Panos Kampanakis just posted this on a mail list hosted by NIST. I thought it would be of interest to people on this list...
> LDWM (the earlier version of the LMS draft) signatures are used in some Cisco > chips for FPGA firmware signing. We also have heard interest in software > package signing with stateful schemes. > > We would like to see LMS and XMSS approved by NIST for some usecases. We > tried to compare the two schemes for potential adopters in > https://eprint.iacr.org/2017/349 <https://eprint.iacr.org/2017/349> > Personally, I would prefer for NIST to evaluate them together after they are > both IETF RFCs. FWIW, there might be usecases of stateful schemes that have > not been realized yet. For example in PKI, smaller size trees could be used > as the Offline Root CA signing scheme given that the Root CA is offline and > does not sign live. Such a usecase would assume different stateless schemes > are used at the leaves of the cert chain of course.
_______________________________________________ Tech mailing list [email protected] https://lists.cryptech.is/listinfo/tech
