Re: [lamps] Opsdir last call review of draft-ietf-lamps-cms-hash-sig-08
Russ Housley <housley@vigilsec.com> Thu, 18 July 2019 14:32 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B202E1203D8 for <spasm@ietfa.amsl.com>; Thu, 18 Jul 2019 07:32:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VVknKKAyyt85 for <spasm@ietfa.amsl.com>; Thu, 18 Jul 2019 07:32:46 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 258261203E6 for <spasm@ietf.org>; Thu, 18 Jul 2019 07:32:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 1DC8D300B01 for <spasm@ietf.org>; Thu, 18 Jul 2019 10:13:28 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 6I2cefxEvDDX for <spasm@ietf.org>; Thu, 18 Jul 2019 10:13:26 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (unknown [138.88.156.37]) by mail.smeinc.net (Postfix) with ESMTPSA id F4209300ABB; Thu, 18 Jul 2019 10:13:25 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <156337089593.25931.11629242002096530442@ietfa.amsl.com>
Date: Thu, 18 Jul 2019 10:32:41 -0400
Cc: ops-dir@ietf.org, LAMPS WG <spasm@ietf.org>, IETF <ietf@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <1B12401A-D643-4A59-AC70-CB5CDBA7E846@vigilsec.com>
References: <156337089593.25931.11629242002096530442@ietfa.amsl.com>
To: Joe Clarke <jclarke@cisco.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/RFUOIXxWZeo_r4Jpb9TLMQhIsOI>
Subject: Re: [lamps] Opsdir last call review of draft-ietf-lamps-cms-hash-sig-08
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2019 14:32:50 -0000
Joe: Thanks for the careful review. > Reviewer: Joe Clarke > Review result: Ready Good to hear. > I have been assigned to review this document as part of the ops directorate. > This document describes conventions for using the HSS/LMS with CMS. Overall, > this document is well-written, and I appreciate the considerations around > signing size and computation in the introduction. This will help operators > properly evaluate the use of this algorithm. I did find a few small nits. One > thing that struck me on the first read is that you have to get to the > Introduction before HSS/LMS are expanded whereas CMS is expanded in the > abstract. Might I suggest you expand HSS and LMS in the abstract as well? I have done so: This document specifies the conventions for using the Hierarchical Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based signature algorithm with the Cryptographic Message Syntax (CMS). In addition, the algorithm identifier and public key syntax are provided. The HSS/LMS algorithm is one form of hash-based digital signature; it is described in RFC 8554. I have also expanded it in the first sentence of the Introduction. > Other nits: > > Abstract: > > s/for using the the HSS/LMS/for using the HSS/LMS/ No longer relevant with the revised Abstract above. > === > > Section 2.3: > > s/When this object identifier is used for a HSS/LMS/When this object identifier > is used for an HSS/LMS/ This is in Section 3, right? If so, fixed. > === > > Section 6: > > s/cause an one-time key/cause a one-time key/ > > s/When generating a LMS key pair/When generating an LMS key pair/ Both fixed. Russ
- [lamps] Opsdir last call review of draft-ietf-lam… Joe Clarke via Datatracker
- Re: [lamps] Opsdir last call review of draft-ietf… Russ Housley
- Re: [lamps] Opsdir last call review of draft-ietf… Joe Clarke (jclarke)