Re: [Gen-art] Genart last call review of draft-ietf-cose-countersign-06
Russ Housley <housley@vigilsec.com> Fri, 22 July 2022 21:05 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60E45C159493; Fri, 22 Jul 2022 14:05:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3hKtCfbLwEaG; Fri, 22 Jul 2022 14:05:47 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE759C14F724; Fri, 22 Jul 2022 14:05:47 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id DAD6814EF3C; Fri, 22 Jul 2022 17:05:46 -0400 (EDT)
Received: from [10.0.1.2] (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id B693614F359; Fri, 22 Jul 2022 17:05:46 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <165849969527.36885.13797431376259499072@ietfa.amsl.com>
Date: Fri, 22 Jul 2022 17:05:44 -0400
Cc: IETF Gen-ART <gen-art@ietf.org>, cose <cose@ietf.org>, draft-ietf-cose-countersign.all@ietf.org, last-call@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <1C4876B2-031D-4B63-827D-0ACA5166EE94@vigilsec.com>
References: <165849969527.36885.13797431376259499072@ietfa.amsl.com>
To: Elwyn Davies <elwynd@dial.pipex.com>
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.09 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/oLBd4AcdMZpVQ3ltT48awfAALAA>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-cose-countersign-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2022 21:05:53 -0000
Elwyn:
Thank you for the careful review. My earlier message responded to the nits. This message responds to your more significant comment.
> Summary: Almost ready with one minor issue and several nits. I do not
> understand how it is decided what the count of bstr fields is which is needed
> to determine if the other_fields mechanism is invoked. Are all the standard
> fields included? And could other_fields be included in an example please?
> Constructing an example would be helpful for both author and users I think.
>
> Major issues:
> None
>
> Minor issues:
> s3.3, description of 'other_fields': I am confused as to which bstr's count
> towards the 'only two' condition. All the fields after 'context' are encoded
> as bstr so are all these involved in the count? Also I couldn't see an example
> which appeared to showcase how 'other_fields' is used. This might well have
> helped.
In the first paragraph of Section 3.3, the countersignature target structure is defined to be one of these: COSE_Signature, COSE_Sign1, COSE_Sign, COSE_Mac, COSE_Mac0, COSE_Encrypt, or COSE_Encrypt0.
Then, the other_fields description says:
other_fields: If there are only two bstr fields in the target
structure, this field is omitted. The field is an array of all
bstr fields after the second. As an example, this would be an
array of one element for the COSE_Sign1 structure containing the
signature value.
Would it help to say "countersignature target structure" instead of the abbreviated "target structure"?
Russ
- Re: [Gen-art] Genart last call review of draft-ie… Russ Housley
- Re: [Gen-art] Genart last call review of draft-ie… Russ Housley