OFFICIAL
Hi Alanna,
I'm happy with this, thank you very much.
Flo
Flo D
Deputy CTO for Cyber Policy
and Assessments
[email protected]
Pronouns: she/her
http://www.ncsc.gov.uk/
OFFICIAL
-----Original Message-----
From: Alanna Paloma <[email protected]>
Sent: 26 June 2026 18:54
To: Nina Bindel <[email protected]>
Cc: Deirdre Connolly <[email protected]>; Flo D <[email protected]>;
[email protected]; [email protected]; [email protected];
[email protected]; Paul Hoffman <[email protected]>; Paul Wouters
<[email protected]>; auth48archive <[email protected]>; RFC
Editor <[email protected]>
Subject: Re: [AD] AUTH48: RFC-to-be 9955
<draft-ietf-pquip-hybrid-signature-spectrums-07> for your review
Hi Nina,
Thank you for your reply. No need to submit your approval anywhere else,
replying in this email thread is perfect!
We have noted your approval here:
https://queue.rfc-editor.org/final-review/rfc9955/
We will await approvals from Britta, Deirdre, Flo, and Chris (AD).
Best regards,
Alanna Paloma
RFC Production Center
> On Jun 26, 2026, at 5:02 AM, Nina Bindel <[email protected]> wrote:
>
> Dear all,
>
> You have my approval. Do I need to submit it somewhere formally in addition?
>
> Thank you for all the work you have done, especially thanks to Flo, Britta
> and Alanna for pushing this over the finish line!
>
> Best,
> Nina
>
>
>
> On June 25, 2026 4:56:19 p.m. GMT+01:00, Alanna Paloma
> <[email protected]> wrote:
> Hi Flo and Deirdre,
>
> Thank you for your replies. We have updated the files accordingly.
>
> We will await approvals from each author and Chris (AD) prior to moving this
> document forward in the publication process.
>
> The files have been posted here (please refresh):
> https://www.rfc-editor.org/authors/rfc9955.xml
> https://www.rfc-editor.org/authors/rfc9955.txt
> https://www.rfc-editor.org/authors/rfc9955.html
> https://www.rfc-editor.org/authors/rfc9955.pdf
>
> The relevant diff files have been posted here:
> https://www.rfc-editor.org/authors/rfc9955-diff.html (comprehensive diff)
> https://www.rfc-editor.org/authors/rfc9955-auth48diff.html (Final Review
> changes)
> https://www.rfc-editor.org/authors/rfc9955-auth48rfcdiff.html (Final Review
> changes side by side)
> https://www.rfc-editor.org/authors/rfc9955-lastdiff.html (last version to
> this one)
> https://www.rfc-editor.org/authors/rfc9955-lastrfcdiff.html (rfcdiff between
> last version and this)
>
> For the Final Review status of this document, please see:
> https://queue.rfc-editor.org/final-review/rfc9955/
>
> Thank you,
> Alanna Paloma
> RFC Production Center
>
>> On Jun 24, 2026, at 8:06 AM, Deirdre Connolly <[email protected]>
>> wrote:
>>
>> One nit,
>>
>> 'Component message algorithm forgery attacks:'
>>
>> I would write 'Component algorithm message forgery attacks', in several
>> locations in section 1.1.
>>
>> > We call this notion 'hybrid unforgeability'; it is a specific type of
>> > hybrid authentication.
>>
>> This definition is used later in the document.
>>
>>
>>
>>
>>
>> On Mon, Jun 22, 2026 at 7:35 PM Alanna Paloma <[email protected]>
>> wrote:
>> Hi Authors and Chris*,
>>
>> *Chris - As the AD, pleases review and approve of the added text in Section
>> 5.
>>
>> See this diff file:
>> https://www.rfc-editor.org/authors/rfc9955-auth48diff.html
>>
>> Authors - Thank you for your reply. The files have been updated accordingly.
>>
>> We will await approvals from each party listed on the Final Review status
>> page below prior to moving this document forward in the publication process.
>>
>> Note: If you would like to send any further updates by way of an updated XML
>> file, please make changes to the most recent XML file (provided below).
>>
>> The files have been posted here (please refresh):
>> https://www.rfc-editor.org/authors/rfc9955.xml
>> https://www.rfc-editor.org/authors/rfc9955.txt
>> https://www.rfc-editor.org/authors/rfc9955.html
>> https://www.rfc-editor.org/authors/rfc9955.pdf
>>
>> The relevant diff files have been posted here:
>> https://www.rfc-editor.org/authors/rfc9955-diff.html (comprehensive diff)
>> https://www.rfc-editor.org/authors/rfc9955-auth48diff.html (Final Review
>> changes)
>> https://www.rfc-editor.org/authors/rfc9955-auth48rfcdiff.html (Final Review
>> changes side by side)
>> https://www.rfc-editor.org/authors/rfc9955-lastdiff.html (last version to
>> this one)
>> https://www.rfc-editor.org/authors/rfc9955-lastrfcdiff.html (rfcdiff between
>> last version and this)
>>
>> For the Final Review status of this document, please see:
>> https://queue.rfc-editor.org/final-review/rfc9955/
>>
>> Thank you,
>> Alanna Paloma
>> RFC Production Center
>>
>> > On Jun 18, 2026, at 6:48 AM, Flo D <[email protected]> wrote:
>> >
>> > OFFICIAL
>> >
>> > Hi Alanna,
>> >
>> > Britta and I have had another look at the document, I'm attaching the
>> > newest commented version.
>> >
>> > We've now addressed the leftover query - I've made the changes and the
>> > rationale is under the comment.
>> >
>> > There are a few additional changes and suggestions following Britta's
>> > review. These are labelled as [BH] in the document.
>> >
>> > Thank you!
>> > Flo
>> >
>> > Flo D
>> > Deputy CTO for Cyber Policy
>> > and Assessments
>> > [email protected]
>> > Pronouns: she/her
>> > http://www.ncsc.gov.uk/
>> >
>> >
>> >
>> >
>> > OFFICIAL
>> > -----Original Message-----
>> > From: Alanna Paloma <[email protected]>
>> > Sent: 20 May 2026 16:48
>> > To: Flo D <[email protected]>
>> > Cc: [email protected]; [email protected]; Nina Bindel
>> > <[email protected]>; [email protected]; [email protected]; Paul
>> > Hoffman <[email protected]>; Paul Wouters <[email protected]>;
>> > auth48archive <[email protected]>; RFC Editor
>> > <[email protected]>
>> > Subject: Re: AUTH48: RFC-to-be 9955
>> > <draft-ietf-pquip-hybrid-signature-spectrums-07> for your review
>> >
>> > Hi Flo,
>> >
>> > We’ve updated the files with that change. Note that we are awaiting your
>> > response to this query:
>> >
>> >> c) The following terms are used in the document. Please review to ensure
>> >> consistent and correct usage. Let us know if any updates are needed.
>> >>
>> >> component message forgery attack
>> >> component algorithm forgery (and component algorithm forgeries)
>> >> component forgery (and component forgeries)
>> >> component forgery attacks
>> >
>> >
>> > The files have been posted here (please refresh):
>> > https://www.rfc-editor.org/authors/rfc9955.xml
>> > https://www.rfc-editor.org/authors/rfc9955.txt
>> > https://www.rfc-editor.org/authors/rfc9955.html
>> > https://www.rfc-editor.org/authors/rfc9955.pdf
>> >
>> > The relevant diff files have been posted here:
>> > https://www.rfc-editor.org/authors/rfc9955-diff.html (comprehensive diff)
>> > https://www.rfc-editor.org/authors/rfc9955-auth48diff.html (AUTH48 changes)
>> > https://www.rfc-editor.org/authors/rfc9955-auth48rfcdiff.html (AUTH48
>> > changes side by side)
>> > https://www.rfc-editor.org/authors/rfc9955-lastdiff.html (last version to
>> > this one)
>> > https://www.rfc-editor.org/authors/rfc9955-lastrfcdiff.html (rfcdiff
>> > between last version and this)
>> >
>> > For the AUTH48 status of this document, please see:
>> > https://www.rfc-editor.org/auth48/rfc9955
>> >
>> > Thank you,
>> > Alanna Paloma
>> > RFC Production Center
>> >
>> >> On May 20, 2026, at 12:20 AM, Flo D <[email protected]> wrote:
>> >>
>> >> OFFICIAL
>> >>
>> >> Hi Alanna,
>> >>
>> >> That change sounds fine, thank you.
