I find it unfortunate that some of the responses in the mailing list amounted to "don't worry about being discriminated against because of your 'real' name; I pinky-promise that we're all nice people". Members of a cryptography community should know better than to demand that someone explain why their distrust is justified.<p>Obligatory link to two articles I think everyone implementing a name system should read:<p>1. "A Model for Identity in Software" [0] describes how people often have more than one identity. Different identities might have different personalities and names, especially on the Internet. For example, one person can go by "Johnathan", "Mr. Doe", "Jonny", "NoobMaster69", and "Dad" and react differently when greeted by each name.<p>[0]: <a href="https://christine.website/blog/identity-model-software-2021-01-31" rel="nofollow">https://christine.website/blog/identity-model-software-2021-...</a><p>2. "Falsehoods Programmers Believe About Names" [1] shows that nearly every assumption you make about names is wrong, and it's therefore best to rely upon as few assumptions as possible.<p>[1]:<a href="https://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-about-names/" rel="nofollow">https://www.kalzumeus.com/2010/06/17/falsehoods-programmers-...</a><p>Personally, I find my non-anonymous online pseudonym "Seirdy" to be more "real" than my real name. In real life, my physical counterpart doesn't really have anyone to talk to about the things he's most interested in; that's something only I (Seirdy) can do.
About everybody in this forum should know who this mysterious rsw is, Riad S. Wahby of course. With a public record at GitHub and his company jfet.org.
<a href="https://github.com/kwantam" rel="nofollow">https://github.com/kwantam</a><p>He even made a PR about their security problem (rare identity mappings with a chance of 1/2^256) they were discussing here. <a href="https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve/pull/306" rel="nofollow">https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve/pull/3...</a><p>Extremely pedantic. Typical mailing list explosions. I'm not in this forum and immediately knew, because this guy was first suspicious in recommending insecurity into their Security paragraph without proper argumentation.