Thanks for taking the time to review the document, Claudio! FYI, we published
https://www.ietf.org/archive/id/draft-ietf-cose-cwt-claims-in-headers-07.html
to address the Last Call comments received.
Both the Privacy Considerations and Security Considerations sections were
significantly enhanced, including discussing the use of detached signatures.
Thanks again,
-- Mike
-----Original Message-----
From: Claudio Allocchio via Datatracker <[email protected]>
Sent: Thursday, October 19, 2023 12:50 AM
To: [email protected]
Cc: [email protected]; [email protected];
[email protected]
Subject: Artart last call review of draft-ietf-cose-cwt-claims-in-headers-06
Reviewer: Claudio Allocchio
Review result: Ready with Nits
The document is basically well written and clear. The only nits I suggest to
fix is in the security chapter: it seems a copy/paste of the same sections as
RFC 7519 one, but maybe some "expanded statements" on the implication of
external signature use and in case about potential risks associated may help
the non security expert implementer to better understand the whole picture.
Given the above, the document is ready to go.
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
