Last Call Review of draft-ietf-cose-hash-sig-07
review-ietf-cose-hash-sig-07-opsdir-lc-romascanu-2019-11-28-00

Request Review of draft-ietf-cose-hash-sig
Requested rev. no specific revision (document currently at 09)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2019-10-29
Requested 2019-10-15
Authors Russ Housley
Draft last updated 2019-11-28
Completed reviews Genart Last Call review of -05 by Elwyn Davies (diff)
Opsdir Last Call review of -07 by Dan Romascanu (diff)
Secdir Last Call review of -04 by Robert Sparks (diff)
Assignment Reviewer Dan Romascanu
State Completed
Review review-ietf-cose-hash-sig-07-opsdir-lc-romascanu-2019-11-28
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/D64CMXtBjgdiVDb-wHOVvio02-8
Reviewed rev. 07 (document currently at 09)
Review result Ready
Review completed: 2019-11-28

Review
review-ietf-cose-hash-sig-07-opsdir-lc-romascanu-2019-11-28

Ready. 

This document specifies conventions for using the Hierarchical Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based signature algorithm with the CBOR Object Signing and Encryption (COSE) syntax.  The HSS/LMS algorithm is described in RFC 8554. The document targets Standards Track, this the Normative Reference to the Informational RFC 8554 is a downref. The shepherd write-up makes a convincing argument why this downref is acceptable, maybe this justification could have been mentioned explicitly in the text. Otherwise this is a clear document, and Section 5 deals with the Operational Considerations. A full RFC 5706 review does not apply, but I do not see any operational or manageability issues that would prevent approval from the OPS-DIR perspective.