On Thu, Aug 13, 2015 at 8:41 AM, Simon Josefsson <[email protected]> wrote:
> This is not a good discriminator of the CFRG options -- this problem is > a weakness in this protocol, and should be addressed here. I'd agree, this is a conceptual misuse of digital signatures. While creating a signature algorithm resistant to this is a "neat trick" much like nonce reuse resistant AEAD schemes, you shouldn't design protocols that rely on that resistance in either case. -- Tony Arcieri
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
