Re: [art] Artart last call partial review of draft-ietf-oauth-iss-auth-resp-02

[Francesca Palombini <francesca.palombini@ericsson.com>]

Julian: thank you very much for this review! I balloted DISCUSS for an IANA issue I found.

Francesca

From: art <art-bounces@ietf.org> on behalf of Julian Reschke <julian.reschke@gmx.de>
Date: Monday, 15 November 2021 at 18:25
To: art@ietf.org <art@ietf.org>
Subject: Re: [art] Artart last call partial review of draft-ietf-oauth-iss-auth-resp-02
Am 15.11.2021 um 15:58 schrieb Karsten Meyer zu Selhausen:
> ...
>> Major issues:
>>
>> 2.4
>>
>> "Clients MUST compare the extracted and URL-decoded value to the issuer
>> identifier of the authorization server where the authorization request was sent
>> to."
>>
>> I'm not sure that "URL-decoded" is correct with respect to decoding query
>> parameters. Consider URLs containing "+" or "=". You probably need the encoding
>> rules for application/x-www-form-urlencoded instead.
> Good point. We changed the text to refer to
> application/x-www-form-urlencoded.

You may also want to add an example where the difference matters (such
as when the URI contains a plus sign).

>> Section links to external documents do not appear to be marked up as such (and
>> use a trailing dot in the section number which they should not)
> I am acutally not sure how to fix this. I removed the trailing dot
> (thanks for the hint) but when converting markdown to XML the section is
> not automatically recognized.
> My markdown looks like this:
> The authorization response as specified in Section 4.1.2 of [@!RFC6749]
>
> The XML file like this:
> The authorization response as specified in Section 4.1.2 of <xref
> target="RFC6749"></xref>
>
> Is there some example how to link the sections in external RFCs or
> should we create the links manually?

In XML yes, and kramdown will generate those for you. Dunno about mmark.

> ...

Best regards, Julian

_______________________________________________
art mailing list
art@ietf.org
https://www.ietf.org/mailman/listinfo/art