Thanks for taking the time to review the document, Peter! FYI, we published https://www.ietf.org/archive/id/draft-ietf-cose-cwt-claims-in-headers-07.html to address the other Last Call comments received. Thanks again, -- Mike -----Original Message----- From: Peter Yee via Datatracker <noreply@xxxxxxxx> Sent: Tuesday, October 17, 2023 4:50 AM To: secdir@xxxxxxxx Cc: cose@xxxxxxxx; draft-ietf-cose-cwt-claims-in-headers.all@xxxxxxxx; last-call@xxxxxxxx Subject: Secdir last call review of draft-ietf-cose-cwt-claims-in-headers-06 Reviewer: Peter Yee Review result: Ready Summary: This Internet-Draft replicates the functionality of section 5.3 of RFC 7519 but here for the benefit of CWT claims in COSE headers rather than JWT claims in JOSE headers. To the limits of my understanding of COSE, this brief specification seems reasonable. It points out security considerations (separately from that section of the document) that replicate those found in RFC 7519. I've no objections to this draft. [Ready] Major issues: None Minor issues: None Nits: None -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
