Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute
draft-schaad-smime-algorithm-attribute-05
Yes
(Sean Turner)
No Objection
(Alexey Melnikov)
(Dan Romascanu)
(Gonzalo Camarillo)
(Peter Saint-Andre)
(Ralph Droms)
(Ron Bonica)
(Russ Housley)
(Stewart Bryant)
Note: This ballot was opened for revision 05 and is now closed.
Sean Turner Former IESG member
Yes
Yes
()
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
(2011-01-18)
Unknown
I have two issues with this document, but they are not large enough to form a Discuss. Nevertheless, I hope the authros will find time to address them. --- The use of the passive voice in the first sentence of the Abstract is disconcerting! There is also some missing context! The second sentence is pretty hard to parse. Why not write: This document defines a new attribute that allows for protection of the digest and signature algorithm structures in an authenticated data or a signer info structure used in the Cryptographic Message Syntax (CMS). When the new attribute is used, the algorithm definition information is included in the integrity protection process. The introduction would benefit from a similar (but more verbose) fix. --- I think it is conventional to include a reference to the ASN.1 spec that defines the language you are using. Presumably X.208 (1988) and X.209 (1988) could be added as references.
Alexey Melnikov Former IESG member
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
No Objection
No Objection
()
Unknown
Gonzalo Camarillo Former IESG member
No Objection
No Objection
()
Unknown
Lars Eggert Former IESG member
No Objection
No Objection
(2011-01-17)
Unknown
INTRODUCTION, paragraph 4: > Signer Info Algorithm Protection Attribute > > A new attribute is defined that allows for protection of the digest > and signature algorithm structures in an authenticated data or a > signer info structure. Using the attribute includes the algorithm > definition information in the integrity protection process. It's be good if the title and abstract had some context that this stuff is about CMS...
Peter Saint-Andre Former IESG member
No Objection
No Objection
()
Unknown
Ralph Droms Former IESG member
No Objection
No Objection
()
Unknown
Robert Sparks Former IESG member
No Objection
No Objection
(2011-01-19)
Unknown
Can the section on comparing fields in the verification process (2nd paragraph of section 3) be made more precise? Currently, it says "It is not required that a field which is absent in one case and present in another case be compared as equivalent". Does that mean it's allowed to compare those as equivalent? Or was the intent that they MUST NOT be equivalent?
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Stewart Bryant Former IESG member
No Objection
No Objection
()
Unknown