>> >>
>> >> Flo
>> >>
>> >> Flo D
>> >> Deputy CTO for Cyber Policy
>> >> and Assessments
>> >> [email protected]
>> >> Pronouns: she/her
>> >> http://www.ncsc.gov.uk/
>> >>
>> >>
>> >> OFFICIAL
>> >> -----Original Message-----
>> >> From: Alanna Paloma <[email protected]>
>> >> Sent: 19 May 2026 19:20
>> >> To: Flo D <[email protected]>
>> >> Cc: [email protected]; [email protected]; Nina Bindel
>> >> <[email protected]>; [email protected]; [email protected]; Paul
>> >> Hoffman <[email protected]>; Paul Wouters <[email protected]>;
>> >> auth48archive <[email protected]>; RFC Editor
>> >> <[email protected]>
>> >> Subject: Re: AUTH48: RFC-to-be 9955
>> >> <draft-ietf-pquip-hybrid-signature-spectrums-07> for your review
>> >>
>> >> Hi Flo,
>> >>
>> >> Thank you for your reply. We have updated as requested. Note that we
>> >> have one follow-up question.
>> >>
>> >> ) May we clarify “an example of” by updating it to “which is a type of”?
>> >>
>> >> Current:
>> >> This is an example of a component algorithm forgery, an
>> >> example of a cross-algorithm attack or cross-protocol attack.
>> >>
>> >> Perhaps:
>> >> This is an example of a component algorithm forgery, which is
>> >> a type of a cross-algorithm attack or cross-protocol attack.
>> >>
>> >>
>> >> The files have been posted here (please refresh):
>> >> https://www.rfc-editor.org/authors/rfc9955.xml
>> >> https://www.rfc-editor.org/authors/rfc9955.txt
>> >> https://www.rfc-editor.org/authors/rfc9955.html
>> >> https://www.rfc-editor.org/authors/rfc9955.pdf
>> >>
>> >> The relevant diff files have been posted here:
>> >> https://www.rfc-editor.org/authors/rfc9955-diff.html (comprehensive diff)
>> >> https://www.rfc-editor.org/authors/rfc9955-auth48diff.html (AUTH48
>> >> changes)
>> >> https://www.rfc-editor.org/authors/rfc9955-auth48rfcdiff.html (AUTH48
>> >> changes side by side)
>> >>
>> >> Please review the document carefully and contact us with any further
>> >> updates you may have. Note that we do not make changes once a document
>> >> is published as an RFC.
>> >>
>> >> We will await your response to our follow-up question above as well the
>> >> remaining terminology query.
>> >>
>> >> For the AUTH48 status of this document, please see:
>> >> https://www.rfc-editor.org/auth48/rfc9955
>> >>
>> >> Thank you,
>> >> Alanna Paloma
>> >> RFC Production Center
>> >>
>> >>
>> >>> On May 19, 2026, at 1:00 AM, Flo D <[email protected]> wrote:
>> >>>
>> >>> OFFICIAL
>> >>>
>> >>> Hi Alanna,
>> >>>
>> >>> Sorry for the delay on this. Attached is an updated version. One
>> >>> comments remains to be addressed (terminology (c)), but we will aim to
>> >>> get on this soon.
>> >>>
>> >>> Please let me know if there are any other issues.
>> >>>
>> >>> Flo
>> >>>
>> >>>
>> >>> OFFICIAL
>> >>> -----Original Message-----
>> >>> From: Alanna Paloma <[email protected]>
>> >>> Sent: 18 May 2026 17:45
>> >>> To: Flo D <[email protected]>; [email protected];
>> >>> [email protected]; [email protected]
>> >>> Cc: [email protected]; [email protected]; Paul Hoffman
>> >>> <[email protected]>; Paul Wouters <[email protected]>;
>> >>> auth48archive <[email protected]>; RFC Editor
>> >>> <[email protected]>
>> >>> Subject: Re: AUTH48: RFC-to-be 9955
>> >>> <draft-ietf-pquip-hybrid-signature-spectrums-07> for your review
>> >>>
>> >>> [You don't often get email from [email protected]. Learn why
>> >>> this is important at https://aka.ms/LearnAboutSenderIdentification ]
>> >>>
>> >>> Hi Authors,
>> >>>
>> >>> We're still awaiting your responses to our previous questions before
>> >>> this document can move forward in the publication process. Please let us
>> >>> know if you have any questions.
>> >>>
>> >>> The AUTH48 status page for this document is located here:
>> >>> https://www.rfc-editor.org/auth48/rfc9955
>> >>>
>> >>> Thank you,
>> >>> Alanna Paloma
>> >>> RFC Production Center
>> >>>
>> >>>> On May 11, 2026, at 8:22 AM, Alanna Paloma
>> >>>> <[email protected]> wrote:
>> >>>>
>> >>>> Hi Authors,
>> >>>>
>> >>>> This is another friendly reminder that we await your response to our
>> >>>> previously sent questions. Please let us know if you have any questions.
>> >>>>
>> >>>> The AUTH48 status page for this document is located here:
>> >>>> https://www/.
>> >>>> rfc-editor.org%2Fauth48%2Frfc9955&data=05%7C02%7CFlo.D%40ncsc.gov.uk%7
>> >>>> C54dd52367c1c4e24663d08deb4fce7c2%7C14aa5744ece1474ea2d734f46dda64a1%7
>> >>>> C0%7C0%7C639147195984001873%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn
>> >>>> RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
>> >>>> D%3D%7C0%7C%7C%7C&sdata=SLUDLYOj2lEJXyirGjNHdz8rhFpzeT7DhBCk7RZSyi8%3D
>> >>>> &reserved=0
>> >>>>
>> >>>> Thank you,
>> >>>> Alanna Paloma
>> >>>> RFC Production Center
>> >>>>
>> >>>>> On May 4, 2026, at 8:41 AM, Alanna Paloma
>> >>>>> <[email protected]> wrote:
>> >>>>>
>> >>>>> Hi Authors,
>> >>>>>
>> >>>>> This is a friendly reminder that we are awaiting your response to our
>> >>>>> previously sent questions.
>> >>>>>
>> >>>>> We will wait to hear from you before continuing with the publication
>> >>>>> process.
>> >>>>>
>> >>>>> The AUTH48 status page for this document is located here:
>> >>>>> https://www/
>> >>>>> .rfc-editor.org%2Fauth48%2Frfc9955&data=05%7C02%7CFlo.D%40ncsc.gov.uk
>> >>>>> %7C54dd52367c1c4e24663d08deb4fce7c2%7C14aa5744ece1474ea2d734f46dda64a
>> >>>>> 1%7C0%7C0%7C639147195984182179%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcG
>> >>>>> kiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
>> >>>>> yfQ%3D%3D%7C0%7C%7C%7C&sdata=HRdVL6Vq9h5NKqJ4z5kCMqxIBQAVq7cZrBj9FqWR
>> >>>>> ylw%3D&reserved=0
>> >>>>>
>> >>>>> Thank you,
>> >>>>> Alanna Paloma
>> >>>>> RFC Production Center
>> >>>>>
>> >>>>>> On Apr 14, 2026, at 12:52 AM, Flo D <[email protected]> wrote:
>> >>>>>>
>> >>>>>> OFFICIAL
>> >>>>>>
>> >>>>>>
>> >>>>>> Hi Alanna,
>> >>>>>>
>> >>>>>> Thank you. We are discussing amongst the authors and will be able to
>> >>>>>> get back to you soon.
