diff --git a/OneHundredYearCryptography.md b/OneHundredYearCryptography.md
index 9fbfc02..d9e2450 100644
--- a/OneHundredYearCryptography.md
+++ b/OneHundredYearCryptography.md
@@ -29,7 +29,9 @@ David-Sarah has proposed to use hash-based digital signatures.
  * <http://tahoe-lafs.org/pipermail/tahoe-dev/2010-June/004509.html>
  * <http://tahoe-lafs.org/pipermail/tahoe-dev/2010-July/004587.html>
 
-Julian Wälde has posted an actual implementation of hash-based digital signatures! <http://tahoe-lafs.org/pipermail/tahoe-dev/2011-March/006237.html>
+Zooko posted ["back of the envelope" performance constraints](https://tahoe-lafs.org/pipermail/tahoe-dev/2011-February/006133.html). Bottom-line: you get 30 million ARM instructions to implement one complete digital signature verification.
+
+Julian Wälde has [posted an actual implementation](http://tahoe-lafs.org/pipermail/tahoe-dev/2011-March/006237.html) of hash-based digital signatures! Exciting fact: his implementation meets Zooko's performance criterion!
 
 Brian and David-Sarah wrote [a simulator]source:trunk/misc/simulators/hashbasedsig.py or two to explore performance trade-offs in hash-based signature parameters. The output of one run with the following parameters is this:
 ```