[Anima] IANA and GenART review comments to voucher (RFC8366bis)

Wed, 24 Jun 2026 10:36:45 -0700 

I think that I've handled all of the outstanding comments on RFC8366bis,
including AD comments.   I will wait until Monday to post a new version so
that others can comment/wordsmith on these PRs.

Hi, I've worked on Russ' GenART review comments, which were captured at:
    https://github.com/anima-wg/voucher/issues/129

I think that the only two places we mentioned PKCS7 was in the text that said
how to deal with it.  Instead, I've marked cmsVersion=1 as deprecated.
I updated to include Russ' suggested ASN.1 for the eContentType.
I did not include the entire CMS structure (as proposed in #132), preferring
to leave that as a reference.  Please see the PR 
https://github.com/anima-wg/voucher/pull/136

I've changed the IANA Considerations based upon the request from IANA: they
asked not to reference previous documents. That is:
    https://github.com/anima-wg/voucher/issues/133 and associated PR

I've changed the "extensions" Registry to be Expert Review (from FCFS).

I've fixed the voucher-request yang module not to have any MUST or reference
to an obsolete I-D.  The text around supported algorithms is now in the main
voucher text, and the PR is:
  https://github.com/anima-wg/voucher/pull/135

The next text says:

When EcDSA is supported, curves secp256r1 and secp384r1 SHOULD be supported.
When EdDSA is supported, curves Ed25519 and Ed448 SHOULD be supported.
When RSA is supported, sizes of at least 2048 bits SHOULD be supported, with 
support for sizes up to 4096 bits as RECOMMENDED.

Of the above, EcDSA SHOULD be supported by all implementations, until some 
quantum-safe variant is standardized.

----

I don't know whether my "until..." will fly...

(It seems reasonable to me that constrained devices will support only a
single signature system.  Maybe we need to say more here about what
registrar's vs Pledge's support.  Non-constrained pledges could support all
sorts of things)



--
Michael Richardson <[email protected]>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

**       My working hours and your working hours may be different.         **
** Please do not feel obligated to reply outside your normal working hours **

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Anima mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to