<?xml version="1.0" encoding="UTF-8"?>
<reference anchor="I-D.kaizer-dnsop-ml-dsa-mtl-dnssec" target="https://datatracker.ietf.org/doc/html/draft-kaizer-dnsop-ml-dsa-mtl-dnssec-00">
   <front>
      <title>Module-Lattice-Based Signatures with Merkle Tree Ladders (ML-DSA-MTL) for DNSSEC</title>
      <author initials="A." surname="Kaizer" fullname="Andrew Kaizer">
         <organization>Verisign Labs</organization>
      </author>
      <author initials="J." surname="Harvey" fullname="Joe Harvey">
         <organization>Verisign Labs</organization>
      </author>
      <author initials="B." surname="Kaliski" fullname="Burt Kaliski">
         <organization>Verisign Labs</organization>
      </author>
      <author initials="S." surname="Sheth" fullname="Swapneel Sheth">
         <organization>Verisign Labs</organization>
      </author>
      <date month="July" day="6" year="2026" />
      <abstract>
	 <t>   This document describes how to apply the Module-Lattice-Based Digital
   Signature Algorithm (ML-DSA) and Merkle Tree Ladders (MTL) as a
   conservative post-quantum cryptographic algorithm for DNS Security
   Extensions (DNSSEC).  This combination is referred to as the ML-DSA-
   MTL Signature scheme.  This document describes how to specify ML-DSA-
   MTL keys and signatures in DNSSEC, specifically for ML-DSA-44 with
   SHAKE-128.  This document also provides guidance for use of EDNS(0)
   in signature retrieval.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-kaizer-dnsop-ml-dsa-mtl-dnssec-00" />
   
</reference>
