This is inspired by what goes over the wire in a TLS
handshake: an intermediate cert and end entity cert each with a
signature and public key, and a signature on a key exchange. Larger
certificate chains bring the ratio closer to 1:1.
+1, but for the general case I would not count SCTs.
Maybe there could be a “general TLS figure of merit” and a “web TLS figure of merit”.
From: 'Bas Westerbaan' via pqc-forum <pqc-...@list.nist.gov>
Sent: Friday, June 2, 2023 1:38 AM
To: Watson Ladd <watso...@gmail.com>
Cc: pqc-...@list.nist.gov <pqc-...@list.nist.gov>
Subject: RE: [EXTERNAL][pqc-forum] TLS oriented figure of merit for signature sizes
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. |
--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
pqc-forum+...@list.nist.gov.
To view this discussion on the web visit
https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/CAMjbhoUN95ShCSarcd8eptTQvD140f%3DS6oS5Ur%3DH_-tQSH6zXQ%40mail.gmail.com.