Simon Josefsson writes:
> This is a bit of a mess, unfortunately, and one solution may be to
> implement a non-solution approach: instead of changing the sign or
> verify operations,
As far as I'm aware, there's no need to modify the signing operation, am
I missing something? Do the details of
"Niels Möller" writes:
> Hi,
>
> A few weeks ago, I stumbled on
> https://hdevalence.ca/blog/2020-10-04-its-25519am. Summary: The
> specification for Ed25519 signatures, RFC 8032, doesn't specify
> unambiguously which bit strings are valid signatures, and which aren't.
> And implementations