>> >>>>>>
>> >>>>>> Flo
>> >>>>>>
>> >>>>>>
>> >>>>>> OFFICIAL
>> >>>>>> -----Original Message-----
>> >>>>>> From: Alanna Paloma <[email protected]>
>> >>>>>> Sent: 13 April 2026 17:39
>> >>>>>> To: [email protected]; [email protected];
>> >>>>>> [email protected]; Flo D <[email protected]>
>> >>>>>> Cc: [email protected]; [email protected]; Paul Hoffman
>> >>>>>> <[email protected]>; Paul Wouters <[email protected]>;
>> >>>>>> auth48archive <[email protected]>; RFC Editor
>> >>>>>> <[email protected]>
>> >>>>>> Subject: Re: AUTH48: RFC-to-be 9955
>> >>>>>> <draft-ietf-pquip-hybrid-signature-spectrums-07> for your review
>> >>>>>>
>> >>>>>> [You don't often get email from [email protected]. Learn
>> >>>>>> why this is important at
>> >>>>>> https://aka.ms/LearnAboutSenderIdentification ]
>> >>>>>>
>> >>>>>> Greetings,
>> >>>>>>
>> >>>>>> We do not believe we have heard from you regarding this document's
>> >>>>>> readiness for publication. Please review our previous messages
>> >>>>>> describing the AUTH48 process and containing any document-specific
>> >>>>>> questions we may have had.
>> >>>>>>
>> >>>>>> We will wait to hear from you before continuing with the publication
>> >>>>>> process.
>> >>>>>>
>> >>>>>> The AUTH48 status page for this document is located here:
>> >>>>>> https://ww/
>> >>>>>> w.rfc-editor.org%2Fauth48%2Frfc9955&data=05%7C02%7CFlo.D%40ncsc.gov.
>> >>>>>> uk%7C54dd52367c1c4e24663d08deb4fce7c2%7C14aa5744ece1474ea2d734f46dda
>> >>>>>> 64a1%7C0%7C0%7C639147195984205503%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU
>> >>>>>> 1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIl
>> >>>>>> dUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=DSxJz0KRJhcfkl85nS7rl96ouEf4uIe9cE
>> >>>>>> RnBBAWhdQ%3D&reserved=0
>> >>>>>>
>> >>>>>> Thank you,
>> >>>>>> Alanna Paloma
>> >>>>>> RFC Production Center
>> >>>>>>
>> >>>>>>> On Apr 3, 2026, at 9:53 AM, [email protected] wrote:
>> >>>>>>>
>> >>>>>>> Authors,
>> >>>>>>>
>> >>>>>>> While reviewing this document during AUTH48, please resolve (as
>> >>>>>>> necessary) the following questions, which are also in the source
>> >>>>>>> file.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 1) <!--[rfced] Note that we have updated the short title, which
>> >>>>>>> appears in the running header In the PDF output, as follows.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> ietf-pquip-hybrid-spectrums
>> >>>>>>>
>> >>>>>>> Current:
>> >>>>>>> Hybrid Signature Spectrums
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 2) <!-- [rfced] Please insert any keywords (beyond those that
>> >>>>>>> appear in the title) for use on https://www/.
>> >>>>>>> rfc-editor.org%2Fsearch&data=05%7C02%7Cflo.d%40ncsc.gov.uk%7Cb6e100
>> >>>>>>> d6f
>> >>>>>>> 75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%
>> >>>>>>> 7C6
>> >>>>>>> 39116952142108314%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsI
>> >>>>>>> lYi
>> >>>>>>> OiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C
>> >>>>>>> 400
>> >>>>>>> 00%7C%7C%7C&sdata=VBi8v52NykkpgSEnXnipU97KOPrxj01Do91EFkablEU%3D&re
>> >>>>>>> ser
>> >>>>>>> ved=0. -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 3) <!--[rfced] We note that both of the following terms are used in
>> >>>>>>> the document (note "Project" vs. "Process"). Should these be made
>> >>>>>>> consistent?
>> >>>>>>>
>> >>>>>>> NIST Post-Quantum Cryptography Standardization Project NIST
>> >>>>>>> Post-Quantum Cryptography Standardization Process
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Research has indicated
>> >>>>>>> that implementation-independent attacks published in 2023 or
>> >>>>>>> earlier had broken 48% of the proposals in Round 1 of the NIST
>> >>>>>>> Post-Quantum Cryptography Standardization Project, 25% of the
>> >>>>>>> proposals not broken in Round 1, and 36% of the proposals selected
>> >>>>>>> by NIST for Round 2 [QRCSP].
>> >>>>>>> ...
>> >>>>>>> Of note, some next-generation algorithms have received considerable
>> >>>>>>> analysis, for example, following attention gathered during the NIST
>> >>>>>>> Post-Quantum Cryptography Standardization Process [NIST_PQC_FAQ].
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 4) <!--[rfced] FYI - We updated "25% of the proposals not broken in
>> >>>>>>> Round 1" as follows for clarity.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Research has indicated
>> >>>>>>> that implementation-independent attacks published in 2023 or
>> >>>>>>> earlier had broken 48% of the proposals in Round 1 of the NIST
>> >>>>>>> Post-Quantum Cryptography Standardization Project, 25% of the
>> >>>>>>> proposals not broken in Round 1, and 36% of the proposals selected
>> >>>>>>> by NIST for Round 2 [QRCSP].
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> Research indicates
>> >>>>>>> that implementation-independent attacks published in 2023 or
>> >>>>>>> earlier had broken 48% of the proposals in Round 1 of the NIST
>> >>>>>>> Post-Quantum Cryptography Standardization Project, 25% of the
>> >>>>>>> proposals not broken by the end of Round 1, and 36% of the
>> >>>>>>> proposals selected by NIST for Round 2 [QRCSP].
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 5) <!-- [rfced] We were unable to find the quoted text below in
>> >>>>>>> [RFC9794].
>> >>>>>>> Is this quote from [RFC9794] or another reference?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> This is different from [RFC9794] where the term is used as a
>> >>>>>>> specific instantiation of hybrid schemes such that "where multiple
>> >>>>>>> cryptographic algorithms are combined to form a single key or
>> >>>>>>> signature such that they can be treated as a single atomic object
>> >>>>>>> at the protocol level."
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 6) <!--[rfced] To improve readability, may we break up this long
>> >>>>>>> sentence into two sentences and update as follows?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> While it often makes sense for security purposes to require that
>> >>>>>>> the security of the component schemes is based on the hardness of
>> >>>>>>> different cryptographic assumptions, in other cases hybrid schemes
>> >>>>>>> might be motivated, e.g., by interoperability of variants on the
>> >>>>>>> same scheme and as such both component schemes are based on the
>> >>>>>>> same hardness assumption (e.g., both post-quantum assumptions or
>> >>>>>>> even both the same concrete assumption such as Ring LWE).
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> For security purposes, it often makes sense to require that the
>> >>>>>>> security of the component schemes be based on the hardness of
>> >>>>>>> different cryptographic assumptions, but in some cases, hybrid
>> >>>>>>> schemes might be motivated, e.g., by interoperability of variants
>> >>>>>>> on the same scheme. As such, both component schemes are based on
>> >>>>>>> the same hardness assumption (e.g., both post-quantum assumptions
>> >>>>>>> or even both the same concrete assumption, such as Ring Learning
>> >>>>>>> With Errors (LWE)).
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 7) <!-- [rfced] Is "CRYSTALS-DILITHIUM" another name for "ML-DSA"?
>> >>>>>>> Or are they separate schemes? Please review and let us know if/how
>> >>>>>>> this text may be clarified.
>> >>>>>>>
>> >>>>>>> Current:
>> >>>>>>> For example, the
>> >>>>>>> signature scheme Module-Lattice-Based Digital Signature Algorithm
>> >>>>>>> (ML-DSA) [MLDSA] (also known as CRYSTALS-DILITHIUM) follows the
>> >>>>>>> well- known Fiat-Shamir transform [FS] to construct the signature
>> >>>>>>> scheme but also relies on rejection sampling that is known to give
>> >>>>>>> cache side channel information (although this does not lead to a
>> >>>>>>> known attack).
