Conversation
added 2 commits
July 13, 2026 16:30
- Replace best-effort URLs with verified canonical sources (NIST, NCSC, EU roadmap/EUR-Lex, NSA, CISA, IETF, academic DOIs) - Correct QS08 mis-citation: 'Choudhury et al.' -> Li et al., NDSS 2025 - Split the two distinct Xu et al. CCS 2023 papers (QS08 reset, QS10 power) - Correct academic titles; note Suresh/Mi are countermeasure papers - Promote Standards & Regulatory Mapping to a visible TODO-flagged section
|
Hi @jsotiro, On the two open items you flagged, I can take a pass on the Example Attack Scenarios for any implementation-layer entries and swap in a real disclosed vuln instead of a synthesized one. I hold CVE-2026-46344 (liboqs heap overflow) plus fixes in liboqs, oqs-provider and circl, so I've got real cases to draw from. Also happy to scope the Standards/Regulatory Mapping section if that's still undecided. Which entries need it most? |
Collaborator
Author
|
Thank you @Vishnu2707 We are still prepping and this is staging. will coordinate via the slack channel project-quantum-secuirty. join and look for the announcements this week |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds ten markup entries under
quantum-top-10/, one per risk (QS01–QS10), each built from_template.mdusing the source draftOWASP_Top10_Quantum_Security_v0.2.md.Structure
Each entry follows
_template.md: Vulnerability Name → Description → Common Examples of Vulnerability → How to Prevent → Example Attack Scenarios → Reference Links, plus a Standards and Regulatory Mapping section carried over from the source (marked with a> **TODO:**flag since it is not part of the template).References
All reference URLs were verified against authoritative canonical sources (NIST, NCSC, EU roadmap/EUR-Lex, NSA, CISA, IETF, and academic DOIs). Notable corrections:
Reviewer notes (open items)
OWASP_Top10_Quantum_Security_v0.2.mdcarries the same "Choudhury et al." error and the same attack/defense framing for Suresh/Mi; those were corrected here but not yet in the source doc.