Use of the SLH-DSA Signature Algorithm in the Cryptographic Message Syntax (CMS)
draft-ietf-lamps-cms-sphincs-plus-19
Yes
Deb Cooley
No Objection
Erik Kline
Gunter Van de Velde
Jim Guichard
John Scudder
Mahesh Jethanandani
Murray Kucherawy
Orie Steele
Zaheduzzaman Sarker
Note: This ballot was opened for revision 17 and is now closed.
Deb Cooley
Yes
Paul Wouters
(was Discuss)
Yes
Comment
(2025-01-13 for -18)
Sent
Thanks for addressing my concerns. I have updated by ballot to Yes
Erik Kline
No Objection
Gunter Van de Velde
No Objection
Jim Guichard
No Objection
John Scudder
No Objection
Mahesh Jethanandani
No Objection
Murray Kucherawy
No Objection
Orie Steele
No Objection
Roman Danyliw
No Objection
Comment
(2025-01-07 for -17)
Sent
Thank you to Vijay Gurbani for the GENART review. ** Section 1.2 One use of a PQC signature algoritm is the protection of software updates, perhaps using the format described in [RFC4108], to enable deployment of software that implements other new PQC algorithms for key management and confidentiality. -- Typo. s/algoritm/algorithm/ -- Editorial. Is this paragraph needed? It seems out of place in its specificity. Is the primary use of CMS for software updates? ** Section 3. Editorial. Consider an explicit sentence here citing that the identifiers come from [FIPS205]. ** Section 4 When signed attributes are present, to ensure collision resistance, the identified hash function SHOULD produce a hash value that is at least twice the size of the hash function used in the SLH-DSA tree. When would it be acceptable not seek collision resistance and choose a hash function which does NOT produce a hash value that is at least twice the size of the hash function? ** Section 5. Implementers SHOULD consider … (used twice in this section) What does it mean to “SHOULD consider …” a topic? This is an optional adherence (“SHOULD”) to a non-binding review (“consider”). ** Section 6. If slh_sign is implemented in a hardware device such as hardware security module (HSM) or portable cryptographic token, implementations might want to avoid sending the full content to the device. What does “might want to” mean in terms of guidance?
Zaheduzzaman Sarker
No Objection
Éric Vyncke
No Objection
Comment
(2025-01-03 for -17)
Sent
Thanks for the work done in this document (even if the content was way above my head). I have one question, and I would really appreciate to receive an answer: this document seems to specify object identifiers from an external body, NIST, tree without any justification (i.e., I would assume that a liaison statement have been done and a reference to a NIST registry provided). Last comment, section 2 would benefit from some SVG/ASCII ART graphics to explain how it works (e.g., similar to figure 1 of FIPS 205).