Dionna's review

[thomas-fossati]

@deeglaze on the RATS mailing list:

Minor technical bits about the document:

1. https://datatracker.ietf.org/doc/html/draft-ietf-rats-corim-03#name-protected-header-map specifies alg-id as an integer whereas RFC9052 specifies its name as alg. They both have field number 1, so I suppose it's irrelevant to the encoding, but I thought I'd ask if that's something you want to amend.
2. Additionally issuer-key-id is confusing terminology given that a Certificate Authority is an Issuer of Subject keys. For CoRIM, the signature would come from a digitalSignature KeyUsage key, which is rare to mix with a keyCertSign KeyUsage. I'd amend this to reference the COSE RFC's comment on value 4 being a "key identifier" with just "key-id".
3. '3.1.4.1.7. Domain Types" says 3 types are defined, but it defines 4. I suspect the OID should be classified as global scope.

[deeglaze]

This has been addressed.