Re: [http-auth] I-D Action: draft-ietf-httpauth-scram-auth-09.txt

Martin J. Dürst <duerst@it.aoyama.ac.jp> Sat, 14 November 2015 00:59 UTC

To: Tony Hansen <tony@att.com>, Alexey Melnikov <alexey.melnikov@isode.com>, http-auth@ietf.org
References: <20151113154417.28110.68680.idtracker@ietfa.amsl.com> <5646068C.8020602@isode.com> <56460ED6.9050304@att.com> <56462AE0.8020007@att.com>
From: "Martin J. Dürst" <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
Message-ID: <56468765.2040805@it.aoyama.ac.jp>
Date: Sat, 14 Nov 2015 09:59:17 +0900
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <56462AE0.8020007@att.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: None (protection.outlook.com: it.aoyama.ac.jp does not designate permitted sender hosts)
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Nov 2015 00:59:24.5925 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: KAWPR01MB0132
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/DSlXqrMj_1RlpOaDB-MmYAzA2fM>
Subject: Re: [http-auth] I-D Action: draft-ietf-httpauth-scram-auth-09.txt
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Nov 2015 00:59:31 -0000

I think further wording improvement is needed.

On 2015/11/14 03:24, Tony Hansen wrote:

>           Note that version of SCRAM doesn't support HTTP channel
>           bindings, so this header always starts with "n"; otherwise the
>           message is invalid and authentication MUST fail.

The second word, "that", seems to do double duty, both in "Note that" 
and "that version of SCRAM". This doesn't parse. Possible solutions:

           Note that this version of SCRAM doesn't support HTTP channel
           bindings, so this header always starts with "n"; otherwise the
           message is invalid and authentication MUST fail.
or

           Note that SCRAM-SHA-256 doesn't support HTTP channel
           bindings, so this header always starts with "n"; otherwise the
           message is invalid and authentication MUST fail.

Regards,   Martin.

[http-auth] I-D Action: draft-ietf-httpauth-scram… internet-drafts
Re: [http-auth] I-D Action: draft-ietf-httpauth-s… Alexey Melnikov
Re: [http-auth] I-D Action: draft-ietf-httpauth-s… Tony Hansen
Re: [http-auth] I-D Action: draft-ietf-httpauth-s… Tony Hansen
Re: [http-auth] I-D Action: draft-ietf-httpauth-s… Martin J. Dürst
Re: [http-auth] I-D Action: draft-ietf-httpauth-s… Tony Hansen
Re: [http-auth] I-D Action: draft-ietf-httpauth-s… Alexey Melnikov