Hi, I reviewed draft-ietf-cose-cwt-claims-in-headers-03 as an individual. Please find my comments below.
Issues: 1. Please add the normal terminology section in sec 2 (example [1]). 2. I think it will make sense to add something more to the security considerations - for example something along the lines of `also read the CWT security considerations` and/or `it is the responsibility of the application to ensure that only claims that are safe to be transmitted in an unencrypted manner are replicated in CWT claims`. 3. The PDF formatting is really suboptimal - see the header on p1 (I am not sure if you can do anything about this, but mentioning it nevertheless). Nits: - in sec 5 /such as structure/such a structure/ - sec 5 again, the MUST verify seems more like SHOULD verify to me, but I don't feel strongly about it. With my chair hat on, with those issues handled, I don't see any obstacles to sending WGLC for this document. Best regards, Ivaylo [1]: https://www.rfc-editor.org/rfc/rfc9338.html#section-1.1
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
