search

henkbirkholz / ietf-spice-charter

0 stars 0 forks source link

Comments from Éric Vyncke (2024-04-17) #4

Open henkbirkholz opened 2 months ago

henkbirkholz commented 2 months ago

originating from: https://datatracker.ietf.org/doc/charter-ietf-spice/ballotpopup/985597/ send to spice@ietf.org: https://mailarchive.ietf.org/arch/msg/spice/XWbHlEUkTS7_2r-nUMUVsAl2QtQ

The first sentence construction seems weird if it is simplified in "A digital credential expresses claims about a subject and their cryptographic keys. " Should be be 'links' rather than 'expresses' ?

What about using Digital credentials typically involve at least three entities: issuer, holder, verifier ?

In find The SPICE WG will profile existing IETF technologies rather ambiguous... does 'existing' cover only published RFC ? The use of 'profile' is also weird in the sentence, what about 'analyse' (moreover 'profile' as a word seems to be at the heart of SPICE work).

Unsure whether defining TEE and HSM acronyms is useful as they are not re-used in the charter. OTOH, it would be nice to expand RDF.

Thank you for listing the deliverables and their intended status.

henkbirkholz commented 2 months ago

The first sentence construction seems weird if it is simplified in "A digital credential expresses claims about a subject and their cryptographic keys. " Should be be 'links' rather than 'expresses' ?

Both suggestions are now included in #6:

OLD A digital credential expresses claims, assertions, or attributes about a subject, such as their name or age, and their cryptographic keys.

NEW A digital credential links claims about a subject and their cryptographic keys.

henkbirkholz commented 2 months ago

What about using Digital credentials typically involve at least three entities: issuer, holder, verifier ?

OLD Digital credentials typically involve at least three entities.

NEW Digital credentials typically involve at least three entities: issuer, holder, and verifier.

henkbirkholz commented 2 months ago

In find The SPICE WG will profile existing IETF technologies rather ambiguous... does 'existing' cover only published RFC ? The use of 'profile' is also weird in the sentence, what about 'analyse' (moreover 'profile' as a word seems to be at the heart of SPICE work).

Currently, this is the only place where 'profile' is now changed to a different term (in this case 'analyze'). All other occurrences of 'profile' are left as they were.

OLD The SPICE WG will profile existing IETF technologies and address residual gaps that would enable their use in digital credentials and presentations.

NEW The SPICE WG will analyze existing and emerging IETF technologies and address residual gaps that would enable their use in digital credentials and presentations.

henkbirkholz commented 2 months ago

Unsure whether defining TEE and HSM acronyms is useful as they are not re-used in the charter. OTOH, it would be nice to expand RDF.

TEE, HSM, and RDF are all part of https://www.rfc-editor.org/materials/abbrev.expansion.txt and might not have to be expanded at all. But as a convenience to the reader in all three cases full expansion is followed by acronym in parenthesis now. This is due to TEE, HSM, and RDF being well established terms themselves in related communities. If requested, either the full expanded terms or the acronyms could be removed.