RFC Errata
RFC 8391, "XMSS: eXtended Merkle Signature Scheme", May 2018
Source of RFC: IRTF
Errata ID: 8396
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Alex J Malozemoff
Date Reported: 2025-04-28
Section 4.1.10 says:
pk_ots = WOTS_pkFromSig(sig_ots, M', SEED, ADRS);
It should say:
pk_ots = WOTS_pkFromSig(M', sig_ots, ADRS, SEED);
Notes:
The call to `WOTS_pkFromSig` in `XMSS_rootFromSig` does not match the signature of Algorithm 6 (Section 3.1.6).