Re: [Gen-art] Gen-ART Last Call review of draft-ietf-cose-msg-18

Jim Schaad <ietf@augustcellars.com> Wed, 28 September 2016 18:27 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BB6B12B091 for <gen-art@ietfa.amsl.com>; Wed, 28 Sep 2016 11:27:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.216
X-Spam-Level:
X-Spam-Status: No, score=-4.216 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id af1AoBBCDmG2 for <gen-art@ietfa.amsl.com>; Wed, 28 Sep 2016 11:27:04 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44A4F12B388 for <gen-art@ietf.org>; Wed, 28 Sep 2016 11:27:04 -0700 (PDT)
Received: from hebrews (50.34.10.134) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 28 Sep 2016 11:40:22 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Meral Shirazipour' <meral.shirazipour@ericsson.com>, draft-ietf-cose-msg.all@tools.ietf.org, gen-art@ietf.org
References: <ABCAA4EF18F17B4FB619EA93DEF7939A4E73FD94@eusaamb107.ericsson.se>
In-Reply-To: <ABCAA4EF18F17B4FB619EA93DEF7939A4E73FD94@eusaamb107.ericsson.se>
Date: Wed, 28 Sep 2016 11:26:55 -0700
Message-ID: <03f501d219b5$e5ce4040$b16ac0c0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_03F6_01D2197B.3971D940"
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AQH5TVsHxr4s7Uo+4VJ96NVKX/tmBqBAzMhg
X-Originating-IP: [50.34.10.134]
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/NriZH4YnwoDj6DVXxVbX9gyY__A>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-cose-msg-18
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Sep 2016 18:27:08 -0000

 

 

From: Meral Shirazipour [mailto:meral.shirazipour@ericsson.com] 
Sent: Tuesday, September 27, 2016 11:27 PM
To: draft-ietf-cose-msg.all@tools.ietf.org; gen-art@ietf.org
Subject: Gen-ART Last Call review of draft-ietf-cose-msg-18

 

I am the assigned Gen-ART reviewer for this draft. The General Area Review
Team (Gen-ART) reviews all IETF documents being processed by the IESG for
the IETF Chair.  Please treat these comments just like any other last call
comments.

For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.  

 

 

Document: draft-ietf-cose-msg-18

Reviewer: Meral Shirazipour

Review Date: 2016-09-27

IETF LC End Date:  2016-09-28

IESG Telechat date: 2016-09-29

 

 

 

Summary:

This draft is ready to be published as Standards Track RFC but I have some
comments.

 

Major issues:

Minor issues:

 

"

The JOSE working group produced a set of documents

   [RFC7515][RFC7516][RFC7517][RFC7518] using JSON that specified how to

   process encryption, signatures and message authentication (MAC)

   operations, and how to encode keys using JSON.  This document defines

   the CBOR Object Encryption and Signing (COSE) standard which does the

   same thing for the CBOR encoding format.

"

 

Was there a reason to not have multiple documents for CBOR? It would be good
to add this reason to section 1 in the above mentioned paragraph.

 

[JLS] The JOSE documents were divided up in part because the solutions came
into the group separately.  At one point the idea was to think about
combining them later into two documents, but the group ran out of energy
long before we could get to that point.  COSE is a single document in part
to an overreaction to that experience and because it had only a single set
of authors, unlike the JOSE documents.  My original plan was to split it
into two documents before WGLC but the group did not want that to happen.

 

I don't think that since this is an emotional rather than technical reason
for the change that there documenting that fact make sense.

 

 

Nits/editorial comments:

 

-[Page 5], "services for IoT, using CBOR"---->"services for IoT, and using
CBOR"

[JLS] done

 

-[Page 5], "[RFC7515][RFC7516][RFC7517][RFC7518]" , please check hyperref
for 2nd and 4th reference (they don't appear in html view
https://tools.ietf.org/html/draft-ietf-cose-msg-18)

[JLS] Please speak to the tool developers not me on this.  

 

-[Page 5], "message authentication (MAC)"---->"Message Authentication Code
(MAC)"

[JLS] done

 

-[Page 6], "There currently is"---->"There is currently"

[JLS] done

 

-[Page 7], "For this, reason"---->"For this reason,"

[JLS] done

 

-[Page 8] "this works consider"---->"this works, consider"

[JLS] done

 

-general, in many section, e.g. 16.2: when listing terms+ definition, it
would be clearer to add ":" in front of the term. 

[JLS] I'll take with the RFC Editor about this.  It is partly a matter of
style.

 

-Section 19.2 refrences to be updated

e.g.

[I-D.greevenbosch-appsawg-cbor-cddl], is not v09

[JLS] Hey - it got published after my draft did - no fair.

 

Best Regards,

Meral

---

Meral Shirazipour

Ericsson Research

www.ericsson.com <http://www.ericsson.com>