Thanks for all the fixes, Russ. Joe > On Jul 18, 2019, at 10:32, Russ Housley <housley@xxxxxxxxxxxx> wrote: > > Joe: > > Thanks for the careful review. > >> Reviewer: Joe Clarke >> Review result: Ready > > Good to hear. > >> I have been assigned to review this document as part of the ops directorate. >> This document describes conventions for using the HSS/LMS with CMS. Overall, >> this document is well-written, and I appreciate the considerations around >> signing size and computation in the introduction. This will help operators >> properly evaluate the use of this algorithm. I did find a few small nits. One >> thing that struck me on the first read is that you have to get to the >> Introduction before HSS/LMS are expanded whereas CMS is expanded in the >> abstract. Might I suggest you expand HSS and LMS in the abstract as well? > > I have done so: > > This document specifies the conventions for using the Hierarchical > Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based > signature algorithm with the Cryptographic Message Syntax (CMS). In > addition, the algorithm identifier and public key syntax are > provided. The HSS/LMS algorithm is one form of hash-based digital > signature; it is described in RFC 8554. > > I have also expanded it in the first sentence of the Introduction. > >> Other nits: >> >> Abstract: >> >> s/for using the the HSS/LMS/for using the HSS/LMS/ > > No longer relevant with the revised Abstract above. > >> === >> >> Section 2.3: >> >> s/When this object identifier is used for a HSS/LMS/When this object identifier >> is used for an HSS/LMS/ > > This is in Section 3, right? If so, fixed. > >> === >> >> Section 6: >> >> s/cause an one-time key/cause a one-time key/ >> >> s/When generating a LMS key pair/When generating an LMS key pair/ > > Both fixed. > > Russ
