Why are Leighton-Micali Signature Scheme (LMS) and eXtended Merkle Signature Scheme (XMSS) no candidates in the NIST Post-Quantum Cryptography Standardization process?
Both are mentioned in the final draft of Recommendation for Stateful Hash-Based Signature Schemes.
I was expecting that both algorithms are candidates in the standardization process as well, but it seems that they weren’t even submitted. Can anyone explain why? If they are not considered as candidates for a new standard why does the Recommendation for Stateful Hash-Based Signature Schemes exist and mention exactly those two algorithms?
Is the recommendation just a temporary standard until the standardization process is finished?