> -----Original Message-----
> From: COSE <[email protected]> On Behalf Of Ben Campbell
> Sent: Wednesday, October 10, 2018 7:27 PM
> To: The IESG <[email protected]>
> Cc: [email protected]; [email protected]
> Subject: [COSE] Ben Campbell's No Objection on charter-ietf-cose-01-00:
(with
> COMMENT)
> 
> Ben Campbell has entered the following ballot position for
> charter-ietf-cose-01-00: No Objection
> 
> When responding, please keep the subject line intact and reply to all
email
> addresses included in the To and CC lines. (Feel free to cut this
introductory
> paragraph, however.)
> 
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/charter-ietf-cose/
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> I agree with Spencer that this probably needs external review. (I don't
see a
> "can this be approved without external review" question in the ballot, so
I
> assume that's the intent, anyway.)
> 
> Otherwise, I have several mostly editorial comments:
> 
> The paragraphs starting with "The SUIT working group..." seem out of
place.
> These are motivations for work, but they occur after the discussion of
work
> structure has already started. I propose moving them earlier in the
charter.
> 
> "1. Should the document be split in two?  One document for the structures
and
> one document for the algorithm definitions."
> 
> The second sentence is a fragment.

That is my writing style -- I seem to love fragments.

1.  Should the current document be split in two?  The first document would
contain the definitions of the structures and rules for processing them.
The second document would contain the set of original algorithms that were
defined.

> 
> "The first set of
> three are listed in the deliverables."
> 
> There are 5 in the deliverables.
> 
> "A re-charter will be required
> to expand this list."
> 
> Isn't that always true?

No I don't think that this is true.  If the SUIT WG came up with a new
algorithm that was approved by CFRG, then according to the goals set forward


The working group will coordinate its progress with the ACE, SUIT and
CORE working groups to ensure that we are fulfilling the needs of
these constituencies to the extent relevant to their work.

Then I believe that we could add this new algorithm document as a
deliverable without having to do a re-charter.  This text exists mostly to
make sure that I don't have to field questions about - Can we re-write X.509
certificates to be in CBOR (perhaps in a more limited form).

> 
> "At the time COSE was developed, there was a sense that X.509 certificates
was
> not a feature"
> 
> s/was/were
> 
> "The need to be able to
> identify X.509 certificates is now a feature that needs to be provided."
> 
> That seems awkward. I propose "The ability to identify X.509 certificates
now
> needs to be provided." Also, is this just a matter of identifying them, or
do they
> need to be imbedded/included?

Both identification and inclusion are required.  In some circumstances you
want to feed the certificate in and not make the recipient do a query to a
third party to retrieve it.

Jim

> 
> 
> _______________________________________________
> COSE mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/cose

_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose

Reply via email to