Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS)
draft-ietf-smime-pss-03

Yes

(Russ Housley)

No Objection

(Alex Zinin)

(Allison Mankin)

(Bert Wijnen)

(Bill Fenner)

(David Kessens)

(Harald Alvestrand)

(Jon Peterson)

(Margaret Cullen)

(Ned Freed)

(Steven Bellovin)

(Ted Hardie)

(Thomas Narten)

Note: This ballot was opened for revision 03 and is now closed.

Russ Housley Former IESG member

Yes

Yes () Unknown

Alex Zinin Former IESG member

No Objection

No Objection () Unknown

Allison Mankin Former IESG member

No Objection

No Objection () Unknown

Bert Wijnen Former IESG member

No Objection

No Objection (2004-02-05) Unknown

Do we know where the two OIDs listed (in sect 2) have been assigned?
Would it be good to add a ptr to that?

Bill Fenner Former IESG member

No Objection

No Objection () Unknown

David Kessens Former IESG member

No Objection

No Objection () Unknown

Harald Alvestrand Former IESG member

No Objection

No Objection (2004-02-04) Unknown

I didn't see any note about the fact that having 2 signature algorithms creates noninteroperability, which in turn is not good for security in deployment.
But that may be "too obvious to mention".

Jon Peterson Former IESG member

No Objection

No Objection (2004-02-04) Unknown

I found the use of attribute names like 'signature' in this document somewhat confusing because they are unquoted. For example, in Section 3, the following paragraph (in its entirety) appears:

   signature contains the single value resulting from the signing 
   operation. 

I assumed this was a typo of the trailing fragment of a sentence, until I understood that this was referring to a 'signature' attribute in CMS SignedData, and hence it was uncapitalized. I'd like to suggest that such terms be quoted in the document.

There's also several places (3 in Section 4)where line wrap or some other editorial process has put line feeds in the middle of paragraphs.

Margaret Cullen Former IESG member

No Objection

No Objection () Unknown

Ned Freed Former IESG member

No Objection

No Objection () Unknown

Steven Bellovin Former IESG member

No Objection

No Objection () Unknown

Ted Hardie Former IESG member

No Objection

No Objection (2004-02-03) Unknown

Nit:
--->The generation of RSA private key relies on random numbers

Shouldn't this be "an RSA private key" or "RSA private keys"?

Thomas Narten Former IESG member

No Objection

No Objection () Unknown

Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) draft-ietf-smime-pss-03

Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS)
draft-ietf-smime-pss-03