Thanks for taking the time to review the document, Claudio! FYI, we published https://www.ietf.org/archive/id/draft-ietf-cose-cwt-claims-in-headers-07.html to address the Last Call comments received. Both the Privacy Considerations and Security Considerations sections were significantly enhanced, including discussing the use of detached signatures. Thanks again, -- Mike -----Original Message----- From: Claudio Allocchio via Datatracker <noreply@xxxxxxxx> Sent: Thursday, October 19, 2023 12:50 AM To: art@xxxxxxxx Cc: cose@xxxxxxxx; draft-ietf-cose-cwt-claims-in-headers.all@xxxxxxxx; last-call@xxxxxxxx Subject: Artart last call review of draft-ietf-cose-cwt-claims-in-headers-06 Reviewer: Claudio Allocchio Review result: Ready with Nits The document is basically well written and clear. The only nits I suggest to fix is in the security chapter: it seems a copy/paste of the same sections as RFC 7519 one, but maybe some "expanded statements" on the implication of external signature use and in case about potential risks associated may help the non security expert implementer to better understand the whole picture. Given the above, the document is ready to go. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
