[lamps] Barry Leiba's No Objection on draft-ietf-lamps-cms-hash-sig-09: (with COMMENT)
Barry Leiba via Datatracker <noreply@ietf.org> Wed, 11 September 2019 22:18 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: spasm@ietf.org
Delivered-To: spasm@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id AB02D1200A1; Wed, 11 Sep 2019 15:18:37 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Barry Leiba via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-lamps-cms-hash-sig@ietf.org, Tim Hollebeek <tim.hollebeek@digicert.com>, lamps-chairs@ietf.org, tim.hollebeek@digicert.com, spasm@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.101.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Barry Leiba <barryleiba@computer.org>
Message-ID: <156824031769.13397.11560883765399298866.idtracker@ietfa.amsl.com>
Date: Wed, 11 Sep 2019 15:18:37 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/J1jYOff_YDTvU5FttpdE3zd-IrE>
Subject: [lamps] Barry Leiba's No Objection on draft-ietf-lamps-cms-hash-sig-09: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Sep 2019 22:18:38 -0000
Barry Leiba has entered the following ballot position for draft-ietf-lamps-cms-hash-sig-09: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-hash-sig/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks, Russ, as always, for a clear and well-written document. Some editorial nits: — Section 1.3 — Each of these advances pose a threat to widely deployed digital signature algorithms. “poses”, to match the singular “each”. Recent advances in cryptoanalysis [BH2013] “cryptanalysis”, no “o”. The HSS/LMS signature algorithm does not depend on the difficulty of discrete logarithm or factoring, as a result these algorithms are Comma splice. Make it a semicolon. — Section 2.2 — The second parameter is the number of bytes output by the hash function, m, which is the amount of data associated with each node in the tree. It’s a small thing, but I think the “m” is misplaced where it is, and suggest “…the number of bytes, m, output by the hash function….” — Section 3 — Each format includes a counter and type codes that indirectly providing all of the information that is needed “provide” — Section 5 — When signed attributes are absent, the HSS/LMS signature is computed over the content. When signed attributes are present, a hash is computed over the content using the same hash function that is used in the HSS/LMS tree, and then a message-digest attribute is constructed to contain the resulting hash value, and then the result of DER encoding the set of signed attributes (which MUST include a content-type attribute and a message-digest attribute, and then the HSS/LMS signature is computed over the DER-encoded output. You’re missing a “)” there, which makes it a bit odd. I think it should be “(which MUST include a content-type attribute and a message-digest attribute), and then….” digestAlgorithm MUST contain the one-way hash function used to in the HSS/LMS tree. Remove “to”. — Section 6 — While the consequences of an inadequate pseudo-random number generator (PRNGs) to generate these values is much less severe than the generation of private keys “than in the generation” — Appendix — Just a note that I did not review the ASN.1 module.
- [lamps] Barry Leiba's No Objection on draft-ietf-… Barry Leiba via Datatracker
- Re: [lamps] Barry Leiba's No Objection on draft-i… Russ Housley
- Re: [lamps] Barry Leiba's No Objection on draft-i… Barry Leiba
- Re: [lamps] Barry Leiba's No Objection on draft-i… Russ Housley
- Re: [lamps] Barry Leiba's No Objection on draft-i… Barry Leiba