minor considerations

1 files changed, 9 insertions, 2 deletions

diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 0141940..de1af5b 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -679,7 +679,13 @@ PRK_h := HKDF-Extract ("key-derivation", zk)
 h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
 h[31] &= 7  // Implies h mod L == h
 zk’ := h * zk
-         ]]></artwork>
+           ]]></artwork>
+         <t>
+           We note that implementors must employ a constant time scalar
+           multiplication for the constructions above. Also, implementors
+           must ensure that the private key "a" is an ed25519 private key
+           and specifically that "a[0] &#38; 7 == 0" holds.
+         </t>
          <t>
            The EDKEY cryptosystem uses a
            hash-based key derivation function (HKDF) as defined in
@@ -698,7 +704,8 @@ zk’ := h * zk
          </t>
          <t>
            We point out that the multiplication of "zk" with "h" is a point multiplication,
-           while the multiplication of "a" with "h" is a scalar multiplication.
+           while the division and multiplication of "a" and "a1" with the
+           cofactor are integer operations.
          </t>
          <t>
            Signatures for EDKEY zones using the derived private key "a'"