From Public-Key Linting to Operational Post-Quantum X.509 Assurance for ML-KEM and ML-DSA: Registry-Driven Policy, Mutation-Based Evaluation, and Import Validation

翻译：从公钥审查到ML-KEM与ML-DSA的后量子X.509操作保障：基于注册表的策略、变异评估与导入验证

José Luis Delgado Jiménez

from arxiv, 48 pages, 13 figures, 32 tables, 6 appendices; includes artifact, reproducibility, and cross-tool evaluation appendices

Final FIPS and PKIX standards for ML-KEM and ML-DSA fix the normative floor, but operational assurance in post-quantum X.509 still depends on accountable checks across certificate-profile semantics, SubjectPublicKeyInfo representation, and private-key-container import. We present a workflow-centric assurance framework for ML-KEM and ML-DSA in the narrow executable profile pkix-core. The framework reifies 17 final-standards requirements into an assurance registry indexed by owner, stage, detector kind, normative strength, and mode-specific action; groups them into three operator gate packs; spans certificate/profile, SPKI/public-key, and private-key-container/import surfaces; and evaluates them through a frozen mutation-based corpus with bounded public-appendix and cross-tool supporting evidence. Across a controlled corpus of 48 artifacts (21 valid, 27 invalid), the artifact detects all expected invalid cases in both strict and deployable modes with zero false positives. Strict blocks all 17 active requirements; deployable preserves the same detection coverage while downgrading exactly one exercised ML-KEM canonicality condition from block to warning. On the importer-owned private-key surface, all 7 active requirements are covered, with 7/7 expected invalid detections and no open detector gaps. On a comparable certificate subset, a frozen JZLint baseline meets 5/10 expected invalid detections and fatally rejects 3 valid ML-KEM certificates, whereas the local artifact meets 10/10 with no fatal valid rejections. A bounded public appendix and a cross-tool matrix further show that parse acceptance and policy conformance diverge materially. Overall, the results support an operational X.509 assurance workflow for CA pre-issuance and private-key import that extends prior PQ public-key linting work.

翻译：ML-KEM和ML-DSA的最终FIPS与PKIX标准确立了规范基准，但在后量子X.509的实际操作中，保障仍依赖于对证书配置文件语义、SubjectPublicKeyInfo表示形式及私钥容器导入的可问责校验。我们针对窄可执行配置文件pkix-core中的ML-KEM和ML-DSA，提出了一套以工作流为核心的保障框架。该框架将17项最终标准需求具体化为一个保障注册表，按所有者、阶段、检测器类型、规范强度及模式特定操作进行索引，并归为三类操作者门控包，覆盖证书/配置文件、SPKI/公钥及私钥容器/导入三个层面，通过基于冻结突变语料库的评估（附带有限公开附录与跨工具支撑证据）进行检验。在一个包含48个工件（21个有效、27个无效）的受控语料库中，该工件在严格模式和可部署模式下均检测出所有预期的无效案例，且零误报。严格模式阻止所有17项活动需求；可部署模式在保持相同检测覆盖率的同时，仅将一条已执行的ML-KEM规范条件从阻止降级为警告。在导入者拥有的私钥层面，所有7项活动需求均被覆盖，实现7/7预期的无效检测且无检测器缺口。在可比较的证书子集上，冻结的JZLint基线达到5/10预期无效检测，并致命性拒绝3张有效ML-KEM证书；而本地工件则实现10/10检测且无致命性有效拒绝。有限公开附录与跨工具矩阵进一步表明，解析接受度与策略合规性存在实质性差异。总体而言，这些结果支持面向CA预签发与私钥导入的操作性X.509保障工作流，该工作流是对前期后量子公钥审查工作的拓展。