* I've read it before. I the main issue is that it says "trusted" a lot.
Yeah, kinda snippy but not necessarily wrong. I’m a little skeptical of approaches that solve an entire problem space with one architecture. I’m more skeptical of enough people having the ability to read and understand the semantics of several pages of JSON object descriptions. I know I got MEGO[1] a copule of times while reading it. Can we simplify things and solve just one problem? For example, in some off-line discuissions others have mentioned that with PQ signatures being so big, there are policy decisions that clients might want to enforce – do you need SCT’s? Do you want OCSP stapling? Maybe it will be worthwhile to just think about what kind hybrid/PQ policies clients will want to express? [1] https://www.collinsdictionary.com/dictionary/english/mego
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
