{
  "draft": "draft-ietf-lamps-x509-shbs-13",
  "doc_id": "RFC9802",
  "title": "Use of the HSS and XMSS Hash-Based Signature Algorithms in Internet X.509 Public Key Infrastructure",
  "authors": [
    "D. Van Geest",
    "K. Bashiri",
    "S. Fluhrer",
    "S. Gazdag",
    "S. Kousidis"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "30",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "Limited Additional Mechanisms for PKIX and SMIME",
  "abstract": "This document specifies algorithm identifiers and ASN.1 encoding formats for the following stateful Hash-Based Signature (HBS) schemes: Hierarchical Signature System (HSS), eXtended Merkle Signature Scheme (XMSS), and XMSS^MT (a multi-tree variant of XMSS).  This specification applies to the Internet X.509 Public Key Infrastructure (PKI) when digital signatures are used to sign certificates and certificate revocation lists (CRLs).",
  "pub_date": "June 2025",
  "keywords": [
    "HSS",
    "LMS",
    "XMSS",
    "certificate",
    "X.509",
    "PKIX",
    "stateful",
    "hash-based"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9802",
  "errata_url": "https://www.rfc-editor.org/errata/rfc9802"
}