Document: draft-ietf-cose-hash-envelope
Title: COSE Hash Envelope
Reviewer: Yaron Sheffer
Review result: Has Nits
Overall the document is clear and mostly ready for publication.
- I suggest to add to the Terminology section a definition of "payload" and
"preimage".
- "Envelope Extended Diagnostic Notation" - this is unclear as text, is it
supposed to be a subsection header?
- It would be good to describe in detail the verifier's behavior (maybe an
actual list of steps), including the decision on regular/detached/hashed
payload.
- If content_type is not allowed, please mention that the payload is always
expected to be a bstr.
- Marking the new headers as critical is only a MAY. Should it be stronger? How
important is this for integrity?
- Sec. 5.1: the second half of this section is a long and convoluted sentence
("The approach...") that I find hard to parse.
- Encrypted hashes: I'm not sure if this is a real use case. But if it is, a
clearer recommendation on how to use this draft in that case would be better
than the current section.
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
