5. Key Usage Bits
This section preserves the RFC text for ML-KEM in PKIX, including algorithm identifiers, SubjectPublicKeyInfo, private key formats, ASN.1 objects, security considerations, and examples.
5. Key Usage Bits
The intended application for the key is indicated in the keyUsage
certificate extension; see Section 4.2.1.3 of [RFC5280]. If the
keyUsage extension is present in certificates, then keyEncipherement
MUST be the only key usage set for certificates that indicate id-alg-
ml-kem-* in SubjectPublicKeyInfo, (with * being one of 512, 768, or
1024.)