3" class="auto internal xref">3</a>.  <a href="#name-algorithm-identifiers" class="internal xref">Algorithm Identifiers</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4">
+            <p id="section-toc.1-1.4.1"><a href="#section-4" class="auto internal xref">4</a>.  <a href="#name-candidate-tbd1" class="internal xref">Candidate TBD1</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.5">
+            <p id="section-toc.1-1.5.1"><a href="#section-5" class="auto internal xref">5</a>.  <a href="#name-subject-public-key-fields" class="internal xref">Subject Public Key Fields</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.6">
+            <p id="section-toc.1-1.6.1"><a href="#section-6" class="auto internal xref">6</a>.  <a href="#name-key-usage-bits" class="internal xref">Key Usage Bits</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.7">
+            <p id="section-toc.1-1.7.1"><a href="#section-7" class="auto internal xref">7</a>.  <a href="#name-private-key-format" class="internal xref">Private Key Format</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.8">
+            <p id="section-toc.1-1.8.1"><a href="#section-8" class="auto internal xref">8</a>.  <a href="#name-asn1-module" class="internal xref">ASN.1 Module</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.9">
+            <p id="section-toc.1-1.9.1"><a href="#section-9" class="auto internal xref">9</a>.  <a href="#name-security-considerations" class="internal xref">Security Considerations</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.10">
+            <p id="section-toc.1-1.10.1"><a href="#section-10" class="auto internal xref">10</a>. <a href="#name-iana-considerations" class="internal xref">IANA Considerations</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11">
+            <p id="section-toc.1-1.11.1"><a href="#section-11" class="auto internal xref">11</a>. <a href="#name-references" class="internal xref">References</a></p>
+<ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11.2.1">
+                <p id="section-toc.1-1.11.2.1.1"><a href="#section-11.1" class="auto internal xref">11.1</a>.  <a href="#name-normative-references" class="internal xref">Normative References</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.11.2.2">
+                <p id="section-toc.1-1.11.2.2.1"><a href="#section-11.2" class="auto internal xref">11.2</a>.  <a href="#name-informative-references" class="internal xref">Informative References</a></p>
+</li>
+            </ul>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12">
+            <p id="section-toc.1-1.12.1"><a href="#appendix-A" class="auto internal xref"></a><a href="#name-acknowledgments" class="internal xref">Acknowledgments</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.13">
+            <p id="section-toc.1-1.13.1"><a href="#appendix-B" class="auto internal xref"></a><a href="#name-authors-addresses" class="internal xref">Authors' Addresses</a></p>
+</li>
+        </ul>
+</nav>
+</section>
+</div>
+<div id="introduction">
+<section id="section-1">
+      <h2 id="name-introduction">
+<a href="#section-1" class="section-number selfRef">1. </a><a href="#name-introduction" class="section-name selfRef">Introduction</a>
+      </h2>
+<p id="section-1-1">The US NIST PQC Project has selected the Candidate TBD1
+algorithms as winners of their PQC Project <span>[<a href="#PQCProj" class="cite xref">PQCProj</a>]</span>. These
+algorithms are KEM algorithms. NIST has also defined object identifiers
+for these algorithms (TODO insert reference).<a href="#section-1-1" class="pilcrow">¶</a></p>
+<p id="section-1-2">This document specifies the use of the Candidate TBD1
+algorithms in X.509 public key certifiates, see <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span>.
+It also specifies private key encoding.
+An ASN.1 module is included for reference purposes.<a href="#section-1-2" class="pilcrow">¶</a></p>
+<p id="section-1-3">These certificates could be used as Issuers in CMS where the public key
+is used to encapsulate a shared secret used to derive a symmetric key
+used to encrypt content in CMS
+[EDNOTE: Add reference draft-perret-prat-lamps-cms-pq-kem].
