Skip to main content

Last Call Review of draft-ietf-lamps-rfc8708bis-01
review-ietf-lamps-rfc8708bis-01-secdir-lc-eastlake-2024-08-13-00

Request Review of draft-ietf-lamps-rfc8708bis
Requested revision No specific revision (document currently at 02)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-08-13
Requested 2024-07-30
Authors Russ Housley
I-D last updated 2024-08-13
Completed reviews Genart Last Call review of -01 by Linda Dunbar (diff)
Secdir Last Call review of -01 by Donald E. Eastlake 3rd (diff)
Assignment Reviewer Donald E. Eastlake 3rd
State Completed
Request Last Call review on draft-ietf-lamps-rfc8708bis by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/OI162k-6lrIUWtFkSpHgSpKPNxU
Reviewed revision 01 (document currently at 02)
Result Has nits
Completed 2024-08-13
review-ietf-lamps-rfc8708bis-01-secdir-lc-eastlake-2024-08-13-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. Document editors and WG chairs should treat these comments just
like any other last call comments.

The summary of the review is Ready with Nits.

This document specifies the conventions for using the Hierarchical
Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based
signature algorithm with the Cryptographic Message Syntax (CMS) and
provides the algorithm identifier and public key syntax.

All my comments below are minor to very minor.

Section 6, Security Considerations, 1st paragraph. Why is it that
compromise of the private keys only "may" lead to the ability to
forge? "May" seems right for something like "result in forged
signatures" but doesn't compromise of the private key lead pretty
certainly to the *ability* to forge a signature?
Somehow the presence of "non-volatile" is a bit jarring. I understand
that you are talking about exceptional problems but perhaps it would
be good to also say the "volatile" storage must not be used?

Section 1.3, 3rd paragraph: Would it be reasonable to add just before
the comma in the first sentence "but on the difficulty of finding
pre-images of a strong hash function" or something like that? While I
believe it, is there a reference for the "considered to be
post-quantum secure" statement?

Section 2.1, last sentence: While it is somewhat a matter of taste,
arguably, except in the most surprising cases, the words "Note that"
are mostly superfluous noise. (Ditto for two more "Note that"s in
Section 4.)

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com