>> >>>>>>>
>> >>>>>>> Section 1.2 of [MLDSA] (FIPS 204) states the following about ML-DSA
>> >>>>>>> and CRYSTALS-DILITHIUM:
>> >>>>>>> ML-DSA is derived from one of the selected schemes,
>> >>>>>>> CRYSTALS-DILITHIUM
>> >>>>>>> [5 , 6 ], and is intended to protect sensitive U.S. Government
>> >>>>>>> information well into the foreseeable future, including after the
>> >>>>>>> advent of cryptographically relevant quantum computers. For the
>> >>>>>>> differences between ML-DSA and CRYSTALS- DILITHIUM, see Appendix D.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 8) <!-- [rfced] The second sentence below seems to be saying the
>> >>>>>>> same thing as the first. Should the second sentence be removed?
>> >>>>>>>
>> >>>>>>> Current:
>> >>>>>>> Hybrid unforgeability is a specific type of hybrid authentication,
>> >>>>>>> where the security assumption for the scheme (e.g., EUF-CMA) is
>> >>>>>>> maintained as long as at least one of the component schemes
>> >>>>>>> maintains that security assumption. We call this notion 'hybrid
>> >>>>>>> unforgeability'; it is a specific type of hybrid authentication.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> Hybrid unforgeability is a specific type of hybrid authentication,
>> >>>>>>> where the security assumption for the scheme (e.g., EUF-CMA) is
>> >>>>>>> maintained as long as at least one of the component schemes
>> >>>>>>> maintains that security assumption.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 9) <!-- [rfced] For the ease of the reader, may we update
>> >>>>>>> "description below" and "discussion below" to a section number? If
>> >>>>>>> so, please confirm that Section 1.3.5 is correct.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> There might be, however, other goals in competition with this one,
>> >>>>>>> such as backward-compatibility - referring to the property where a
>> >>>>>>> hybrid signature may be verified by only verifying one component
>> >>>>>>> signature (see description below).
>> >>>>>>> ...
>> >>>>>>> For more details, we refer to our discussion below.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> There might be, however, other goals in competition with this one,
>> >>>>>>> such as backward compatibility - referring to the property where a
>> >>>>>>> hybrid signature may be verified by only verifying one component
>> >>>>>>> signature (see Section 1.3.5).
>> >>>>>>> ...
>> >>>>>>> For more details, refer to Section 1.3.5.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 10) <!-- [rfced] We are having trouble understanding the first part
>> >>>>>>> of this sentence. Would revising as shown below improve clarity
>> >>>>>>> while retaining the intended meaning?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Use cases where a hybrid scheme is used with, e.g., EUF-CMA
>> >>>>>>> security assumed for only one component scheme generally use hybrid
>> >>>>>>> techniques for their 'functional transition' pathway support.
>> >>>>>>> ...
>> >>>>>>> In contrast, use cases where a hybrid scheme is used with e.g.,
>> >>>>>>> EUF- CMA security assumed for both component schemes without
>> >>>>>>> prioritisation between them can use hybrid techniques for both
>> >>>>>>> functional transition and security transition ...
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> In some use cases, a hybrid scheme is used with (for example)
>> >>>>>>> EUF-CMA security assumed for only one component scheme; these cases
>> >>>>>>> generally use hybrid techniques for their 'functional transition'
>> >>>>>>> pathway support.
>> >>>>>>> ...
>> >>>>>>> In contrast, in other use cases, a hybrid scheme is used with (for
>> >>>>>>> example) EUF- CMA security assumed for both component schemes
>> >>>>>>> without prioritisation between them; these cases can use hybrid
>> >>>>>>> techniques for both functional transition and security transition ...
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 11) <!-- [rfced] How may we update "algorithms/the" here?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> For instance, this can intuitively be seen in cases of a message
>> >>>>>>> containing a context note on hybrid authentication, that is then
>> >>>>>>> signed by all component algorithms/the hybrid signature scheme.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> For instance, this can intuitively be seen in cases of a message
>> >>>>>>> containing a context note on hybrid authentication, that is then
>> >>>>>>> signed by all component algorithms in the hybrid signature scheme.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 12) <!-- [rfced] Should 'component digital signatures "categories"'
>> >>>>>>> be updated to use singular 'signature' as shown in Perhaps A,
>> >>>>>>> recast as shown in Perhaps B, or revised in some other way?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Hybrid generality means that a general signature combiner is
>> >>>>>>> defined, based on inherent and common structures of component
>> >>>>>>> digital signatures "categories."
>> >>>>>>>
>> >>>>>>> Perhaps A:
>> >>>>>>> Hybrid generality means that a general signature combiner is
>> >>>>>>> defined based on inherent and common structures of component
>> >>>>>>> digital signature "categories".
>> >>>>>>>
>> >>>>>>> Perhaps B:
>> >>>>>>> Hybrid generality means that a general signature combiner is
>> >>>>>>> defined based on inherent and common structures of "categories" of
>> >>>>>>> the component digital signatures.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 13) <!-- [rfced] We could not find any mention of "space" in
>> >>>>>>> draft-ietf-tls-hybrid-design (RFC-to-be 9954). Please review and
>> >>>>>>> let us know how this citation may be updated.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Similarly to space considerations in [I-D.ietf-tls-hybrid-design],
>> >>>>>>> hybrid signature constructions are expected to be as space
>> >>>>>>> performant as possible.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 14) <!-- [rfced] We made a few changes to Figures 1 and 2 (e.g.,
>> >>>>>>> updated spacing, added articles, and included punctuation). Please
>> >>>>>>> review.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 15) <!-- [rfced] Will readers understand what is meant by "hybrid"
>> >>>>>>> and "hybrids"
>> >>>>>>> (noun) in these sentences? Should these be updated to "hybrid
>> >>>>>>> signature"
>> >>>>>>> and "hybrid signatures" (or to something else), or is the current
>> >>>>>>> clear?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Under Weak
>> >>>>>>> Non-Separability, if one of the component signatures of a hybrid is
>> >>>>>>> removed artifacts of the hybrid will remain (in the message,
>> >>>>>>> signature, or at the protocol level, etc.).
>> >>>>>>> ...
>> >>>>>>> Note that in this latter case, it is not possible for an adversary
>> >>>>>>> to strip one of the component signatures or use a component of the
>> >>>>>>> hybrid to create a forgery for a component algorithm.
>> >>>>>>> ...
>> >>>>>>> applies equally to any guidance or
>> >>>>>>> policy direction that specifies that at least one component
>> >>>>>>> algorithm of the hybrid has passed some certification type while
>> >>>>>>> not specifying requirements on the other component.
>> >>>>>>> ...
>> >>>>>>> however, we use it as motivation to highlight some points that
>> >>>>>>> implementers of hybrids may wish to consider when following any
>> >>>>>>> guidance documents that specify ...
>> >>>>>>> ...
>> >>>>>>> This type of need for approval (i.e., a requirement that an
>> >>>>>>> implementer is looking to follow regarding approval or
>> >>>>>>> certification of the software module implementation of a hybrid or
>> >>>>>>> its component
>> >>>>>>> algorithms) can drive some logistical decisions on what types of
>> >>>>>>> hybrids an implementer should consider.
>> >>>>>>> ...
>> >>>>>>> If the hybrid signature is
>> >>>>>>> stripped, such that a single component signature is submitted to a
>> >>>>>>> verification algorithm for that component along with the message
>> >>>>>>> that was signed by the hybrid, the result would be an EUF-CMA
>> >>>>>>> forgery for the component signature.
>> >>>>>>> ...
>> >>>>>>> Thus, if EUF-CMA security for hybrids is considered to be
>> >>>>>>> informally defined in the straightforward way as ...
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 16) <!-- [rfced] How may we clarify "message/inner" here?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> In another example, under nested signatures the verifier could be
>> >>>>>>> tricked into interpreting a new message as the message/inner
>> >>>>>>> signature combination and verify only the outer signature.
