[COSE] Review of draft-ietf-cose-hash-sig-00
Jim Schaad <ietf@augustcellars.com> Sat, 16 February 2019 06:27 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 080EC127AC2; Fri, 15 Feb 2019 22:27:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U9TiKWn90HrW; Fri, 15 Feb 2019 22:27:29 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 774541277D2; Fri, 15 Feb 2019 22:27:26 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 15 Feb 2019 22:27:20 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-cose-hash-sig@ietf.org
CC: 'cose' <cose@ietf.org>
Date: Fri, 15 Feb 2019 22:27:19 -0800
Message-ID: <00ea01d4c5c0$ac81d6d0$05858470$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdTFufOkitC6NeAaSRiPIqRYIbOPDw==
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/Z_u4ZEgjcs38BgT2v8deKMH-dos>
Subject: [COSE] Review of draft-ietf-cose-hash-sig-00
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Feb 2019 06:27:31 -0000
Russ, I don't remember when the last time I looked at this was, but since I have been reviewing the version over in lamps, look at all of those things and apply here. I tried not to duplicating them below. Please copy forward as is reasonable. 1. I am trying to create an example message for you, but I am having problems with getting a running implementation based on the ID in CFRG. One of my biggest issues is that the test vectors are completely insufficient if there are problems, and apparently I have a problem. 2. The following statement seems a bit weird: "The hash-based signature algorithm supports five values for this parameter: h=5; h=10; h=15; h=20; and h=25". Would it not be better to say it along the lines of "Currently there are five values registered for this parameter:..." 3. You do not seem to have consistency between section 4 and the IANA considerations wrt 'HSS-LMS' vs 'HASHSIG-HSS-LMS' 4. I find it very interesting that in this document you do not have the extra hash step that is present in the lamps document. Specifically this always uses the "direct" signature algorithm that I proposed over there. Jim
- [COSE] Review of draft-ietf-cose-hash-sig-00 Jim Schaad
- Re: [COSE] Review of draft-ietf-cose-hash-sig-00 Russ Housley