[srfilipek]

The article discusses interoperability issues; it isn't an attack or vulnerability.

The issue is that implementations will reject valid signatures.

[kelnage]

Yeah, sorry, my wording wasn’t clear. I meant that attacks exist based on not utilising appropriate validation criteria (and, for example, libsodium’s more strict criteria do indeed prevent them).

[laksdjfkasljdf]

Which attack(s) would that be?