Laurence: Thanks for the review. Your comments have made the document better, even though I am pushing back on one of them.
> Here’s a few comments that are primarily about wording and presentation. The > actual protocol bits defined here seems ready to me. > > 1) Section 3 > There are two sentences that say "NIST has defined xxx modes of operation for > use with AES...” One of them could be removed. I merged the first two paragraphs, and incorporating the point raised by John to avoid mentioning ECB: NIST has defined several modes of operation for Advanced Encryption Standard (AES) [AES] [MODES]. AES supports three key sizes: 128 bits, 192 bits, and 256 bits. The AES has a block size of 128 bits (16 octets). Each of these modes has different characteristics. The modes include: CBC (Cipher Block Chaining), CFB (Cipher FeedBack), OFB (Output FeedBack), and CTR (Counter). > 2) Section 4 > If it were me, I’d move / remove many of the paragraphs in section 4 to > security considerations. For example the stuff about re-using IVs, how easy > it is to use incorrectly and discussing about forging. My preference would be > that section 4 only describe bytes on the wire, protocol and operations. This is an attempt to warn implementers early and often. Perhaps the balance is wrong. If so, I'd like to hear from others. > 3) Section 4.1 > While the title is Alg IDs, much of this section is about COSE_Keys. Maybe > split it into two, one on Alg IDs and one on COSE_Keys. Sure. Good idea. > 4) Section 4.1 > A paragraph in 4.1 discusses catching an error were AAD is supplied expecting > it to be authenticated. That should probably not be in the section on Alg > IDs. If it were me, I’d move it to security considerations, but it could > elsewhere too. I put it right before Section 4.1. There is related text in the Security Considerations. Again, want to make this point more than once. > 5) Section 5 > Similarly, if it were me, I’d put the move / remove stuff about fresh keys > and non-providing of integrity to security considerations. Agree. Russ _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
