Re: [kitten] Ben Campbell's No Objection on draft-ietf-kitten-sasl-oauth-22: (with COMMENT)

"Ben Campbell" <ben@nostrum.com> Thu, 28 May 2015 03:20 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D80CA1A1AB5; Wed, 27 May 2015 20:20:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SaH8ydCAo7TK; Wed, 27 May 2015 20:20:39 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82E871A1A87; Wed, 27 May 2015 20:20:39 -0700 (PDT)
Received: from [10.0.1.23] (cpe-70-119-203-4.tx.res.rr.com [70.119.203.4]) (authenticated bits=0) by nostrum.com (8.15.1/8.14.9) with ESMTPSA id t4S3KSAH078375 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 27 May 2015 22:20:38 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-119-203-4.tx.res.rr.com [70.119.203.4] claimed to be [10.0.1.23]
From: "Ben Campbell" <ben@nostrum.com>
To: "Bill Mills" <wmills_92105@yahoo.com>
Date: Wed, 27 May 2015 22:20:28 -0500
Message-ID: <7F67E244-0ED2-473E-9E5A-B8E2B382563B@nostrum.com>
In-Reply-To: <1717038366.5795.1432766943755.JavaMail.yahoo@mail.yahoo.com>
References: <20150527211918.9536.15611.idtracker@ietfa.amsl.com> <1717038366.5795.1432766943755.JavaMail.yahoo@mail.yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/4cOn9w4_xIY9EyEQQxrLZNclXgA>
Cc: "kitten-chairs@ietf.org" <kitten-chairs@ietf.org>, "draft-ietf-kitten-sasl-oauth.shepherd@ietf.org" <draft-ietf-kitten-sasl-oauth.shepherd@ietf.org>, "kitten@ietf.org" <kitten@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-kitten-sasl-oauth@ietf.org" <draft-ietf-kitten-sasl-oauth@ietf.org>, "draft-ietf-kitten-sasl-oauth.ad@ietf.org" <draft-ietf-kitten-sasl-oauth.ad@ietf.org>
Subject: Re: [kitten] Ben Campbell's No Objection on draft-ietf-kitten-sasl-oauth-22: (with COMMENT)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2015 03:20:43 -0000

Hi, thanks for the response. A few comments below. I removed sections 
that do not seem to need further discussion.

On 27 May 2015, at 17:49, Bill Mills wrote:

[...]

>>  > -- 3: "Such a new SASL OAuth mechanism can be added by simply>   
>>  registering the new name(s)"> > Register them where?
> s/by simply registering the new name(s)/by registering the new name(s) 
> with IANA/
> change made in my working copy.

Sorry, I guess I was asking for which registry at IANA.

>>  > -- 3.2, 2nd paragraph : "... known to the application."> > Known 
>> to the "resource server"?
> this is server config and in protocol data that the app could have, so 
> I'd rather leave this as "application" but if there's strong desire 
> for "resource server" I'll make the change.

Do I understand correctly that we are talking about matching things like 
host and port sent by the client to things the server "knows" through 
other channels?  It seems like "application" could mean application at 
the client as well as the server, or even the combination of both. Maybe 
"application server"? (Or maybe I've missed the intent?)

>>  > Editorial Stuff:> > -- 3.1, "Port":> > I assume that means the 
>> destination port to which the client connected?> (similar to 
>> Host?)> > -- 3.1.1 "Post": default value is "". > > Does "" 
>> represent an empty string?
> Yes, does this need to be spelled out?

"Need" might be too strong a word, but I think a description like 
"empty" would be more clear than '""'.

>>  > -- 3.2, first sentence"> > s/" ... according the 
>> specification..." / "... according to the specification..."

[...]