signature: define SignatureEd25519

refs #4901

Change-Id: I71a962a6fd7df75b97d678e18db5b1e91078b7d7
diff --git a/changelog.rst b/changelog.rst
index ca0a61e..e65718a 100644
--- a/changelog.rst
+++ b/changelog.rst
@@ -46,6 +46,7 @@
 
   + Require all compliant implementations to support the ``SignatureSha256WithEcdsa`` signature type using NIST curve P-256
   + Redefine the signed portion of Data packets to be more future-proof
+  + Add ``SignatureEd25519`` signature type
 
 Version 0.2.1
 -------------
diff --git a/signature.rst b/signature.rst
index 2e0abf3..10bcc42 100644
--- a/signature.rst
+++ b/signature.rst
@@ -81,7 +81,10 @@
 | 4       | :ref:`SignatureHmacWithSha256`         | Integrity and provenance protection using       |
 |         |                                        | a SHA-256 hash-based message authentication code|
 +---------+----------------------------------------+-------------------------------------------------+
-| 2,5-200 |                                        | Reserved for future assignments                 |
+| 5       | :ref:`SignatureEd25519`                | Integrity and provenance protection using       |
+|         |                                        | an Ed25519 signature                            |
++---------+----------------------------------------+-------------------------------------------------+
+| 2,6-200 |                                        | Reserved for future assignments                 |
 +---------+----------------------------------------+-------------------------------------------------+
 | >200    |                                        | Unassigned                                      |
 +---------+----------------------------------------+-------------------------------------------------+
@@ -265,4 +268,28 @@
 .. danger::
    The shared secret key is not included in the signature and must not be included anywhere in the packet, as this would invalidate the security properties of HMAC.
 
+.. _SignatureEd25519:
+
+SignatureEd25519
+^^^^^^^^^^^^^^^^
+
+``SignatureEd25519`` defines an Ed25519 public key signature that is calculated over the "signed portion" of an Interest or Data packet.
+This signature algorithm is defined in `RFC 8032, Section 5.1 <https://datatracker.ietf.org/doc/html/rfc8032#section-5.1>`__.
+
+* The TLV-VALUE of ``SignatureType`` is 5
+* ``KeyLocator`` is required
+
+::
+
+    SignatureValue = SIGNATURE-VALUE-TYPE
+                     TLV-LENGTH
+                     64OCTET ; == Ed25519{Data signed portion}
+
+    InterestSignatureValue = INTEREST-SIGNATURE-VALUE-TYPE
+                             TLV-LENGTH
+                             64OCTET ; == Ed25519{Interest signed portion}
+
+This type of signature, if verified, provides very strong assurances that a packet was created by the claimed producer (authentication/provenance) and was not tampered with while in transit (integrity).
+The ``KeyDigest`` option in :ref:`KeyLocator` is defined as the SHA-256 digest over the DER encoding of the ``SubjectPublicKeyInfo`` for an Ed25519 key as defined by `RFC 8410, Section 4 <https://datatracker.ietf.org/doc/html/rfc8410#section-4>`__."
+
 .. _hierarchical trust model: https://named-data.net/publications/techreports/trpublishkey-rev2/