+To be used in TLS, these certificates could only be used as end-entity
+identity certificates and would require significant updates to the
+protocol
+[EDNOTE: Add reference draft-celi-wiggers-tls-authkem].<a href="#section-1-3" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="conventions-and-definitions">
+<section id="section-2">
+      <h2 id="name-conventions-and-definitions">
+<a href="#section-2" class="section-number selfRef">2. </a><a href="#name-conventions-and-definitions" class="section-name selfRef">Conventions and Definitions</a>
+      </h2>
+<p id="section-2-1">The key words "<span class="bcp14">MUST</span>", "<span class="bcp14">MUST NOT</span>", "<span class="bcp14">REQUIRED</span>", "<span class="bcp14">SHALL</span>", "<span class="bcp14">SHALL NOT</span>", "<span class="bcp14">SHOULD</span>", "<span class="bcp14">SHOULD NOT</span>", "<span class="bcp14">RECOMMENDED</span>", "<span class="bcp14">NOT RECOMMENDED</span>",
+"<span class="bcp14">MAY</span>", and "<span class="bcp14">OPTIONAL</span>" in this document are to be interpreted as
+described in BCP 14 <span>[<a href="#RFC2119" class="cite xref">RFC2119</a>]</span> <span>[<a href="#RFC8174" class="cite xref">RFC8174</a>]</span> when, and only when, they
+appear in all capitals, as shown here.<a href="#section-2-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="algorithm-identifiers">
+<section id="section-3">
+      <h2 id="name-algorithm-identifiers">
+<a href="#section-3" class="section-number selfRef">3. </a><a href="#name-algorithm-identifiers" class="section-name selfRef">Algorithm Identifiers</a>
+      </h2>
+<p id="section-3-1">Certificates conforming to <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> can convey a public key for any
+public key algorithm. The certificate indicates the algorithm through
+an algorithm identifier. An algorithm identifier consists of an object
+identifier and optional parameters.<a href="#section-3-1" class="pilcrow">¶</a></p>
+<p id="section-3-2">The AlgorithmIdentifier type, which is included herein for convenience,
+is defined as follows:<a href="#section-3-2" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-3-3">
+<pre>
+   AlgorithmIdentifier  ::=  SEQUENCE  {
+       algorithm   OBJECT IDENTIFIER,
+       parameters  ANY DEFINED BY algorithm OPTIONAL
+   }
+</pre><a href="#section-3-3" class="pilcrow">¶</a>
+</div>
+<aside id="section-3-4">
+        <p id="section-3-4.1">NOTE: The above syntax is from <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> and matches the version used
+therein, i.e., the 1988 ASN.1 syntax. See <span>[<a href="#RFC5912" class="cite xref">RFC5912</a>]</span> for ASN.1
+copmatible with the 2015 ASN.1 syntax.<a href="#section-3-4.1" class="pilcrow">¶</a></p>
+</aside>
+<p id="section-3-5">The fields in AlgorithmIdentifier have the following meanings:<a href="#section-3-5" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-3-6.1">
+          <p id="section-3-6.1.1">algorithm identifies the cryptographic algorithm with an object
+identifier. XXX such OIDs are defined in Sections <a href="#candidate-TBD1" class="auto internal xref">Section 4</a>.<a href="#section-3-6.1.1" class="pilcrow">¶</a></p>
+</li>
+        <li class="normal" id="section-3-6.2">
+          <p id="section-3-6.2.1">parameters, which are optional, are the associated parameters for
+the algorithm identifier in the algorithm field.<a href="#section-3-6.2.1" class="pilcrow">¶</a></p>
+</li>
+      </ul>
+<p id="section-3-7">In this document, TODO (specify number) new OIDs for identifying the
+different algorithm and parameter pairs. For all of the object
+identifiers, the parameters <span class="bcp14">MUST</span> be absent.<a href="#section-3-7" class="pilcrow">¶</a></p>
+<p id="section-3-8">It is possible to find systems that require the parameters to be
+present. This can be due to either a defect in the original 1997
+syntax or a programming error where developers never got input where
+this was not true. The optimal solution is to fix these systems;
+where this is not possible, the problem needs to be restricted to
+that subsystem and not propagated to the Internet.<a href="#section-3-8" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="candidate-TBD1">
+<section id="section-4">
+      <h2 id="name-candidate-tbd1">
+<a href="#section-4" class="section-number selfRef">4. </a><a href="#name-candidate-tbd1" class="section-name selfRef">Candidate TBD1</a>
+      </h2>
+<p id="section-4-1">TODO insert object-identifiers<a href="#section-4-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="subject-public-key-fields">
+<section id="section-5">
+      <h2 id="name-subject-public-key-fields">
+<a href="#section-5" class="section-number selfRef">5. </a><a href="#name-subject-public-key-fields" class="section-name selfRef">Subject Public Key Fields</a>
+      </h2>
+<p id="section-5-1">In the X.509 certificate, the subjectPublicKeyInfo field has the
+SubjectPublicKeyInfo type, which has the following ASN.1 syntax:<a href="#section-5-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-5-2">
+<pre>
+  SubjectPublicKeyInfo  ::=  SEQUENCE  {
+      algorithm         AlgorithmIdentifier,
+      subjectPublicKey  BIT STRING
+  }
+</pre><a href="#section-5-2" class="pilcrow">¶</a>
+</div>
+<aside id="section-5-3">
