scope:

The present document is limited to discussion of the characteristics of the state object, the reuse of the state index, and of architectural and operational considerations for deploying stateful hash-based signatures. First, it discusses characteristics of the state object for S-HBS schemes and identifies potential security vulnerabilities and operational problems associated with its management. Second, it gives guidance on mitigating the issues identified. And third, it helps a prospective implementor determine if a S-HBS solution is suitable for their given application; examples of suitable and non-suitable applications are given.