Joe Richey

It's worth noting that the Open Quantum Safe (OQS) project has a fork of BoringSSL (https://github.com/open-quantum-safe/boringssl) that implements [a ton of various KEM and signature algorithms](https://github.com/open-quantum-safe/boringssl#key-exchange). Might be useful as...

@HeroicKatora you also might want to rebase this PR on master, as that should fix some of the CI issues.

> I think P-521 is also important from the post-quantum perspective. Note that P-521 (and all the other standard ECDSA curves) are not quantum resistant. Quantum-resistance will require a completely...

@tkaitchuck thanks for the detailed writeup. As one of the maintainers of `getrandom`, I agree that this is a problem that should be fixed. Exactly who should fix it is...

As described in https://github.com/tkaitchuck/aHash/issues/95#issuecomment-881242012, the issue here is `wasm-bindgen` depending on `serde_json` via its `serde-serialize` feature. To fix this either: 1. Make sure you (and your dependencies) don't enable the...

> I would suggest maybe `getrandom` could generate its own bindings for the WASM target since it needs, what, one syscall? @abonander in [my above comment](https://github.com/tkaitchuck/aHash/issues/95#issuecomment-881242012) I describe exactly what...

For my use case, I'm less concerned with syntactic sugar (`Box::new` is fine) but with blowing up the stack (in both debug and release mode) as @oyvindln and @mark-i-m suggested....

I like this function (as it allows a codebase to avoid uses of `as` if they desire). I agree thta `as_mut()` could lead to some ambiguity, and `cast_mut` seems better...

So I think the goal here would not be to have a stable CLI output for fscrypt, but to improve the fscrypt library enough so that frontends could just call...

So I think the issue here is that you just don't want to use user login passwords at all. @BlueMax is that right? In that case, we should should have...