+        <p id="section-5-3.1">NOTE: The above syntax is from <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> and matches the version used
+therein, i.e., the 1988 ASN.1 syntax. See <span>[<a href="#RFC5912" class="cite xref">RFC5912</a>]</span> for ASN.1
+copmatible with the 2015 ASN.1 syntax.<a href="#section-5-3.1" class="pilcrow">¶</a></p>
+</aside>
+<p id="section-5-4">The fields in SubjectPublicKeyInfo have the following meanings:<a href="#section-5-4" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-5-5.1">
+          <p id="section-5-5.1.1">algorithm is the algorithm identifier and parameters for the
+public key (see above).<a href="#section-5-5.1.1" class="pilcrow">¶</a></p>
+</li>
+        <li class="normal" id="section-5-5.2">
+          <p id="section-5-5.2.1">subjectPublicKey contains the byte stream of the public key.  The
+algorithms defined in this document always encode the public key
+as TODO pick format e.g., exact multiple of 8 bits?.<a href="#section-5-5.2.1" class="pilcrow">¶</a></p>
+</li>
+      </ul>
+<p id="section-5-6">The following is an example of a TBD public key encoded using the
+textual encoding defined in <span>[<a href="#RFC7468" class="cite xref">RFC7468</a>]</span>.<a href="#section-5-6" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-5-7">
+<pre>
+  -----BEGIN PUBLIC KEY-----
+  TODO insert example public key
+  -----END PUBLIC KEY-------
+</pre><a href="#section-5-7" class="pilcrow">¶</a>
+</div>
+</section>
+</div>
+<div id="key-usage-bits">
+<section id="section-6">
+      <h2 id="name-key-usage-bits">
+<a href="#section-6" class="section-number selfRef">6. </a><a href="#name-key-usage-bits" class="section-name selfRef">Key Usage Bits</a>
+      </h2>
+<p id="section-6-1">The intended application for the key is indicated in the keyUsage
+certificate extension; see <span><a href="https://rfc-editor.org/rfc/rfc5280#section-4.2.1.3" class="relref">Section 4.2.1.3</a> of [<a href="#RFC5280" class="cite xref">RFC5280</a>]</span>.<a href="#section-6-1" class="pilcrow">¶</a></p>
+<p id="section-6-2">If the keyUsage extension is present in a certificate that indicates
+Candidate TBD1 in SubjectPublicKeyInfo, then the following
+<span class="bcp14">MUST</span> be present:<a href="#section-6-2" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-6-3">
+<pre>
+  keyEncipherment;
+</pre><a href="#section-6-3" class="pilcrow">¶</a>
+</div>
+</section>
+</div>
+<div id="private-key-format">
+<section id="section-7">
+      <h2 id="name-private-key-format">
+<a href="#section-7" class="section-number selfRef">7. </a><a href="#name-private-key-format" class="section-name selfRef">Private Key Format</a>
+      </h2>
+<p id="section-7-1">"Asymmetric Key Packages" <span>[<a href="#RFC5958" class="cite xref">RFC5958</a>]</span> describes how to encode a private
+key in a structure that both identifies what algorithm the private key
+is for and allows for the public key and additional attributes about the
+key to be included as well. For illustration, the ASN.1 structure
+OneAsymmetricKey is replicated below. The algorithm-specific details of
+how a private key is encoded are left for the document describing the
+algorithm itself.<a href="#section-7-1" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-7-2">
+<pre>
+  OneAsymmetricKey ::= SEQUENCE {
+      version                  Version,
+      privateKeyAlgorithm      PrivateKeyAlgorithmIdentifier,
+      privateKey               PrivateKey,
+      attributes           [0] IMPLICIT Attributes OPTIONAL,
+      ...,
+      [[2: publicKey       [1] IMPLICIT PublicKey OPTIONAL ]],
+      ...
+  }
+
+  PrivateKey ::= OCTET STRING
+
+  PublicKey ::= BIT STRING
+</pre><a href="#section-7-2" class="pilcrow">¶</a>
+</div>
+<aside id="section-7-3">
+        <p id="section-7-3.1">NOTE: The above syntax is from <span>[<a href="#RFC5958" class="cite xref">RFC5958</a>]</span> and matches the version used
+therein, i.e., the 2002 ASN.1 syntax. The syntax used therein is
+compatible with the 2015 ASN.1 syntax.<a href="#section-7-3.1" class="pilcrow">¶</a></p>
+</aside>
+<p id="section-7-4">For the keys defined in this document, the private key is always an
+opaque byte sequence. The ASN.1 type PqckemPrivateKey is defined in
+this document to hold the byte sequence. Thus, when encoding a
+OneAsymmetricKey object, the private key is wrapped in a
+PqckemPrivateKey object and wrapped by the OCTET STRING of the
+"privateKey" field.<a href="#section-7-4" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-7-5">
+<pre>
+  PqckemPrivateKey ::= OCTET STRING
+</pre><a href="#section-7-5" class="pilcrow">¶</a>
+</div>
+<p id="section-7-6">The following is an example of a TBD private key encoded using the
+textual encoding defined in <span>[<a href="#RFC7468" class="cite xref">RFC7468</a>]</span>.<a href="#section-7-6" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-7-7">
+<pre>
+  -----BEGIN PRIVATE KEY-----
+  TODO iser example private key
+  -----END PRIVATE KEY-------
+</pre><a href="#section-7-7" class="pilcrow">¶</a>
+</div>
+<p id="section-7-8">The following example, in addition to encoding the TBD private key,
+has an attribute included as well as the public key. As with the
+prior example, the textual encoding defined in <span>[<a href="#RFC7468" class="cite xref">RFC7468</a>]</span> is used.<a href="#section-7-8" class="pilcrow">¶</a></p>
