Hi Joel, Thanks for the review.
Minor issues: The security considerations section seems remarkably light. > It > may be correct. > Original intention was to keep the security considerations specific to anything particular about the use of ML-DSA in TLS and refer to existing documents (FIPS 204, RFC 8446) for generally applicable considerations. The working group has certainly thought a lot more about it then these short few words might suggest. Among others, the WG discussed several changes: whether to mention composites (hybrids); whether to discuss hedged vs deterministic signing; and whether to repeat general guidance. My guess is that only https://github.com/tlswg/tls-mldsa/pull/36 will have WG support. Best, Bas
_______________________________________________ Gen-art mailing list -- [email protected] To unsubscribe send an email to [email protected]
