[Cbor] Review of draft-ietf-cose-merkle-tree-proofs-05
Felix Linker <linkerfelix@gmail.com> Mon, 05 August 2024 16:32 UTC
Return-Path: <linkerfelix@gmail.com>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E506AC151981 for <cbor@ietfa.amsl.com>; Mon, 5 Aug 2024 09:32:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qCqIXjdcwH4r for <cbor@ietfa.amsl.com>; Mon, 5 Aug 2024 09:32:29 -0700 (PDT)
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AF49C151543 for <cbor@ietf.org>; Mon, 5 Aug 2024 09:32:29 -0700 (PDT)
Received: by mail-lj1-x229.google.com with SMTP id 38308e7fff4ca-2ef32fea28dso121414761fa.2 for <cbor@ietf.org>; Mon, 05 Aug 2024 09:32:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722875547; x=1723480347; darn=ietf.org; h=to:date:message-id:subject:mime-version:from:from:to:cc:subject :date:message-id:reply-to; bh=GolEWlz0QCloG36tW1zQTWf/C8W9RgIvb7/KlZFWgso=; b=Jyd8QDEwP+JoFKq8RVW1ZW5xAe1+8hoo0z2bIMeZwXtvlc3/CjKpPQwtgVdZqlHfx5 U/YWTIIHF72JI1DfavJqDIzjP0OhdlttV/tmCfDounNtnTjTiryzdlNRy4OHoEhIRpLo BCtWpTQxm/AAyc9UHP66iMARa1adBoU9K19KOGuqrau5akKay+TYpLwjbgcI7FDGit8q whJX7brB5svRtVZFL0L1uBI0P8Pd8ZuEnbSKdvEbs3Sx64PQN3uNbPWQcV+umGLBgR5q 9/AVSXfSLaAQt7AkWQStlv9oQbUYNWzBlJ4dv0fhIsltI04nqahCo+Yguh7bWrtD9+0v v8Ow==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722875547; x=1723480347; h=to:date:message-id:subject:mime-version:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=GolEWlz0QCloG36tW1zQTWf/C8W9RgIvb7/KlZFWgso=; b=cimY+8hNjraX7vN0eZhcW+SnsMVMWr5Zk9TH/tvx2EOCpzedWmXgtAW0w3qQoaMLFz Ph6n9dvCCgJ2ypzBBaGNQQ85++naKldTAYTQ1+l+pabdDerJdZDfY0LNNZNPxiqset+t 7Ajir4CF2jJLhKm6tAVj654Bo/5ljq8zoVN5Vbfm9ZGFf8OwhpEspG4jl45atcq82pFQ tfbBI4RPMrzMQi9GjML/itBtm3JK1Tg53NpbBpbVO+3IX7K/4/zraY5DREol96vRFPUq akA/a77DuybmKXUA+wD3VNWikaEVidGgQFTsOJ5N9AGuEHRYLe7zJN8e3Jp//XjEFG1t 10Kw==
X-Gm-Message-State: AOJu0YxEf4HB5UYfdI7CIkm11it0thnJmHvt8sjSBkAbYzYRv+kbAqG6 FSngOIaGnn6of1EqEqhhHZnU0t5Pqimn+6cNALutcN3801rogkYsHmGGgg==
X-Google-Smtp-Source: AGHT+IFxW2Ef+twc4UYKHpK44uJLmGnySUDVpdyngp67lXb/7TC8o7bucC06aQ9Yk5AP8EP5Kxhf0g==
X-Received: by 2002:a2e:9907:0:b0:2ef:2b53:c77e with SMTP id 38308e7fff4ca-2f15aa71a9dmr78016101fa.7.1722875546244; Mon, 05 Aug 2024 09:32:26 -0700 (PDT)
Received: from smtpclient.apple (2001-67c-10ec-5784-8000--3dd.net6.ethz.ch. [2001:67c:10ec:5784:8000::3dd]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36bbd06d7dasm10277528f8f.97.2024.08.05.09.32.25 for <cbor@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2024 09:32:25 -0700 (PDT)
From: Felix Linker <linkerfelix@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_AAC87AA1-AFCA-4957-B378-E58834A7190C"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\))
Message-Id: <4F3EF1FA-C381-40C0-8BE0-0F6D6FA65217@gmail.com>
Date: Mon, 05 Aug 2024 18:32:15 +0200
To: cbor@ietf.org
X-Mailer: Apple Mail (2.3774.600.62)
Message-ID-Hash: S2H4X43YZI6FT7G62AP2NFJBNKLX6W3F
X-Message-ID-Hash: S2H4X43YZI6FT7G62AP2NFJBNKLX6W3F
X-MailFrom: linkerfelix@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cbor.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Cbor] Review of draft-ietf-cose-merkle-tree-proofs-05
List-Id: "Concise Binary Object Representation (CBOR)" <cbor.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/qbRuyUZHlQ6uWJvPkN3Qiv3r59o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Owner: <mailto:cbor-owner@ietf.org>
List-Post: <mailto:cbor@ietf.org>
List-Subscribe: <mailto:cbor-join@ietf.org>
List-Unsubscribe: <mailto:cbor-leave@ietf.org>
Hi everyone, I just read draft-ietf-cose-merkle-tree-proofs-05 and have some thoughts. For one, I opened a fairly simple PR: https://github.com/cose-wg/draft-ietf-cose-merkle-tree-proofs/pull/21 (reasoning provided with PR). In general, I think positively of the draft. I have mostly editorial comments. I was confused on some parts of Sections 5.(2|3).1: I am confused about the first sentence in Section 5.2.1. It says: "In a signed inclusion proof, the previous merkle tree root, maps to tree-size-1, and is a detached payload.“ This sentence doesn’t make sense grammatically. Either the sentence is missing a verb or there is a comma too many (after „root“). Maybe it would also be clearer to replace „maps to“ with „corresponding to“? (If this is what you mean, of course.) „Mapping“ could be parsed as „takes the value of“ (in the same sense as in „a dictionary maps a key to a value“) whereas „corresponding“ clarifies that the connection is only logical. I think it should be „tree-size“ and not „tree-size-1.“ Also, is it really the „previous“ merkle tree root? Wouldn’t a proof of inclusion be computed w.r.t. to the current merkle tree root? Still in 5.2.1, it says: "Detaching the payload forces verifiers to recompute the root from the inclusion proof signature […].“ I don’t understand what „signature“ refers to here. The sentence would make perfect sense to me if we were to drop this word. The first sentence of Section 5.3.1 exhibits the same problems as the one at the beginning of Section 5.2.1. Either a verb is missing or there is a comma too much. Beyond that, I was only wondering why the payload of a receipt of inclusion is detached but attached for a receipt of consistency. The reasoning in Section 5.2.1 makes perfect sense to me, but it also seems to apply to 5.3.1. I hope my comments are constructive! All the best, Felix
- [Cbor] Review of draft-ietf-cose-merkle-tree-proo… Felix Linker