Hello, I'm writing because I do not understand what this draft is supposed to accomplish. Designated verifier signatures have a long history in the research literature, but this draft proposes an ad-hoc scheme without discussion of its security goals or any references showing the scheme meets the goals. I understand this draft is early but it is very important to include these things to provide a basis for analysis and understanding of why the scheme is safe. Thankfully https://dl.acm.org/doi/pdf/10.5555/1862758.1862763 shows some properties of the scheme: are they the ones required?
Sincerely, Watson Ladd -- Astra mortemque praestare gradatim _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
