address Carl's point number 1

Signed-off-by: Thomas Fossati <[email protected]>
ietf-scitt · Aug 28, 2024 · aa2107b · aa2107b
1 parent 499cd67
commit aa2107b
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/draft-birkholz-cose-tsa-tst-header-parameter.md b/draft-birkholz-cose-tsa-tst-header-parameter.md
@@ -117,8 +117,6 @@ This mode is utilized when a record of the timing of the signature operation is
 
 In this context, timestamp tokens are similar to a countersignature made by the TSA.
 
-The message imprint sent to the TSA ({{Section 2.4 of -TSA}}) MUST be the hash of the payload field of the COSE signed object.
-
 # RFC 3161 Time-Stamp Tokens COSE Header Parameters {#sec-tst-hdr}
 
 The two modes described in {{sec-timestamp-then-cose}} and {{sec-cose-then-timestamp}} use different inputs into the timestamping machinery, and consequently create different kinds of binding between COSE and TST.
@@ -130,6 +128,8 @@ The `3161-ttc` COSE _protected_ header parameter MUST be used for the mode descr
 
 The `3161-ttc` protected header parameter contains a DER-encoded RFC3161 TimeStampToken wrapped in a CBOR byte string (Major type 2).
 
+To minimize dependencies, the hash algorithm used for signing the COSE message SHOULD be the same as the algorithm used in the RFC3161 MessageImprint.
+
 ## `3161-ctt` {#sec-tst-hdr-ctt}
 
 The `3161-ctt` COSE _unprotected_ header parameter MUST be used for the mode described in {{sec-cose-then-timestamp}}.