<Pasi.Eronen at nokia.com> writes:
> I've now done my AD review for draft-ietf-sasl-gs2-17. Basically,
> it looks good, so I've asked the secretariat to start IETF Last Call.
Great!
> I do have couple of minor comments that can be considered as the
> first last call comments:
>
> - I have two questions about Section 8. First, if the GS2 mechanism
> doesn't e.g. support confidentiality, wouldn't setting conf_req_flag
> cause things to fail? (so it's not really "irrelevant")
I believe discussion indicates no action is required.
> - Second, should Section 8 say something about the flags that are not
> related to per-message tokens? (deleg, mutual, anon)
I'm not sure what to add, but will add text if suggested.
> - Section 4 should say either that character case (for things like
> "p=" and "a=") must be exactly as shown here, or that they're case
> insensitive (if nothing is said, RFC 5234 strings are by default case
> insensitive, I think).
I added this paragraph before the ABNF:
<t>The figure below describes the permissible attributes,
their use, and the format of their values. All attribute
names are single US-ASCII letters and are
case-sensitive.</t>
> - In Section 5, I would suggest adding parenthesis to the "gs2-cb-flag"
> ('gs2-cbind-flag = ("p=" cb-name) / "n" / "y"') to make it easier
> to parse for the reader..
Agreed.
Live document available from:
http://josefsson.org/sasl-gs2/draft-ietf-sasl-gs2.txt
Comparison against -17 is also available:
http://josefsson.org/sasl-gs2/draft-ietf-sasl-gs2-from--17.diff.html
Thanks,
/Simon
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.