--- 1/draft-ietf-lamps-cms-hash-sig-05.txt 2019-02-26 11:14:27.142398596 -0800 +++ 2/draft-ietf-lamps-cms-hash-sig-06.txt 2019-02-26 11:14:27.174399378 -0800 @@ -1,19 +1,19 @@ INTERNET-DRAFT R. Housley Internet Engineering Task Force (IETF) Vigil Security Intended Status: Proposed Standard -Expires: 22 August 2019 22 February 2019 +Expires: 26 August 2019 26 February 2019 Use of the HSS/LMS Hash-based Signature Algorithm in the Cryptographic Message Syntax (CMS) - + Abstract This document specifies the conventions for using the the HSS/LMS hash-based signature algorithm with the Cryptographic Message Syntax (CMS). In addition, the algorithm identifier and public key syntax are provided. The HSS/LMS algorithm is one form of hash-based digital signature; it is described in [HASHSIG]. Status of this Memo @@ -87,25 +87,20 @@ hash-based digital signature, and it is described in [HASHSIG]. The HSS/LMS signature algorithm can only be used for a fixed number of signing operations. The number of signing operations depends upon the size of the tree. The HSS/LMS signature algorithm uses small public keys, and it has low computational cost; however, the signatures are quite large. The HSS/LMS private key can be very small when the signer is willing to perform additional computation at signing time; alternatively, the private key can consume additional memory and provide a faster signing time. - Well, yes, there is quite a range of possible time/memory trade-offs - available when storing the private key; if you need to, the private - key can be expressed in quite a small amount of space (albeit at the - expense of making the signature generation operation expensive). - 1.1. ASN.1 CMS values are generated using ASN.1 [ASN1-B], using the Basic Encoding Rules (BER) and the Distinguished Encoding Rules (DER) [ASN1-E]. 1.2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and