From 4637a1ea6b0386f92901a13fa5844a78fdfc941a Mon Sep 17 00:00:00 2001
From: Jeffrey Burdges <burdges@gnunet.org>
Date: Thu, 18 May 2017 14:35:34 +0200
Subject: Do we really need to mention post-quantum RSA?  lol

---
 doc/paper/taler_FC2016.txt | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'doc')

diff --git a/doc/paper/taler_FC2016.txt b/doc/paper/taler_FC2016.txt
index 60a7c0da4..80e590c38 100644
--- a/doc/paper/taler_FC2016.txt
+++ b/doc/paper/taler_FC2016.txt
@@ -298,9 +298,8 @@ importance or even existence.
 > scheme still seems to offer the best security/performance trade-off,
 > and we also value simplicity and extensive peer-review of the
 > cryptographic primitives used for production systems.  So far, none
-> of the schemes compete.  For example, Bernstein recently proposed an
-> interesting PostQuantum blind-signature scheme, but the keys are too
-> large to be useful in practice.
+> of the schemes compete.  In particular, the elliptic curve blind
+> signatures mostly require extra round trips. 
 
 However, providing proofs of the statement to be signed is important,
 and a potential attack on the presented scheme may illustrate this. The
-- 
cgit v1.2.3