>> >>>>>>>
>> >>>>>>> Perhaps A:
>> >>>>>>> In another example, under nested signatures, the verifier could be
>> >>>>>>> tricked into interpreting a new message as the message and inner
>> >>>>>>> signature combination and verify only the outer signature.
>> >>>>>>>
>> >>>>>>> Perhaps B:
>> >>>>>>> In another example, under nested signatures, the verifier could be
>> >>>>>>> tricked into interpreting a new message as the combination of the
>> >>>>>>> message and inner signature and verify only the outer signature.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 17) <!--[rfced] To improve readability, may we update the second
>> >>>>>>> sentence below as follows? The first sentence is included for
>> >>>>>>> context.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> The verifier could indeed ignore the artifact, hence the scheme
>> >>>>>>> achieving only weak non-separability and not strong
>> >>>>>>> non-separability. It is rather that an artifact exists that could
>> >>>>>>> be identified if an investigation occurred, etc.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> The verifier could indeed ignore the artifact, resulting in the
>> >>>>>>> scheme achieving only weak non-separability and not strong
>> >>>>>>> non-separability. However, an existing artifact could be identified
>> >>>>>>> if an investigation occurred.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 18) <!-- [rfced] Will "As can be seen" be clear to readers in these
>> >>>>>>> two sentences?
>> >>>>>>> Could it be updated to "As shown in Table 1" in the first sentence
>> >>>>>>> and removed in the second sentence?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> As can be seen, while concatenation may appear to refer to a single
>> >>>>>>> type of combiner, there are in fact several possible artifact
>> >>>>>>> locations depending on implementation choices.
>> >>>>>>> ...
>> >>>>>>> However, as can be seen, this does not imply that every
>> >>>>>>> implementation using concatenation fails to achieve non-
>> >>>>>>> separability.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> As shown in Table 1, while concatenation may appear to refer to a
>> >>>>>>> single type of combiner, there are in fact several possible
>> >>>>>>> artifact locations depending on implementation choices.
>> >>>>>>> ...
>> >>>>>>> However, this does not imply that
>> >>>>>>> every implementation using concatenation fails to achieve non-
>> >>>>>>> separability.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 19) <!-- [rfced] The quoted text below no longer appears at the URL
>> >>>>>>> provided for
>> >>>>>>> [NIST_PQC_FAQ]:
>> >>>>>>> https://csrc.nist.gov/Projects/post-quantum-cryptography/faqs.
>> >>>>>>> That page was lasted updated on 19 November 2025.
>> >>>>>>>
>> >>>>>>> We found an archived URL from the Internet Archive from 5 July 2022
>> >>>>>>> (the original date used for this reference):
>> >>>>>>> https://web/.
>> >>>>>>> archive.org%2Fweb%2F20220705163944%2Fhttps%3A%2F%2Fcsrc.nist.gov%2F
>> >>>>>>> Pro
>> >>>>>>> jects%2F&data=05%7C02%7Cflo.d%40ncsc.gov.uk%7Cb6e100d6f75c462a7e260
>> >>>>>>> 8de
>> >>>>>>> 997b26cb%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C6391169521421
>> >>>>>>> 503
>> >>>>>>> 52%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAw
>> >>>>>>> MCI
>> >>>>>>> sIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&
>> >>>>>>> sda
>> >>>>>>> ta=NjyLiA1Mk5tY1A1Tzo18PUuBBsregK0DrcIQ8TCv5CU%3D&reserved=0
>> >>>>>>> post-quantum-cryptography/faqs
>> >>>>>>>
>> >>>>>>> May we update this reference to use the archived URL?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Assume that in a [hybrid] signature, _one signature is generated
>> >>>>>>> with a NIST-approved signature scheme as specified in FIPS 186,
>> >>>>>>> while another signature(s) can be generated using different
>> >>>>>>> schemes_, e.g., ones that are not currently specified in NIST
>> >>>>>>> standards..._hybrid signatures can be accommodated by current
>> >>>>>>> standards in FIPS mode, as defined in FIPS 140, provided at least
>> >>>>>>> one of the component methods is a properly implemented, NIST-
>> >>>>>>> approved signature algorithm_. For the purposes of FIPS 140
>> >>>>>>> validation, any signature that is generated by a non-approved
>> >>>>>>> component scheme would not be considered a security function, since
>> >>>>>>> the NIST-approved component is regarded as assuring the validity of
>> >>>>>>> the hybrid signature. [NIST_PQC_FAQ] ...
>> >>>>>>> [NIST_PQC_FAQ]
>> >>>>>>> National Institute of Standards and Technology (NIST),
>> >>>>>>> "Post-Quantum Cryptography FAQs", 5 July 2022,
>> >>>>>>> <https://csrc.nist.gov/Projects/post-quantum-cryptography/
>> >>>>>>> faqs>.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 20) <!-- [rfced] We do not see "Generality" used elsewhere in
>> >>>>>>> Section 4. Should it be removed from the title of Figure 2?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Figure 2: Generality / Need for Approval Spectrum
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> Figure 2: Need for Approval Spectrum
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 21) <!-- [rfced] Is "game" the correct word choice here? Or would
>> >>>>>>> "assumption"
>> >>>>>>> (used earlier in the paragraph) be better?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Namely, the most straightforward extension of the traditional
>> >>>>>>> EUF-CMA security game would be that an adversary can request hybrid
>> >>>>>>> signatures for messages of their choosing and succeeds if they are
>> >>>>>>> able to produce a valid hybrid signature for a message that was not
>> >>>>>>> part of an earlier request.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 22) <!--[rfced] We are having difficulty parsing this sentence,
>> >>>>>>> particularly "is considered to be informally defined in the
>> >>>>>>> straightforward way as that an adversary can request...". Please
>> >>>>>>> review and let us know how it may be updated for clarity.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Thus, if EUF-CMA security for hybrids is considered to be
>> >>>>>>> informally defined in the straightfoward way as that an adversary
>> >>>>>>> can request hybrid signatures for messages of their choosing and
>> >>>>>>> succeeds if they are able to produce a valid hybrid signature for a
>> >>>>>>> message that was not part of an earlier request, implicit
>> >>>>>>> requirements must hold in order to avoid real-world implications.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> Thus, if the straightforward EUF-CMA security assumption for
>> >>>>>>> hybrids is that an adversary requests hybrid signatures for
>> >>>>>>> messages of their choosing and succeeds if they are able to produce
>> >>>>>>> a valid hybrid signature for a message that was not part of an
>> >>>>>>> earlier request, implicit requirements must hold in order to avoid
>> >>>>>>> real-world implications.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 23) <!-- [rfced] Please review the relationship between
>> >>>>>>> "cross-protocol attack"
>> >>>>>>> and "component algorithm forgery" in the sentences below and let us
>> >>>>>>> know if updates are needed for consistency. Also, in the last
>> >>>>>>> sentence below (starts with "Otherwise"), perhaps "which can be
>> >>>>>>> seen as a type of cross-protocol attack" can be removed as it is
>> >>>>>>> mentioned in the previous sentence.
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> such as cross-protocol attacks (e.g., component algorithm
>> >>>>>>> forgeries).
>> >>>>>>> ...
>> >>>>>>> This is an
>> >>>>>>> example of a component algorithm forgery, a.k.a. a case of cross-
>> >>>>>>> algorithm attack or cross-protocol attack.
>> >>>>>>> ...
>> >>>>>>> Namely, either component
>> >>>>>>> algorithm forgeries, a.k.a. cross-protocol attacks, must be out of
>> >>>>>>> scope for the use case or the hybrid signature choice must be
>> >>>>>>> strongly non-separable. Otherwise, component algorithm forgeries,
>> >>>>>>> which can be seen as a type of cross-protocol attack, affect the
>> >>>>>>> type of EUF-CMA properties offered ...
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> such as cross-protocol attacks (a.k.a. component algorithm
>> >>>>>>> forgeries).
>> >>>>>>> ...
>> >>>>>>> This is an
>> >>>>>>> example of a component algorithm forgery (a.k.a. cross- algorithm
>> >>>>>>> attack or cross-protocol attack).
