Internet X.509 Public Key Infrastructure -- Algorithm Identifiers for the Module-Lattice-Based Digital Signature Algorithm
RFC 9881, “Internet X.509 Public Key Infrastructure -- Algorithm Identifiers for the Module-Lattice-Based Digital Signature Algorithm”, is a Proposed Standard document published in October 2025 by J. Massimo, P. Kampanakis, S. Turner, B. E. Westerbaan. The canonical text is published by the RFC Editor.
Abstract
Digital signatures are used within X.509 certificates and Certificate Revocation Lists (CRLs), and to sign messages. This document specifies the conventions for using FIPS 204, the Module-Lattice-Based Digital Signature Algorithm (ML-DSA) in Internet X.509 certificates and CRLs. The conventions for the associated signatures, subject public keys, and private key are also described.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9881 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9882 Use of the ML-DSA Signature Algorithm in the Cryptographic Message Syntax
- RFC 9879 Use of Password-Based Message Authentication Code 1 in PKCS #12 Syntax
- RFC 9883 An Attribute for Statement of Possession of a Private Key
- RFC 9878 Updates to Private Header Extension Usage in Session Initiation Protocol Requests and Responses
- RFC 9884 Label Switched Path Ping for Segment Routing Path Segment Identifier with MPLS Data Plane
- RFC 9877 Registration Data Access Protocol Extension for Geofeed Data
- RFC 9885 Multi-Part TLVs in IS-IS
- RFC 9876 Updates to the IANA Registration Procedures for Constrained Application Protocol Content-Formats