Mohamed Boucadair has entered the following ballot position for draft-ietf-cose-tsa-tst-header-parameter-05: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-cose-tsa-tst-header-parameter/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Hi Henk, Thomas, and Maik, Thank you for the effort put into this specification. Thanks to Yingzhen Qu for the OPSDIR review. The spec is straightforward. There are some guidelines when manipulating timestamps (e.g., rfc8877), but I don’t think those apply here. I trust the authors have validated all the examples. Please find below some few comments: # Hash details: can we have an authoritative reference to zoom more about how the hash is computed/validated? CURRENT: The MessageImprint sent to the TSA (Section 2.4 of [RFC3161]) MUST be the hash of the payload of the COSE signed object. # Add a normative reference to RFC 8792 as that is required for unfolding # The use of folding is not consistent For example, this is not used in 3.2.1, while it is used in other examples. # Check/fix some uses of folding in the last example, in particular: CURRENT: / signature / h'8eb33e4ca31d1c465ab05aac34cc6b23d58fef5c083106c4 d25a91aef0b0117e2af9a291aa32e14ab834dc56ed2a223444547e01f11d3b0916e5 a4c345cacb36' Thank you. Cheers, Med _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
