Dan Many thanks for your review. Please find my proposal below. > Von: Dan Romascanu via Datatracker <noreply@xxxxxxxx> > > Ready with nits. > > Nits/editorial comments: > > 1. It would be useful to provide references for terms at first occurrence. For > example Section 2 directly mentions OOBCertHash, CertStatus, Challenge, > PBMParameter, DHBMParameter, etc. without providing a reference. Theses are ASN.1 values or types specified in RFC 4210 (CMP), RFC 4211 (CRMF), CMP Updates, and RFC 5652 (CMS). Not to overload the text in the Section 2 to Section 6, I propose to add a paragraph to Section 1.1. New text: In the following sections the ASN.1 values and types are listed where algorithm identifier and output values are provided. Theses ASN.1 values and types are defined in CMP [RFC4210], CRMF [RFC4211], CMP Updates [I-D.ietf-lamps-cmp-updates], or CMS [RFC5652]. > > 2. Section 2.2 - provide reference for X.509 at first occurrence (probably > [RFC4210]) Old text: The SHA-3 family of hash functions is defined in FIPS Pub 202 [NIST.FIPS.202] and includes fixed output length variants SHA3-224, SHA3-256, SHA3-384, and SHA3-512, as well as extendable-output functions (SHAKEs) SHAKE128 and SHAKE256. Currently SHAKE128 and SHAKE256 are the only members of the SHA3-family which are specified for use in X.509 and PKIX [RFC8692], and CMS [RFC8702] as one-way hash function for use with RSASSA-PSS and ECDSA as one-way hash function for use with RSASSA-PSS and ECDSA. New text: The SHA-3 family of hash functions is defined in FIPS Pub 202 [NIST.FIPS.202] and includes fixed output length variants SHA3-224, SHA3-256, SHA3-384, and SHA3-512, as well as extendable-output functions (SHAKEs) SHAKE128 and SHAKE256. Currently SHAKE128 and SHAKE256 are the only members of the SHA3-family which are specified for use in X.509 certificates [RFC8692] and CMS [RFC8702] as one-way hash function for use with RSASSA-PSS and ECDSA. > > 3. For clarity and in order to avoid confusions it would be useful to expand MAC I extended 'MAC' to 'message authentication code (MAC)' in its first occurrence in Sections 4.4, 6, 6.1, and 6.2. > > 4. For clarity it would be useful to position Table 3 to start at top of the page to > avoid split at printing I will try doing it with the next update. I have to look it up how to do this using xml2rfc :-) Does these changes sufficiently address your comment? Hendrik -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