>> >>>>>>> ...
>> >>>>>>> Namely, either component
>> >>>>>>> algorithm forgeries (a.k.a. cross-protocol attacks) must be out of
>> >>>>>>> scope for the use case or the hybrid signature choice must be
>> >>>>>>> strongly non-separable. Otherwise, component algorithm forgeries
>> >>>>>>> affect the type of EUF-CMA properties offered ...
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 24) <!--[rfced] May we update "additional" to "in addition" in this
>> >>>>>>> sentence?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> Since the goal of backwards compatibility is usually to allow
>> >>>>>>> legacy systems without any software change to be able to process
>> >>>>>>> hybrid signatures, all differences between the legacy signature
>> >>>>>>> format and the hybrid signature format must be allowed to be
>> >>>>>>> ignored, including skipping verification of signatures additional
>> >>>>>>> to the classical signature.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> Since the goal of backwards compatibility is usually to allow
>> >>>>>>> legacy systems without any software change to be able to process
>> >>>>>>> hybrid signatures, all differences between the legacy signature
>> >>>>>>> format and the hybrid signature format must be allowed to be
>> >>>>>>> ignored, including skipping verification of signatures in addition
>> >>>>>>> to the classical signature.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 25) <!-- [rfced] This reference currently points to a paper made
>> >>>>>>> available via Ronald L. Rivest's MIT faculty page. This paper is
>> >>>>>>> also available for free on ACM Digital Library (which is likely
>> >>>>>>> more stable). Would you like this reference to point to the version
>> >>>>>>> on ACM Digital Library or keep the current version?
>> >>>>>>>
>> >>>>>>> Current:
>> >>>>>>> [RSA] Rivest, R. L., Shamir, A., and L. Adleman, "A Method for
>> >>>>>>> Obtaining Digital Signatures and Public-Key
>> >>>>>>> Cryptosystems",
>> >>>>>>> <https://people.csail.mit.edu/rivest/Rsapaper.pdf>.
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> [RSA] Rivest, R. L., Shamir, A., and L. Adleman, "A Method for
>> >>>>>>> Obtaining Digital Signatures and Public-Key
>> >>>>>>> Cryptosystems", Communications of the ACM, vol. 21, no. 2,
>> >>>>>>> pp. 120-126, DOI 10.1145/359340.359342,
>> >>>>>>> <https://doi.org/10.1145/359340.359342>.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 26) <!-- [rfced] We do not see "template" in ietf-tls-hybrid-design
>> >>>>>>> (RFC-to-be 9954). Would another term be better here?
>> >>>>>>>
>> >>>>>>> Original:
>> >>>>>>> This document is based on the template of
>> >>>>>>> [I-D.ietf-tls-hybrid-design].
>> >>>>>>>
>> >>>>>>> Perhaps:
>> >>>>>>> This document is based on the hybrid key exchange defined in
>> >>>>>>> [RFC9954].
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 27) <!-- [rfced] Font styling
>> >>>>>>>
>> >>>>>>> a) Use of <tt>
>> >>>>>>>
>> >>>>>>> This file lists terms enclosed in <tt> in this document:
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955-TT.txt&data=05%7C02%7Cflo.d%40ncsc.
>> >>>>>>> gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f
>> >>>>>>> 46d
>> >>>>>>> da64a1%7C0%7C0%7C639116952142225842%7CUnknown%7CTWFpbGZsb3d8eyJFbXB
>> >>>>>>> 0eU
>> >>>>>>> 1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsI
>> >>>>>>> ldU
>> >>>>>>> IjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=LhwRtGzgINulI5KXwwS3%2B7wmmpXJ5
>> >>>>>>> lEK
>> >>>>>>> sa1WPvzUEzQ%3D&reserved=0
>> >>>>>>>
>> >>>>>>> Some of these terms appear both with and without <tt>. For example,
>> >>>>>>> we see "[hybrid] signatures" and "[hybrid]" enclosed in <tt>, but
>> >>>>>>> we also see instances of "[hybrid]" and "hybrid" without <tt>.
>> >>>>>>> Please review to ensure the usage of <tt> is correct and
>> >>>>>>> consistent. Let us know if any updates are needed using OLD/NEW
>> >>>>>>> format.
>> >>>>>>>
>> >>>>>>> Note: In the HTML and PDF outputs, <tt> yields fixed-width font. In
>> >>>>>>> the
>> >>>>>>> TXT output, there is no change.
>> >>>>>>>
>> >>>>>>> b) Use of <em>
>> >>>>>>>
>> >>>>>>> This is only used in the direct quote in Section 4. The emphasis
>> >>>>>>> may be difficult to see in the TXT output. Please review.
>> >>>>>>>
>> >>>>>>> Note: In the HTML and PDF outputs, <em> yields italics. In the TXT
>> >>>>>>> output,
>> >>>>>>> <em> yields an underscore before and after.
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 28) <!-- [rfced] Terminology
>> >>>>>>>
>> >>>>>>> a) Should the four instances of "scale" in the document be updated
>> >>>>>>> to "spectrum"?
>> >>>>>>>
>> >>>>>>> Current:
>> >>>>>>> Non-separability is not a singular definition but rather is a
>> >>>>>>> scale, representing degrees of separability hardness, visualized in
>> >>>>>>> Figure 1.
>> >>>>>>> ...
>> >>>>>>> Third on the scale is the Strong Non-Separability notion, in which
>> >>>>>>> separability detection is dependent on artifacts in the signature
>> >>>>>>> itself.
>> >>>>>>> ...
>> >>>>>>> In this respect, there is a scale of approval that developers may
>> >>>>>>> consider as to whether they are using at least one approved
>> >>>>>>> component algorithm implementation ...
>> >>>>>>> ...
>> >>>>>>> We provide a scale for the different nuances of approval of the
>> >>>>>>> hybrid combiners, where "approval" means that a software
>> >>>>>>> implementation of a component algorithm can be used unmodified for
>> >>>>>>> creation of the hybrid signature.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> b) In Table 2, should instances of "cert" and "certs" be updates to
>> >>>>>>> "certificate" and "certificates"?
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> c) The following terms are used in the document. Please review to
>> >>>>>>> ensure consistent and correct usage. Let us know if any updates are
>> >>>>>>> needed.
>> >>>>>>>
>> >>>>>>> component message forgery attack
>> >>>>>>> component algorithm forgery (and component algorithm forgeries)
>> >>>>>>> component forgery (and component forgeries) component forgery
>> >>>>>>> attacks
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 29) <!-- [rfced] Abbreviations
>> >>>>>>>
>> >>>>>>> a) FYI - We have added expansions for the following abbreviations
>> >>>>>>> per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review each
>> >>>>>>> expansion in the document carefully to ensure correctness.
>> >>>>>>>
>> >>>>>>> Great Multivariate Short Signature (GeMSS) Learning With Errors
>> >>>>>>> (LWE) Module-Lattice-Based Digital Signature Algorithm (ML-DSA)
>> >>>>>>> Post-Quantum Traditional (PQ/T)
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> b) Both the expansion and the acronym for the following terms are
>> >>>>>>> used throughout the document. Would you like to update to using the
>> >>>>>>> expansion upon first usage and the acronym for the rest of the
>> >>>>>>> document?
>> >>>>>>>
>> >>>>>>> Simultaneous Verification (SV)
>> >>>>>>> Strong Non-Separability (SNS)
>> >>>>>>> Weak Non-Separability (WNS)
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 30) <!-- [rfced] Please review the "Inclusive Language" portion of
>> >>>>>>> the online Style Guide <https://www/
>> >>>>>>> .rfc-editor.org%2Fstyleguide%2Fpart2%2F%23inclusive_language&data=0
>> >>>>>>> 5%7
>> >>>>>>> C02%7Cflo.d%40ncsc.gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa
>> >>>>>>> 574
>> >>>>>>> 4ece1474ea2d734f46dda64a1%7C0%7C0%7C639116952142243485%7CUnknown%7C
>> >>>>>>> TWF
>> >>>>>>> pbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMi
>> >>>>>>> IsI
>> >>>>>>> kFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=OAKGJ1JUFGfG
>> >>>>>>> 4S7 F5JNLrFZvMbNeMhgI%2BBlrSEfJwPU%3D&reserved=0>
>> >>>>>>> and let us know if any changes are needed. Updates of this nature
>> >>>>>>> typically result in more precise language, which is helpful for
>> >>>>>>> readers.