+<div class="alignLeft art-text artwork" id="section-7-9">
+<pre>
+  -----BEGIN PRIVATE KEY-----
+  TODO insert example private key with attribute
+  -----END PRIVATE KEY-------
+</pre><a href="#section-7-9" class="pilcrow">¶</a>
+</div>
+<aside id="section-7-10">
+        <p id="section-7-10.1">NOTE: There exist some private key import functions that have not
+implemented the new ASN.1 structure OneAsymmetricKey that is defined in
+<span>[<a href="#RFC5958" class="cite xref">RFC5958</a>]</span>. This means that they will not accept a private key
+structure that contains the public key field.  This means a balancing
+act needs to be done between being able to do a consistency check on the
+key pair and widest ability to import the key.<a href="#section-7-10.1" class="pilcrow">¶</a></p>
+</aside>
+</section>
+</div>
+<div id="asn1-module">
+<section id="section-8">
+      <h2 id="name-asn1-module">
+<a href="#section-8" class="section-number selfRef">8. </a><a href="#name-asn1-module" class="section-name selfRef">ASN.1 Module</a>
+      </h2>
+<p id="section-8-1">TODO ASN.1 Module<a href="#section-8-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="security-considerations">
+<section id="section-9">
+      <h2 id="name-security-considerations">
+<a href="#section-9" class="section-number selfRef">9. </a><a href="#name-security-considerations" class="section-name selfRef">Security Considerations</a>
+      </h2>
+<p id="section-9-1">The Security Considerations section of <span>[<a href="#RFC5280" class="cite xref">RFC5280</a>]</span> applies to this specification as well.<a href="#section-9-1" class="pilcrow">¶</a></p>
+<p id="section-9-2">[EDNOTE: Discuss side-channels for Candidate TBD1.]<a href="#section-9-2" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="iana-considerations">
+<section id="section-10">
+      <h2 id="name-iana-considerations">
+<a href="#section-10" class="section-number selfRef">10. </a><a href="#name-iana-considerations" class="section-name selfRef">IANA Considerations</a>
+      </h2>
+<p id="section-10-1">This document will have some IANA actions.<a href="#section-10-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="sec-combined-references">
+<section id="section-11">
+      <h2 id="name-references">
+<a href="#section-11" class="section-number selfRef">11. </a><a href="#name-references" class="section-name selfRef">References</a>
+      </h2>
+<div id="sec-normative-references">
+<section id="section-11.1">
+        <h3 id="name-normative-references">
+<a href="#section-11.1" class="section-number selfRef">11.1. </a><a href="#name-normative-references" class="section-name selfRef">Normative References</a>
+        </h3>
+<dl class="references">
+<dt id="RFC2119">[RFC2119]</dt>
+        <dd>
+<span class="refAuthor">Bradner, S.</span>, <span class="refTitle">"Key words for use in RFCs to Indicate Requirement Levels"</span>, <span class="seriesInfo">BCP 14</span>, <span class="seriesInfo">RFC 2119</span>, <span class="seriesInfo">DOI 10.17487/RFC2119</span>, <time datetime="1997-03" class="refDate">March 1997</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc2119">https://www.rfc-editor.org/rfc/rfc2119</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC5280">[RFC5280]</dt>
+        <dd>
+<span class="refAuthor">Cooper, D.</span>, <span class="refAuthor">Santesson, S.</span>, <span class="refAuthor">Farrell, S.</span>, <span class="refAuthor">Boeyen, S.</span>, <span class="refAuthor">Housley, R.</span>, and <span class="refAuthor">W. Polk</span>, <span class="refTitle">"Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile"</span>, <span class="seriesInfo">RFC 5280</span>, <span class="seriesInfo">DOI 10.17487/RFC5280</span>, <time datetime="2008-05" class="refDate">May 2008</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5280">https://www.rfc-editor.org/rfc/rfc5280</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC5912">[RFC5912]</dt>
+        <dd>
+<span class="refAuthor">Hoffman, P.</span> and <span class="refAuthor">J. Schaad</span>, <span class="refTitle">"New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)"</span>, <span class="seriesInfo">RFC 5912</span>, <span class="seriesInfo">DOI 10.17487/RFC5912</span>, <time datetime="2010-06" class="refDate">June 2010</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5912">https://www.rfc-editor.org/rfc/rfc5912</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC5958">[RFC5958]</dt>
+        <dd>
+<span class="refAuthor">Turner, S.</span>, <span class="refTitle">"Asymmetric Key Packages"</span>, <span class="seriesInfo">RFC 5958</span>, <span class="seriesInfo">DOI 10.17487/RFC5958</span>, <time datetime="2010-08" class="refDate">August 2010</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5958">https://www.rfc-editor.org/rfc/rfc5958</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC8174">[RFC8174]</dt>
+      <dd>
+<span class="refAuthor">Leiba, B.</span>, <span class="refTitle">"Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words"</span>, <span class="seriesInfo">BCP 14</span>, <span class="seriesInfo">RFC 8174</span>, <span class="seriesInfo">DOI 10.17487/RFC8174</span>, <time datetime="2017-05" class="refDate">May 2017</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8174">https://www.rfc-editor.org/rfc/rfc8174</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+</dl>
