Dear all,
In reviewing the proceedings now online I noticed that someone is
proposing to support using the same key with multiple signature
algorithms. This is a bad idea that makes everyone sad. Showing that a
signature under one algorithm cannot be abused to obtain another
signature with a diffe
Hi, Watson
On 18 Nov 2016, at 9:18, Watson Ladd wrote:
> Dear all,
>
> In reviewing the proceedings now online I noticed that someone is
> proposing to support using the same key with multiple signature
> algorithms. This is a bad idea that makes everyone sad. Showing that a
> signature under o
Hi Watson,
I also wonder where did you come to such a conclusion from.
Besides discussion about contexts in EdDSA, there was a slide
in my presentation that was about signature formats ambiguity
in IKEv2, that may be interpreted as a promotion for using the same
key with different signature algor
On Thu, Nov 17, 2016 at 6:31 PM, Yoav Nir wrote:
> Hi, Watson
>
> On 18 Nov 2016, at 9:18, Watson Ladd wrote:
>
>> Dear all,
>>
>> In reviewing the proceedings now online I noticed that someone is
>> proposing to support using the same key with multiple signature
>> algorithms. This is a bad idea
Watson Ladd writes:
> I might be confused, but the slides in
> https://www.ietf.org/proceedings/97/slides/slides-97-ipsecme-signature-forms-ambiguity-in-ikev2-00.pdf
> seem to very clearly want something else. Apologies for my
> insufficient context inclusion.
Yes, with RSA I think it might be qui
On Thu, Nov 17, 2016 at 7:38 PM, Tero Kivinen wrote:
> Watson Ladd writes:
>> I might be confused, but the slides in
>> https://www.ietf.org/proceedings/97/slides/slides-97-ipsecme-signature-forms-ambiguity-in-ikev2-00.pdf
>> seem to very clearly want something else. Apologies for my
>> insufficie