[Gen-art] Gem-Art review for draft-ietf-httpauth-scram-auth-14

"Ralph Droms (rdroms)" <rdroms@cisco.com> Wed, 09 December 2015 20:47 UTC

Return-Path: <rdroms@cisco.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id DCB881A21AD; Wed, 9 Dec 2015 12:47:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id B3yN-sYNpg_Q; Wed, 9 Dec 2015 12:47:42 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 458461A9142; Wed, 9 Dec 2015 12:47:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2810; q=dns/txt; s=iport; t=1449694062; x=1450903662; h=from:to:cc:subject:date:message-id:mime-version; bh=GWkbX+K0wMkbf+7q6jgp4LwhwEGAuXPQFI3Z65lsDrQ=; b=LjxY5PFGXgDx4ibMhPYm+i+RFmM6pggWYfLWF4osZY9qojBPV9MAM4tb SBpqtSIoWtpqpfSB7S2gGHEerzNQmQxzw4TbuN6vQyW8guo1xIt1OAzCZ F3lm0l7h+5/pZpe3/aZfnPJfvY0/HK0WZ7JB6EN/oCWjYD5Hs9re/DqlU k=;
X-Files: signature.asc : 841
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0ByBQCokmhW/5BdJa1egzpTbgEFvykhh?= =?us-ascii?q?W6BKzsRAQEBAQEBAX8LhDcEeRIBHGQnBA4TiCENv14BAQEBAQEBAQEBAQEBAQE?= =?us-ascii?q?BAQEBAQEPCYZWAYIOh2mDK4EaBYdRhw+ICQGCZoFiaogQgVtJg3uWZAE3LIQEc?= =?us-ascii?q?4RxgQcBAQE?=
X-IronPort-AV: E=Sophos;i="5.20,405,1444694400"; d="asc'?scan'208";a="57783323"
Received: from rcdn-core-8.cisco.com ([]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Dec 2015 20:47:41 +0000
Received: from XCH-RCD-018.cisco.com (xch-rcd-018.cisco.com []) by rcdn-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id tB9KlfZE006986 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 9 Dec 2015 20:47:41 GMT
Received: from xch-aln-016.cisco.com ( by XCH-RCD-018.cisco.com ( with Microsoft SMTP Server (TLS) id 15.0.1104.5; Wed, 9 Dec 2015 14:47:40 -0600
Received: from xch-aln-016.cisco.com ([]) by XCH-ALN-016.cisco.com ([]) with mapi id 15.00.1104.009; Wed, 9 Dec 2015 14:47:40 -0600
From: "Ralph Droms (rdroms)" <rdroms@cisco.com>
To: "gen-art@ietf.org" <gen-art@ietf.org>
Thread-Topic: Gem-Art review for draft-ietf-httpauth-scram-auth-14
Thread-Index: AQHRMsLYYm+Z2vDNRUWonprSp6RzFA==
Date: Wed, 9 Dec 2015 20:47:40 +0000
Message-ID: <800EE981-F2C3-4540-8653-8AEC63625E17@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/signed; boundary="Apple-Mail=_9C149C44-AA1E-4AD2-9BD8-F0F3D81923B9"; protocol="application/pgp-signature"; micalg=pgp-sha256
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/Z8tmeIrDzkcPFgqrraNvrJAG_wk>
Cc: "draft-ietf-httpauth-scram-auth.all@ietf.org" <draft-ietf-httpauth-scram-auth.all@ietf.org>
Subject: [Gen-art] Gem-Art review for draft-ietf-httpauth-scram-auth-14
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2015 20:47:44 -0000

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at


Document: draft-ietf-httpauth-scram-auth-14
Reviewer: Ralph Droms
Review Date: 2015-13-9
IETF LC End Date: 2015-12-16
IESG Telechat date: (if known)

Summary: This draft is ready for publication as an Experimental RFC.

Major issues: None.

Minor issues: None.

Nits/editorial comments:

Nicely written, very clear document.

idnits reports some lines too long and an unused reference.

In the third paragraph of the Introduction, I suggest removing the parentheses and editing the second sentence for clarity; specifically, what is "SCRAM data"?

You could probably omit the parentheses in the second paragraph of Setion 3, as well, I'm likely just arguing style.

The last sentence of the last paragraph of sectino 3 was unclear to me: which messages are referred to?

I think, in the phrase "fail the authentication" in the fifth paragraph of section 8, you are using "fail" as a transitive verb, as in "the client considers the authentication of the message to have failed".  If I have that write, I suggest rewriting the containing sentence to improve the clarity.