+</section>
+</div>
+<div id="sec-informative-references">
+<section id="section-11.2">
+        <h3 id="name-informative-references">
+<a href="#section-11.2" class="section-number selfRef">11.2. </a><a href="#name-informative-references" class="section-name selfRef">Informative References</a>
+        </h3>
+<dl class="references">
+<dt id="PQCProj">[PQCProj]</dt>
+        <dd>
+<span class="refAuthor">National Institute of Standards and Technology</span>, <span class="refTitle">"Post-Quantum Cryptography Project"</span>, <time datetime="2016-12-20" class="refDate">20 December 2016</time>, <span>&lt;<a href="https://csrc.nist.gov/projects/post-quantum-cryptography">https://csrc.nist.gov/projects/post-quantum-cryptography</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+<dt id="RFC7468">[RFC7468]</dt>
+      <dd>
+<span class="refAuthor">Josefsson, S.</span> and <span class="refAuthor">S. Leonard</span>, <span class="refTitle">"Textual Encodings of PKIX, PKCS, and CMS Structures"</span>, <span class="seriesInfo">RFC 7468</span>, <span class="seriesInfo">DOI 10.17487/RFC7468</span>, <time datetime="2015-04" class="refDate">April 2015</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc7468">https://www.rfc-editor.org/rfc/rfc7468</a>&gt;</span>. </dd>
+<dd class="break"></dd>
+</dl>
+</section>
+</div>
+</section>
+</div>
+<div id="acknowledgments">
+<section id="appendix-A">
+      <h2 id="name-acknowledgments">
+<a href="#name-acknowledgments" class="section-name selfRef">Acknowledgments</a>
+      </h2>
+<p id="appendix-A-1">TODO acknowledge.<a href="#appendix-A-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="authors-addresses">
+<section id="appendix-B">
+      <h2 id="name-authors-addresses">
+<a href="#name-authors-addresses" class="section-name selfRef">Authors' Addresses</a>
+      </h2>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Sean Turner</span></div>
+<div dir="auto" class="left"><span class="org">sn3rd</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:sean@sn3rd.com" class="email">sean@sn3rd.com</a>
+</div>
+</address>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Panos Kampanakis</span></div>
+<div dir="auto" class="left"><span class="org">AWS</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:kpanos@amazon.com" class="email">kpanos@amazon.com</a>
+</div>
+</address>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Jake Massimo</span></div>
+<div dir="auto" class="left"><span class="org">AWS</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:jakemas@amazon.com" class="email">jakemas@amazon.com</a>
+</div>
+</address>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Bas Westerbaan</span></div>
+<div dir="auto" class="left"><span class="org">Cloudflare</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:bas@westerbaan.name" class="email">bas@westerbaan.name</a>
+</div>
+</address>
+</section>
+</div>
+<script>const toc = document.getElementById("toc");
+toc.querySelector("h2").addEventListener("click", e => {
+  toc.classList.toggle("active");
+});
+toc.querySelector("nav").addEventListener("click", e => {
+  toc.classList.remove("active");
+});
+</script>
+</body>
+</html>
diff --git a/seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.txt b/seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.txt
new file mode 100644
index 0000000..cdf8820
--- /dev/null
+++ b/seanturner-cert-examples/draft-turner-lamps-nist-pqc-kem-certificates.txt
@@ -0,0 +1,354 @@
+
+
+
+
+None                                                           S. Turner
+Internet-Draft                                                     sn3rd
+Intended status: Standards Track                           P. Kampanakis
+Expires: 15 June 2025                                         J. Massimo
+                                                                     AWS
+                                                           B. Westerbaan
+                                                              Cloudflare
+                                                        12 December 2024
+
+
+Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet
+                    X.509 Public Key Infrastructure
+          draft-turner-lamps-nist-pqc-kem-certificates-latest
+
+Abstract
+
+   This document specifies algorithm identifiers and ASN.1 encoding
+   format for the US NIST's PQC KEM (United States National Institute of
+   Standards and Technology's Post Quantum Cryptography Key
+   Encapsulation Mechanism) algorithms.  The algorithms covered are
+   Candidate TBD1.  The encoding for public key and private key is also
+   provided.
+
+   [EDNOTE: This draft is not expected to be finalized before the NIST
+   PQC Project has standardized PQ algorithms.  After NIST has
+   standardized its first algorithms, this document will replace TBD,
+   with the appropriate algorithms and parameters before proceeding to
+   ratification.  The algorithm Candidate TBD1 has been added as an
+   example in this draft, to provide a more detailed illustration of the
+   content - it by no means indicates its inclusion in the final
+   version.  This specification will use object identifiers for the new
+   algorithms that are assigned by NIST, and will use placeholders until
+   these are released.]