>> >>>>>>>
>> >>>>>>> For example, please consider whether "black-box" should be updated.
>> >>>>>>>
>> >>>>>>> In addition, please consider whether "traditional" should be
>> >>>>>>> updated for clarity. While the NIST website indicates that this
>> >>>>>>> term is potentially biased, it is also ambiguous. "Traditional" is
>> >>>>>>> a subjective term, as it is not the same for everyone.
>> >>>>>>>
>> >>>>>>> Link to NIST website:
>> >>>>>>> https://web/.
>> >>>>>>> archive.org%2Fweb%2F20250214092458%2Fhttps%3A%2F%2Fwww.nist.gov%2Fn
>> >>>>>>> ist
>> >>>>>>> -research-library%2Fnist-technical-series-publications-author-instr
>> >>>>>>> uct
>> >>>>>>> ions%23table1&data=05%7C02%7Cflo.d%40ncsc.gov.uk%7Cb6e100d6f75c462a
>> >>>>>>> 7e2
>> >>>>>>> 608de997b26cb%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C63911695
>> >>>>>>> 214
>> >>>>>>> 2266275%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjA
>> >>>>>>> uMD
>> >>>>>>> AwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7
>> >>>>>>> C%7
>> >>>>>>> C&sdata=KjcOH4cMH6dmM13%2B13OD%2BAjDTx1XlYsjUKX%2BJC65ue4%3D&reserv
>> >>>>>>> ed=
>> >>>>>>> 0
>> >>>>>>> -->
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> Thank you.
>> >>>>>>>
>> >>>>>>> Alanna Paloma and Rebecca VanRheenen RFC Production Center
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> On Apr 3, 2026, at 9:48 AM, [email protected] wrote:
>> >>>>>>>
>> >>>>>>> *****IMPORTANT*****
>> >>>>>>>
>> >>>>>>> Updated 2026/04/03
>> >>>>>>>
>> >>>>>>> RFC Author(s):
>> >>>>>>> --------------
>> >>>>>>>
>> >>>>>>> Instructions for Completing AUTH48
>> >>>>>>>
>> >>>>>>> Your document has now entered AUTH48. Once it has been reviewed and
>> >>>>>>> approved by you and all coauthors, it will be published as an RFC.
>> >>>>>>> If an author is no longer available, there are several remedies
>> >>>>>>> available as listed in the FAQ (https://www.rfc-editor.org/faq/).
>> >>>>>>>
>> >>>>>>> You and you coauthors are responsible for engaging other parties
>> >>>>>>> (e.g., Contributors or Working Group) as necessary before providing
>> >>>>>>> your approval.
>> >>>>>>>
>> >>>>>>> Planning your review
>> >>>>>>> ---------------------
>> >>>>>>>
>> >>>>>>> Please review the following aspects of your document:
>> >>>>>>>
>> >>>>>>> * RFC Editor questions
>> >>>>>>>
>> >>>>>>> Please review and resolve any questions raised by the RFC Editor
>> >>>>>>> that have been included in the XML file as comments marked as
>> >>>>>>> follows:
>> >>>>>>>
>> >>>>>>> <!-- [rfced] ... -->
>> >>>>>>>
>> >>>>>>> These questions will also be sent in a subsequent email.
>> >>>>>>>
>> >>>>>>> * Changes submitted by coauthors
>> >>>>>>>
>> >>>>>>> Please ensure that you review any changes submitted by your
>> >>>>>>> coauthors. We assume that if you do not speak up that you agree to
>> >>>>>>> changes submitted by your coauthors.
>> >>>>>>>
>> >>>>>>> * Content
>> >>>>>>>
>> >>>>>>> Please review the full content of the document, as this cannot
>> >>>>>>> change once the RFC is published. Please pay particular attention
>> >>>>>>> to:
>> >>>>>>> - IANA considerations updates (if applicable)
>> >>>>>>> - contact information
>> >>>>>>> - references
>> >>>>>>>
>> >>>>>>> * Copyright notices and legends
>> >>>>>>>
>> >>>>>>> Please review the copyright notice and legends as defined in RFC
>> >>>>>>> 5378 and the Trust Legal Provisions (TLP –
>> >>>>>>> https://trustee.ietf.org/license-info).
>> >>>>>>>
>> >>>>>>> * Semantic markup
>> >>>>>>>
>> >>>>>>> Please review the markup in the XML file to ensure that elements of
>> >>>>>>> content are correctly tagged. For example, ensure that <sourcecode>
>> >>>>>>> and <artwork> are set correctly. See details at
>> >>>>>>> <https://authors.ietf.org/rfcxml-vocabulary>.
>> >>>>>>>
>> >>>>>>> * Formatted output
>> >>>>>>>
>> >>>>>>> Please review the PDF, HTML, and TXT files to ensure that the
>> >>>>>>> formatted output, as generated from the markup in the XML file, is
>> >>>>>>> reasonable. Please note that the TXT will have formatting
>> >>>>>>> limitations compared to the PDF and HTML.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> Submitting changes
>> >>>>>>> ------------------
>> >>>>>>>
>> >>>>>>> To submit changes, please reply to this email using ‘REPLY ALL’ as
>> >>>>>>> all
>> >>>>>>> the parties CCed on this message need to see your changes. The
>> >>>>>>> parties
>> >>>>>>> include:
>> >>>>>>>
>> >>>>>>> * your coauthors
>> >>>>>>>
>> >>>>>>> * [email protected] (the RPC team)
>> >>>>>>>
>> >>>>>>> * other document participants, depending on the stream (e.g.,
>> >>>>>>> IETF Stream participants are your working group chairs, the
>> >>>>>>> responsible ADs, and the document shepherd).
>> >>>>>>>
>> >>>>>>> * [email protected], which is a new archival mailing list
>> >>>>>>> to preserve AUTH48 conversations; it is not an active discussion
>> >>>>>>> list:
>> >>>>>>>
>> >>>>>>> * More info:
>> >>>>>>>
>> >>>>>>> https://mail/
>> >>>>>>> archive.ietf.org%2Farch%2Fmsg%2Fietf-announce%2Fyb6lpIGh-4Q9l2USxIAe6P
>> >>>>>>> 8O4Zc&data=05%7C02%7Cflo.d%40ncsc.gov.uk%7Cb6e100d6f75c462a7e2608de997
>> >>>>>>> b26cb%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C639116952142368582%
>> >>>>>>> 7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIl
>> >>>>>>> AiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=
>> >>>>>>> 3hJ9a0AMEsdhemsdTdZX038KHPoEQJUpQooAVBOY4O4%3D&reserved=0
>> >>>>>>>
>> >>>>>>> * The archive itself:
>> >>>>>>>
>> >>>>>>> https://mail/
>> >>>>>>> archive.ietf.org%2Farch%2Fbrowse%2Fauth48archive%2F&data=05%7C02%7Cflo
>> >>>>>>> .d%40ncsc.gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474e
>> >>>>>>> a2d734f46dda64a1%7C0%7C0%7C639116952142387914%7CUnknown%7CTWFpbGZsb3d8
>> >>>>>>> eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTW
>> >>>>>>> FpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=sj%2F9zuIGXxz0auXp1vt54j
>> >>>>>>> LYrSA5NPJ8qA1jJ1jsqlQ%3D&reserved=0
>> >>>>>>>
>> >>>>>>> * Note: If only absolutely necessary, you may temporarily opt out
>> >>>>>>> of the archiving of messages (e.g., to discuss a sensitive matter).
