Document: 

"Using the Boneh-Franklin and Boneh-Boyen identity-based 
 encryption algorithms with the Cryptographic Message Syntax"
(draft-ietf-smime-bfibecms-07.txt)

Reviewer:         Eric Gray
Review Date:      10/25/2007
IETF LC End Date: 10/25/2007 

Summary: 
=======

This draft is almost ready for publishing as a Proposed Standard.

I have some questions and comments below.

Comments: 
========

Question: In the second bullet, of section 1.2 on page 3, what 
does the expression "secure distribution" mean?  Is the PPS an
authenticate-able source, does it only distribute the "publicly
sharable cryptographic material" to authenticated recipients or
does it use secure connections in the distribution process?

>From the discussion in section 7.1 (second paragraph), it looks
as if a PPS is an authenticate-able source.  Should this be 
stated more clearly?
________________________________________________________________

[DER] is listed as an informative reference, yet text on page
5 says -

"the structure MUST be DER encoded [DER] ..." 

This should warrant a Normative reference, since it seems it
is necessary to have this information in order to implement
the step described in this text.

A similar argument can be made for each of the following:

	ASN1 (see reference toward the top of page 3)
	IBCS (see references at the top of page 8)
	IBE (see - in particular - process step references - 
		section 4, bullet 1, page 7
		section 5, bullets 3 through 5, page 8)
_________________________________________________________________


NITs:
====

There are format problems (premature line-wrap) that should be 
fixed prior to publication (this probably can be handled as an
RFC Editor's note).  See, for example, numbered bullets on page
6 (number 2 in the first set, and number 4 in the second).