+
+About This Document
+
+   This note is to be removed before publishing as an RFC.
+
+   Status information for this document may be found at
+   https://datatracker.ietf.org/doc/draft-turner-lamps-nist-pqc-kem-
+   certificates/.
+
+   Discussion of this document takes place on the Limited Additional
+   Mechanisms for PKIX and SMIME (lamps) Working Group mailing list
+   (mailto:spasm@ietf.org), which is archived at
+   https://mailarchive.ietf.org/arch/browse/spasm/.  Subscribe at
+   https://www.ietf.org/mailman/listinfo/spasm/.
+
+   Source for this draft and an issue tracker can be found at
+   https://github.com/seanturner/draft-turner-lamps-nist-pqc-kem-
+   certificates.
+
+Status of This Memo
+
+   This Internet-Draft is submitted in full conformance with the
+   provisions of BCP 78 and BCP 79.
+
+   Internet-Drafts are working documents of the Internet Engineering
+   Task Force (IETF).  Note that other groups may also distribute
+   working documents as Internet-Drafts.  The list of current Internet-
+   Drafts is at https://datatracker.ietf.org/drafts/current/.
+
+   Internet-Drafts are draft documents valid for a maximum of six months
+   and may be updated, replaced, or obsoleted by other documents at any
+   time.  It is inappropriate to use Internet-Drafts as reference
+   material or to cite them other than as "work in progress."
+
+   This Internet-Draft will expire on 15 June 2025.
+
+Copyright Notice
+
+   Copyright (c) 2024 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents (https://trustee.ietf.org/
+   license-info) in effect on the date of publication of this document.
+   Please review these documents carefully, as they describe your rights
+   and restrictions with respect to this document.  Code Components
+   extracted from this document must include Revised BSD License text as
+   described in Section 4.e of the Trust Legal Provisions and are
+   provided without warranty as described in the Revised BSD License.
+
+Table of Contents
+
+   1.  Introduction
+   2.  Conventions and Definitions
+   3.  Algorithm Identifiers
+   4.  Candidate TBD1
+   5.  Subject Public Key Fields
+   6.  Key Usage Bits
+   7.  Private Key Format
+   8.  ASN.1 Module
+   9.  Security Considerations
+   10. IANA Considerations
+   11. References
+     11.1.  Normative References
+     11.2.  Informative References
+   Acknowledgments
+   Authors' Addresses
+
+1.  Introduction
+
+   The US NIST PQC Project has selected the Candidate TBD1 algorithms as
+   winners of their PQC Project [PQCProj].  These algorithms are KEM
+   algorithms.  NIST has also defined object identifiers for these
+   algorithms (TODO insert reference).
+
+   This document specifies the use of the Candidate TBD1 algorithms in
+   X.509 public key certifiates, see [RFC5280].  It also specifies
+   private key encoding.  An ASN.1 module is included for reference
+   purposes.
+
+   These certificates could be used as Issuers in CMS where the public
+   key is used to encapsulate a shared secret used to derive a symmetric
+   key used to encrypt content in CMS [EDNOTE: Add reference draft-
+   perret-prat-lamps-cms-pq-kem].  To be used in TLS, these certificates
+   could only be used as end-entity identity certificates and would
+   require significant updates to the protocol [EDNOTE: Add reference
+   draft-celi-wiggers-tls-authkem].
+
+2.  Conventions and Definitions
+
+   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+   "OPTIONAL" in this document are to be interpreted as described in
+   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
+   capitals, as shown here.
+
+3.  Algorithm Identifiers
+
+   Certificates conforming to [RFC5280] can convey a public key for any
+   public key algorithm.  The certificate indicates the algorithm
+   through an algorithm identifier.  An algorithm identifier consists of
+   an object identifier and optional parameters.
+
+   The AlgorithmIdentifier type, which is included herein for
+   convenience, is defined as follows:
+
+      AlgorithmIdentifier  ::=  SEQUENCE  {
+          algorithm   OBJECT IDENTIFIER,
+          parameters  ANY DEFINED BY algorithm OPTIONAL
+      }
+
+      |  NOTE: The above syntax is from [RFC5280] and matches the
+      |  version used therein, i.e., the 1988 ASN.1 syntax.  See
+      |  [RFC5912] for ASN.1 copmatible with the 2015 ASN.1 syntax.
+
+   The fields in AlgorithmIdentifier have the following meanings:
+
+   *  algorithm identifies the cryptographic algorithm with an object
+      identifier.  XXX such OIDs are defined in Sections Section 4.
+
+   *  parameters, which are optional, are the associated parameters for
+      the algorithm identifier in the algorithm field.
+
+   In this document, TODO (specify number) new OIDs for identifying the
+   different algorithm and parameter pairs.  For all of the object
+   identifiers, the parameters MUST be absent.
