Hello, Thank you for the review. Responses inline:
On 2 Mar 2026, at 05:41, Watson Ladd via Datatracker <[email protected]> wrote: > The sole substantive comment I have is that the selection of just Elliptic > Curve keys in Section 4.1 is probably too broad and too narrow at the same > time. To broad in that there are many potential noninteroperable or not widely > implemented curves, too narrow in that emerging PQ signatures will need a > document update to be used. It may be worth rethinking mandating this choice > here. I see the point. In https://github.com/mxsasha/nrtmv4/pull/106 we've removed the Elliptic Curve key requirement, and require to at least support ES256, specifically for interoperability. Existing implementations do this already. That does feel a bit restrictive as well though - if you have a different suggestion than the new text, do let us know. > Section 4.1 could also use a bit of editing: the server configures a > private key, then this public key is used. Thanks, this is fixed. Sasha _______________________________________________ GROW mailing list -- [email protected] To unsubscribe send an email to [email protected]
