I've been called out on this, and so I need to apologize > -----Original Message----- > From: Scott Fluhrer (sfluhrer) <[email protected]> > Sent: Thursday, October 24, 2024 2:18 PM > To: [email protected]; <[email protected]> <[email protected]> > Subject: [TLS] Re: ML-DSA in TLS > > > Is there some complexity there? Yes, a little. However, I cannot see how > that > is an unprecedented amount; certainly, less than Deidre's idea of 'let's open > up the crypto and smash the two sides together'. >
I was referring to https://eprint.iacr.org/2023/423.pdf, which looking back, Deidre wasn't even a coauthor (my bad - I thought Deidre presented it; obviously my advanced age has not improved my memory). In any case: - I was certainly not impugning Deidre herself. If my words came across that way, well, that's a bad choice of words on my part, and I apologize for my clumsy wording. - I am also not impugning Nina Bindel and Britta Hale (the authors of the work I was referring to). - I did mean to impugn 2023/423 - I personally think that it is complex (anything that involves opening up the crypto engine is infeasible in some environments), and doesn't address a real problem that isn't addressed by the simple 'lets concatenate the signatures' approach. I hope to be more careful with my words in the future. _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
