On Mon, 23 Oct 2023, Michael Jones wrote:
Thanks for taking the time to review the document, Claudio! FYI, we
published
https://www.ietf.org/archive/id/draft-ietf-cose-cwt-claims-in-headers-07.html
to address the Last Call comments received.
Both the Privacy Considerations and Security Considerations sections
were significantly enhanced, including discussing the use of detached
signatures.
Thank you Mike!
I read the updates and this fixes the doc, removing the 'nits' I spotted
before: Ready for Publication for my side :-)
Thanks again,
-- Mike
-----Original Message-----
From: Claudio Allocchio via Datatracker <noreply@xxxxxxxx>
Sent: Thursday, October 19, 2023 12:50 AM
To: art@xxxxxxxx
Cc: cose@xxxxxxxx; draft-ietf-cose-cwt-claims-in-headers.all@xxxxxxxx; last-call@xxxxxxxx
Subject: Artart last call review of draft-ietf-cose-cwt-claims-in-headers-06
Reviewer: Claudio Allocchio
Review result: Ready with Nits
The document is basically well written and clear. The only nits I suggest to fix is in the security chapter: it seems a copy/paste of the same sections as RFC 7519 one, but maybe some "expanded statements" on the implication of external signature use and in case about potential risks associated may help the non security expert implementer to better understand the whole picture.
Given the above, the document is ready to go.
------------------------------------------------------------------------------
Claudio Allocchio G A R R Claudio.Allocchio@xxxxxxx
Senior Manager and Advisor
tel: +39 040 3758523 Italian Academic and G=Claudio; S=Allocchio;
fax: +39 040 3758565 Research Network P=garr; A=garr; C=it;
PGP Key: https://www.cert.garr.it/servizi/informazioni-su-pgp-keys
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