+
+   It is possible to find systems that require the parameters to be
+   present.  This can be due to either a defect in the original 1997
+   syntax or a programming error where developers never got input where
+   this was not true.  The optimal solution is to fix these systems;
+   where this is not possible, the problem needs to be restricted to
+   that subsystem and not propagated to the Internet.
+
+4.  Candidate TBD1
+
+   TODO insert object-identifiers
+
+5.  Subject Public Key Fields
+
+   In the X.509 certificate, the subjectPublicKeyInfo field has the
+   SubjectPublicKeyInfo type, which has the following ASN.1 syntax:
+
+     SubjectPublicKeyInfo  ::=  SEQUENCE  {
+         algorithm         AlgorithmIdentifier,
+         subjectPublicKey  BIT STRING
+     }
+
+      |  NOTE: The above syntax is from [RFC5280] and matches the
+      |  version used therein, i.e., the 1988 ASN.1 syntax.  See
+      |  [RFC5912] for ASN.1 copmatible with the 2015 ASN.1 syntax.
+
+   The fields in SubjectPublicKeyInfo have the following meanings:
+
+   *  algorithm is the algorithm identifier and parameters for the
+      public key (see above).
+
+   *  subjectPublicKey contains the byte stream of the public key.  The
+      algorithms defined in this document always encode the public key
+      as TODO pick format e.g., exact multiple of 8 bits?.
+
+   The following is an example of a TBD public key encoded using the
+   textual encoding defined in [RFC7468].
+
+     -----BEGIN PUBLIC KEY-----
+     TODO insert example public key
+     -----END PUBLIC KEY-------
+
+6.  Key Usage Bits
+
+   The intended application for the key is indicated in the keyUsage
+   certificate extension; see Section 4.2.1.3 of [RFC5280].
+
+   If the keyUsage extension is present in a certificate that indicates
+   Candidate TBD1 in SubjectPublicKeyInfo, then the following MUST be
+   present:
+
+     keyEncipherment;
+
+7.  Private Key Format
+
+   "Asymmetric Key Packages" [RFC5958] describes how to encode a private
+   key in a structure that both identifies what algorithm the private
+   key is for and allows for the public key and additional attributes
+   about the key to be included as well.  For illustration, the ASN.1
+   structure OneAsymmetricKey is replicated below.  The algorithm-
+   specific details of how a private key is encoded are left for the
+   document describing the algorithm itself.
+
+     OneAsymmetricKey ::= SEQUENCE {
+         version                  Version,
+         privateKeyAlgorithm      PrivateKeyAlgorithmIdentifier,
+         privateKey               PrivateKey,
+         attributes           [0] IMPLICIT Attributes OPTIONAL,
+         ...,
+         [[2: publicKey       [1] IMPLICIT PublicKey OPTIONAL ]],
+         ...
+     }
+
+     PrivateKey ::= OCTET STRING
+
+     PublicKey ::= BIT STRING
+
+      |  NOTE: The above syntax is from [RFC5958] and matches the
+      |  version used therein, i.e., the 2002 ASN.1 syntax.  The syntax
+      |  used therein is compatible with the 2015 ASN.1 syntax.
+
+   For the keys defined in this document, the private key is always an
+   opaque byte sequence.  The ASN.1 type PqckemPrivateKey is defined in
+   this document to hold the byte sequence.  Thus, when encoding a
+   OneAsymmetricKey object, the private key is wrapped in a
+   PqckemPrivateKey object and wrapped by the OCTET STRING of the
+   "privateKey" field.
+
+     PqckemPrivateKey ::= OCTET STRING
+
+   The following is an example of a TBD private key encoded using the
+   textual encoding defined in [RFC7468].
+
+     -----BEGIN PRIVATE KEY-----
+     TODO iser example private key
+     -----END PRIVATE KEY-------
+
+   The following example, in addition to encoding the TBD private key,
+   has an attribute included as well as the public key.  As with the
+   prior example, the textual encoding defined in [RFC7468] is used.
+
+     -----BEGIN PRIVATE KEY-----
+     TODO insert example private key with attribute
+     -----END PRIVATE KEY-------
+
+      |  NOTE: There exist some private key import functions that have
+      |  not implemented the new ASN.1 structure OneAsymmetricKey that
+      |  is defined in [RFC5958].  This means that they will not accept
+      |  a private key structure that contains the public key field.
+      |  This means a balancing act needs to be done between being able
+      |  to do a consistency check on the key pair and widest ability to
+      |  import the key.
+
+8.  ASN.1 Module
+
+   TODO ASN.1 Module
+
+9.  Security Considerations
+
+   The Security Considerations section of [RFC5280] applies to this
+   specification as well.
+
+   [EDNOTE: Discuss side-channels for Candidate TBD1.]
+
+10.  IANA Considerations
+
+   This document will have some IANA actions.
+
+11.  References
+
+11.1.  Normative References
+
+   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
+              Requirement Levels", BCP 14, RFC 2119,
+              DOI 10.17487/RFC2119, March 1997,
+              <https://www.rfc-editor.org/rfc/rfc2119>.
