Hi Mike, I've addressed your comments along with other IESG feedback here: https://github.com/cose-wg/draft-ietf-cose-dilithium/pull/26
Let me know if I missed anything; inline for the rest. On Mon, Oct 6, 2025 at 10:16 AM Mike Bishop via Datatracker < [email protected]> wrote: > Mike Bishop has entered the following ballot position for > draft-ietf-cose-dilithium-09: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-cose-dilithium/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > In Section 5, the reference for the registry where the registrations > should be > made is to the entire COSE/JOSE registry groups, and the particular > registries > are not specified until Section 8. I initially thought the values requested > were incorrect but then realized I was looking at the wrong registry on > that > page. In Section 8, however, the registries are referenced by name and the > link > to the registry is omitted. I think this could be made clearer by putting > all > the registration information in Section 8 (including links to specific > registries) and focusing Section 5 on the use of the registered values. > Done. > > In Section 7.3, the normative requirement represented by "only a length > check > MUST be performed" is unclear. Should this be read "MUST NOT perform any > checks > other than length" or "MUST perform a length check and MAY perform > additional > checks as appropriate"? Or is this instead reflecting that a requirement > already exists elsewhere and should be "a length check is required by > Section > x.y of [RFCabcd]"? > This is an excellent catch, I have tried to clarify, it is indeed meant to be "MUST perform a length check and MAY perform additional checks as appropriate". > ===NITS FOLLOW=== > - Section 5, "needed, see" => "needed; see" > - Section 7, "specification, see" => "specification; see" > Done.
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
