I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Please resolve these comments along with any other Last Call comments
you may receive.
Document: draft-ietf-jose-json-web-signature-33
Reviewer: Russ Housley
Review Date: 2014-08-24
IETF LC End Date: 2014-09-03
IESG Telechat date: 2014-10-02
Summary: Ready. Some issues could be resolved to improve the document.
Thank you for addressing my comments on -31.
Major Concerns:
- None.
Minor Concerns:
- Section 10.5 should state that validation of a MAC means provides
corroboration that the message was generated by one of the parties
that knows the symmetric MAC key. This could potentially be many
parties.
- In Section 4.1.4, should the value match the subject key identifier
if an X.509 certificate is used?
- In Section 4.1.5, why is TLS required to fetch digitally signed
X.509 certificates?