+
+   [RFC5280]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
+              Housley, R., and W. Polk, "Internet X.509 Public Key
+              Infrastructure Certificate and Certificate Revocation List
+              (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
+              <https://www.rfc-editor.org/rfc/rfc5280>.
+
+   [RFC5912]  Hoffman, P. and J. Schaad, "New ASN.1 Modules for the
+              Public Key Infrastructure Using X.509 (PKIX)", RFC 5912,
+              DOI 10.17487/RFC5912, June 2010,
+              <https://www.rfc-editor.org/rfc/rfc5912>.
+
+   [RFC5958]  Turner, S., "Asymmetric Key Packages", RFC 5958,
+              DOI 10.17487/RFC5958, August 2010,
+              <https://www.rfc-editor.org/rfc/rfc5958>.
+
+   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
+              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
+              May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.
+
+11.2.  Informative References
+
+   [PQCProj]  National Institute of Standards and Technology, "Post-
+              Quantum Cryptography Project", 20 December 2016,
+              <https://csrc.nist.gov/projects/post-quantum-
+              cryptography>.
+
+   [RFC7468]  Josefsson, S. and S. Leonard, "Textual Encodings of PKIX,
+              PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468,
+              April 2015, <https://www.rfc-editor.org/rfc/rfc7468>.
+
+Acknowledgments
+
+   TODO acknowledge.
+
+Authors' Addresses
+
+   Sean Turner
+   sn3rd
+   Email: sean@sn3rd.com
+
+
+   Panos Kampanakis
+   AWS
+   Email: kpanos@amazon.com
+
+
+   Jake Massimo
+   AWS
+   Email: jakemas@amazon.com
+
+
+   Bas Westerbaan
+   Cloudflare
+   Email: bas@westerbaan.name
diff --git a/seanturner-cert-examples/index.html b/seanturner-cert-examples/index.html
new file mode 100644
index 0000000..a52c097
--- /dev/null
+++ b/seanturner-cert-examples/index.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>lamps-wg/kyber-certificates seanturner-cert-examples preview</title>
+    <meta name="viewport" content="initial-scale=1.0">
+    <style type="text/css">/*<![CDATA[*/
+      body { font-family: "Helvetica Neue","Open Sans", Helvetica, Calibri,sans-serif; }
+      h1, h2, td { font-family: "Helvetica Neue", "Roboto Condensed", "Open Sans", Helvetica, Calibri, sans-serif; }
+      h1 { font-size: 20px; } h2 { font-size: 16px; }
+      table { margin: 5px 10px; border-collapse: collapse; }
+      th, td { font-weight: normal; text-align: left; padding: 2px 5px; }
+      a:link { color: #000; } a:visited { color: #00a; }
+    /*]]>*/</style>
+  </head>
+  <body>
+    <h1>Editor's drafts for seanturner-cert-examples branch of <a href="https://github.com/lamps-wg/kyber-certificates/tree/seanturner-cert-examples">lamps-wg/kyber-certificates</a></h1>
+    <table id="branch-seanturner-cert-examples">
+      <tr>
+        <td><a href="./draft-ietf-lamps-kyber-certificates.html" class="html draft-ietf-lamps-kyber-certificates" title="Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) (HTML)">ML-KEM in Certificates</a></td>
+        <td><a href="./draft-ietf-lamps-kyber-certificates.txt" class="txt draft-ietf-lamps-kyber-certificates" title="Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) (Text)">plain text</a></td>
+        <td>same as main</td>
+      </tr>
+      <tr>
+        <td><a href="./draft-turner-lamps-nist-pqc-kem-certificates.html" class="html draft-turner-lamps-nist-pqc-kem-certificates" title="Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet X.509 Public Key Infrastructure (HTML)">PQC KEM for Certificates</a></td>
+        <td><a href="./draft-turner-lamps-nist-pqc-kem-certificates.txt" class="txt draft-turner-lamps-nist-pqc-kem-certificates" title="Algorithm Identifiers for NIST's PQC Algorithms for Use in the Internet X.509 Public Key Infrastructure (Text)">plain text</a></td>
+        <td>same as main</td>
+      </tr>
+    </table>
+    <script>
+window.onload = function() {
+  var referrer_branch = 'main';
+  // e.g., "https://github.com/user/repo/tree/main"
+  var chunks = document.referrer.split("/");
+  if (chunks[2] === 'github.com' && chunks[5] === 'tree') {
+    referrer_branch = chunks[6];
+  }
+  let branch = document.querySelector('#branch-' + referrer_branch);
+  let h = document.location.hash.substring(1);
+  if (h === 'show') {
+    document.location.hash = '#' + branch.id;
+  } else if (branch && h.startsWith('go')) {
+    let e = branch.querySelector(h.substring(2));
+    if (e && e.href) {
+      document.location = e.href;
+    }
+  }
+};
+    </script>
+  </body>
+</html>