%% You should probably cite draft-ietf-pquip-hbs-state-02 instead of this revision.
@techreport{ietf-pquip-hbs-state-01,
    number =    {draft-ietf-pquip-hbs-state-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-pquip-hbs-state/01/},
    author =    {Thom Wiggers and Kaveh Bashiri and Stefan Kölbl and Jim Goodman and Stavros Kousidis},
    title =     {{Hash-based Signatures: State and Backup Management}},
    pagetotal = 23,
    year =      2025,
    month =     nov,
    day =       4,
    abstract =  {Stateful Hash-Based Signature Schemes (Stateful HBS) such as LMS, HSS, XMSS and XMSS\textasciicircum{}MT combine Merkle trees with One-Time Signatures (OTS) to provide signatures that are resistant against attacks using large-scale quantum computers. Unlike conventional stateless digital signature schemes, Stateful HBS have a state to keep track of which OTS keys have been used, as double-signing with the same OTS key allows forgeries. This document provides guidance and documents security considerations for the operational and technical aspects of deploying systems that rely on Stateful HBS. Management of the state of the Stateful HBS, including any handling of redundant key material, is a sensitive topic, and we discuss some approaches to handle the associated challenges. We also describe the challenges that need to be resolved before certain approaches should be considered.},
}