John: > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks to Michael B. Jones for the shepherd write-up, without which I would > have been a little lost as to why we need this document. The context was > helpful. > > I have just two small comments about the spec. > > First, in > > If an attacker is able to strip the authentication and integrity > mechanism, then the attacker can replace it with their one of their > own creation > > s/their one/one/
Fixed in my edit buffer. > Second, there are two SHOULDs in Section 8. I am curious why they aren’t > MUSTs. > If SHOULD is the more appropriate choice, would it be possible to provide some > commentary as to when it might be fine for an implementor to deviate? I would be okay with making these lower case. For the first one, the consequences of not following the advice (provide integrity protection for the kid) is stated. For the second one, the advice is to perform the integrity checking with AES-CBC mode prior to decryption, but a reference is provided for more details. There are already MUST statements about the integrity protection. These are adding a bit of detail. Russ _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
