The current specification of EdDSA, in RFC 8032 (which we refer to), defines Ed25519 and Ed448 as being deterministic.
WebKit's implementation of Ed25519, when using macOS's CryptoKit, produces hedged (non-deterministic) signatures as per draft-irtf-cfrg-det-sigs-with-noise, citing security benefits.
So, we may want to allow this as well in the spec.
This is a copy of WICG/webcrypto-secure-curves#28, to keep track of that issue after we archive WICG/webcrypto-secure-curves.
The current specification of EdDSA, in RFC 8032 (which we refer to), defines Ed25519 and Ed448 as being deterministic.
WebKit's implementation of Ed25519, when using macOS's CryptoKit, produces hedged (non-deterministic) signatures as per draft-irtf-cfrg-det-sigs-with-noise, citing security benefits.
So, we may want to allow this as well in the spec.
This is a copy of WICG/webcrypto-secure-curves#28, to keep track of that issue after we archive WICG/webcrypto-secure-curves.