[Gen-art] Gen-ART Last Call review of draft-ietf-oauth-amr-values-04
Paul Kyzivat <pkyzivat@alum.mit.edu> Mon, 12 December 2016 00:13 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 167D51293D8 for <gen-art@ietfa.amsl.com>; Sun, 11 Dec 2016 16:13:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.935
X-Spam-Level:
X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DCEqsNu1QeOJ for <gen-art@ietfa.amsl.com>; Sun, 11 Dec 2016 16:13:23 -0800 (PST)
Received: from resqmta-ch2-11v.sys.comcast.net (resqmta-ch2-11v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AF1412896F for <gen-art@ietf.org>; Sun, 11 Dec 2016 16:13:23 -0800 (PST)
Received: from resomta-ch2-16v.sys.comcast.net ([69.252.207.112]) by resqmta-ch2-11v.sys.comcast.net with SMTP id GEF1cZtOyBhTgGEF8cNSmF; Mon, 12 Dec 2016 00:13:22 +0000
Received: from [192.168.1.110] ([73.186.127.100]) by resomta-ch2-16v.sys.comcast.net with SMTP id GEF8cnREvYFjvGEF8cmjgP; Mon, 12 Dec 2016 00:13:22 +0000
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
To: draft-ietf-oauth-amr-values.all@ietf.org
Message-ID: <1ed0ca62-46cb-df58-0626-98c2b0598679@alum.mit.edu>
Date: Sun, 11 Dec 2016 19:13:21 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-CMAE-Envelope: MS4wfBFomDzZmmjNHtzG+cMfic+9HTCBOaFiylOomkfs5k8HXHL4MOrkE+ES+kKqw6aoJUJmg2NychlNT+0TRa5R3XjD2dUacj9dA7LNkbSYHJju+J9X/d5Y kVJ7+LHMv46P4+2X9JUA/4pNp7lyfke17exC8284oc8DuTHvgDl2rFePFKo4rGDSsfo7p0RruBnQs4oIbXxCCGlge/KBRscAnTnV1+93j8IxpRUsr7x1LoDM
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/oElv4k579ec3T74Jdsuy1C0u-rY>
Cc: General Area Review Team <gen-art@ietf.org>
Subject: [Gen-art] Gen-ART Last Call review of draft-ietf-oauth-amr-values-04
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Dec 2016 00:13:25 -0000
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed by the
IESG for the IETF Chair. Please treat these comments just like any other
last call comments. For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Document: draft-ietf-oauth-amr-values-04
Reviewer: Paul Kyzivat
Review Date: 2016-12-11
IETF LC End Date: 2016-12-13
IESG Telechat date:
Summary:
This draft is on the right track but has open issues, described in the
review.
It is generally well written, with much better guidelines for expert
reviewers than I typically see.
Disclaimer:
I'm not well versed in JSON Web Tokens, so I have not considered the
pros/cons of having this registry or of the specific values being
registered. I have focused on the mechanics of the draft.
Issues:
Major: 0
Minor: 2
Nits: 0
(1) Minor:
Section 6.1 says:
IANA must only accept registry updates from the Designated Experts
and should direct all requests for registration to the review mailing
list.
This is inconsistent with the way IANA Expert Review works, as defined
in section 3.3 of RFC5526. Requests go through some channel (e.g. IESG
review for standards track RFCs) to the editor and then IANA actions
requiring expert review are referred to a designated expert. The expert
then approves or denies the request, and approved requests are acted
upon by IANA.
Direction of requests to a mailing list is not an IANA function, but
could be done by the expert.
Please revise the text and procedures to be consistent with the way
Expert Review is intended to work.
(2) Minor: Section 6.1.1:
There is no specification of the specific character values allowed for
AMR names.
This ought to be defined in such a way that IANA can enforce it. If not,
then there need to be criteria that are to be enforced by the designated
expert.
And exactly what is meant by case-sensitive? It is well defined over
ASCII, so this may be ok if the character set is a subset of ASCII, but
not if it covers a broader subset of Unicode. It would perhaps be better
to define the matching more precisely, such as in terms of octets.
While names are case-sensitive, is it acceptable to register two names
that differ only in case? (Again, this is strictly speaking only
relevant for certain alphabets. But there are rules defined for Unicode
to avoid values that have confusingly similar renderings.)
Please tighten this up.
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Paul Kyzivat
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Mike Jones