>> >>>>>>> If needed, please add a note at the top of the message that you
>> >>>>>>> have dropped the address. When the discussion is concluded,
>> >>>>>>> [email protected] will be re-added to the CC list and
>> >>>>>>> its addition will be noted at the top of the message.
>> >>>>>>>
>> >>>>>>> You may submit your changes in one of two ways:
>> >>>>>>>
>> >>>>>>> An update to the provided XML file
>> >>>>>>> — OR —
>> >>>>>>> An explicit list of changes in this format
>> >>>>>>>
>> >>>>>>> Section # (or indicate Global)
>> >>>>>>>
>> >>>>>>> OLD:
>> >>>>>>> old text
>> >>>>>>>
>> >>>>>>> NEW:
>> >>>>>>> new text
>> >>>>>>>
>> >>>>>>> You do not need to reply with both an updated XML file and an
>> >>>>>>> explicit
>> >>>>>>> list of changes, as either form is sufficient.
>> >>>>>>>
>> >>>>>>> We will ask a stream manager to review and approve any changes that
>> >>>>>>> seem beyond editorial in nature, e.g., addition of new text, deletion
>> >>>>>>> of text, and technical changes. Information about stream managers
>> >>>>>>> can
>> >>>>>>> be found in the FAQ. Editorial changes do not require approval from
>> >>>>>>> a stream manager.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> Approving for publication
>> >>>>>>> --------------------------
>> >>>>>>>
>> >>>>>>> To approve your RFC for publication, please reply to this email
>> >>>>>>> stating that you approve this RFC for publication. Please use ‘REPLY
>> >>>>>>> ALL’, as all the parties CCed on this message need to see your
>> >>>>>>> approval.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> Files
>> >>>>>>> -----
>> >>>>>>>
>> >>>>>>> The files are available here:
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955.xml&data=05%7C02%7Cflo.d%40ncsc.gov
>> >>>>>>> .uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f46dda6
>> >>>>>>> 4a1%7C0%7C0%7C639116952142405899%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hc
>> >>>>>>> GkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
>> >>>>>>> yfQ%3D%3D%7C40000%7C%7C%7C&sdata=KOQhY%2B3XJtN7WaLVCzJa3OovpKDCJJ2yHj6
>> >>>>>>> AHiH%2FsmQ%3D&reserved=0
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955.html&data=05%7C02%7Cflo.d%40ncsc.go
>> >>>>>>> v.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f46dda
>> >>>>>>> 64a1%7C0%7C0%7C639116952142432157%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1h
>> >>>>>>> cGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIj
>> >>>>>>> oyfQ%3D%3D%7C40000%7C%7C%7C&sdata=zxgKqtprdwS2sHEk17d%2BKKsHZWVkxuBcL4
>> >>>>>>> WN81ZCYpg%3D&reserved=0
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955.pdf&data=05%7C02%7Cflo.d%40ncsc.gov
>> >>>>>>> .uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f46dda6
>> >>>>>>> 4a1%7C0%7C0%7C639116952142459846%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hc
>> >>>>>>> GkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
>> >>>>>>> yfQ%3D%3D%7C40000%7C%7C%7C&sdata=bDvmccc%2BmfGnu7k80hHgsLkzgBNRvt0cIiA
>> >>>>>>> p7UZkjpU%3D&reserved=0
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955.txt&data=05%7C02%7Cflo.d%40ncsc.gov
>> >>>>>>> .uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f46dda6
>> >>>>>>> 4a1%7C0%7C0%7C639116952142486506%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hc
>> >>>>>>> GkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
>> >>>>>>> yfQ%3D%3D%7C40000%7C%7C%7C&sdata=oz%2F3t8aS%2Bol6jhMCJDN508JUPjkk%2Fy6
>> >>>>>>> nKicgTo%2BW6%2Fk%3D&reserved=0
>> >>>>>>>
>> >>>>>>> Diff file of the text:
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955-diff.html&data=05%7C02%7Cflo.d%40nc
>> >>>>>>> sc.gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f
>> >>>>>>> 46dda64a1%7C0%7C0%7C639116952142512918%7CUnknown%7CTWFpbGZsb3d8eyJFbXB
>> >>>>>>> 0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsI
>> >>>>>>> ldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=Fx%2BITXyW6bFaTeaFmVPPnupd9902a
>> >>>>>>> kTw2JFdrjT09es%3D&reserved=0
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955-rfcdiff.html&data=05%7C02%7Cflo.d%4
>> >>>>>>> 0ncsc.gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d7
>> >>>>>>> 34f46dda64a1%7C0%7C0%7C639116952142539728%7CUnknown%7CTWFpbGZsb3d8eyJF
>> >>>>>>> bXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbC
>> >>>>>>> IsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=Rrg9A8rLNoF0O4aA3%2FFXla2kIS
>> >>>>>>> 84N5wH4et%2BUVV%2BaOY%3D&reserved=0 (side by side)
>> >>>>>>>
>> >>>>>>> For your convenience, we have also created an alt-diff file that will
>> >>>>>>> allow you to more easily view changes where text has been deleted or
>> >>>>>>> moved:
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955-alt-diff.html&data=05%7C02%7Cflo.d%
>> >>>>>>> 40ncsc.gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d
>> >>>>>>> 734f46dda64a1%7C0%7C0%7C639116952142568667%7CUnknown%7CTWFpbGZsb3d8eyJ
>> >>>>>>> FbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpb
>> >>>>>>> CIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=p5YqLFBllkeyZ%2BeRTVIcPGSHH
>> >>>>>>> LB30Qxdwc%2BwnHL8nfo%3D&reserved=0
>> >>>>>>>
>> >>>>>>> Diff of the XML:
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauthors%2Frfc9955-xmldiff1.html&data=05%7C02%7Cflo.d%
>> >>>>>>> 40ncsc.gov.uk%7Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d
>> >>>>>>> 734f46dda64a1%7C0%7C0%7C639116952142596842%7CUnknown%7CTWFpbGZsb3d8eyJ
>> >>>>>>> FbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpb
>> >>>>>>> CIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=%2B%2FpHzQbW2TvbBYwEEYGSDLG
>> >>>>>>> qPkZA1mNjZSNA6eZSpMg%3D&reserved=0
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> Tracking progress
>> >>>>>>> -----------------
>> >>>>>>>
>> >>>>>>> The details of the AUTH48 status of your document are here:
>> >>>>>>>
>> >>>>>>> https://www/.
>> >>>>>>> rfc-editor.org%2Fauth48%2Frfc9955&data=05%7C02%7Cflo.d%40ncsc.gov.uk%7
>> >>>>>>> Cb6e100d6f75c462a7e2608de997b26cb%7C14aa5744ece1474ea2d734f46dda64a1%7
>> >>>>>>> C0%7C0%7C639116952142624430%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn
>> >>>>>>> RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
>> >>>>>>> D%3D%7C40000%7C%7C%7C&sdata=it6iMYLF4xipV5dn6vO82p6dBDn4yKYBOgCye%2FM9
>> >>>>>>> Ccg%3D&reserved=0
>> >>>>>>>
>> >>>>>>> Please let us know if you have any questions.
>> >>>>>>>
>> >>>>>>> Thank you for your cooperation,
>> >>>>>>>
>> >>>>>>> RFC Editor
>> >>>>>>>
>> >>>>>>> --------------------------------------
>> >>>>>>> RFC9955 (draft-ietf-pquip-hybrid-signature-spectrums-07)
>> >>>>>>>
>> >>>>>>> Title : Hybrid signature spectrums
>> >>>>>>> Author(s) : N. Bindel, B. Hale, D. Connolly, F. Driscoll
>> >>>>>>> WG Chair(s) : Paul E. Hoffman
>> >>>>>>>
>> >>>>>>> Area Director(s) : Deb Cooley, Paul Wouters
>> >>>>>
>> >>>>>
>> >>>>
>> >>>
>> >>> <rfc9955_fdchanges.xml>
>> >>
>> >
>>
>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
--
auth48archive mailing list -- [email protected]
To unsubscribe send an email to [email protected]