Re: [kitten] WGLC for three "bis" documents: draft-ietf-kitten-rfc4402bis-00, draft-ietf-kitten-rfc5653bis-01, draft-ietf-kitten-rfc6112bis-00

Greg Hudson <> Sun, 01 February 2015 21:49 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 50B1E1A1AD3 for <>; Sun, 1 Feb 2015 13:49:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DBusILonZSZX for <>; Sun, 1 Feb 2015 13:49:25 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 02D371A1AC1 for <>; Sun, 1 Feb 2015 13:49:24 -0800 (PST)
X-AuditID: 1209190f-f79716d000000d1a-39-54ce9f63275c
Received: from ( []) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 2B.5E.03354.36F9EC45; Sun, 1 Feb 2015 16:49:23 -0500 (EST)
Received: from ( []) by (8.13.8/8.9.2) with ESMTP id t11LnH79016354; Sun, 1 Feb 2015 16:49:18 -0500
Received: from [] ( []) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by (8.13.8/8.12.4) with ESMTP id t11LnF6f021481 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 1 Feb 2015 16:49:17 -0500
Message-ID: <>
Date: Sun, 01 Feb 2015 16:49:15 -0500
From: Greg Hudson <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Benjamin Kaduk <>,
References: <>
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrMIsWRmVeSWpSXmKPExsUixCmqrZs8/1yIwfr3xhZHN69icWD0WLLk J1MAYxSXTUpqTmZZapG+XQJXRl/DSdaCNu6Kh7svsTYwTuPsYuTkkBAwkdi65gEThC0mceHe erYuRi4OIYHFTBIT7zxghXA2MEpcnrOeCcI5wCSx+tdhsBZeATWJ3mdfWEBsFgFVib3fT7CC 2GwCyhLr928FinNwiAqESZxvZoQoF5Q4OfMJWLmIgLHE3Z83WEBmCgvMZJToPNMMNlNIwFFi 2qVt7CA2p4CTRN+zRjYQm1lAT2LH9V+sELa8RPPW2cwTGAVmIZk7C0nZLCRlCxiZVzHKpuRW 6eYmZuYUpybrFicn5uWlFuma6OVmluilppRuYgSHpST/DsZvB5UOMQpwMCrx8P64ejZEiDWx rLgy9xCjJAeTkijvwv1AIb6k/JTKjMTijPii0pzU4kOMEhzMSiK8m+vOhQjxpiRWVqUW5cOk pDlYlMR5N/3gCxESSE8sSc1OTS1ILYLJynBwKEnwes8DahQsSk1PrUjLzClBSDNxcIIM5wEa HgBSw1tckJhbnJkOkT/FqCglzssPkhAASWSU5sH1wtLGK0ZxoFeEeRVBqniAKQeu+xXQYCag wcsmnQEZXJKIkJJqYDSLKcrr3TNpsuVu16hi+c6L9XOeLFd7+eD19+esRaWmJZd3zVvW0nV6 3p+YGIvUgyuqlfWVv064ld7F9yZjilJsiOThHv5M7+qEvMWVs5IE/hvFXGK4omq7anqbrKz7 hADP2pXK0x0WxMlUii8x7nDXf2uxWFAsxu7DZ5nHiv27Wz2V2l/cVWIpzkg01GIuKk4EANxQ 1yr2AgAA
Archived-At: <>
Subject: Re: [kitten] WGLC for three "bis" documents: draft-ietf-kitten-rfc4402bis-00, draft-ietf-kitten-rfc5653bis-01, draft-ietf-kitten-rfc6112bis-00
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 01 Feb 2015 21:49:27 -0000

On 01/20/2015 06:02 PM, Benjamin Kaduk wrote:

I reviewed this and did not find any problems with it.


My only substantive note is that the InputStream/OutputStream forms of
initSecContext/acceptSecContext could, perhaps, already write tokens to
the outStream parameter before throwing an exception, instead of
communicating them in the exception.  If this issue has already been
discussed, please ignore this remark.  If not, I suspect it might be
easier on callers (but perhaps harder on implementations) just to
require that callers flush or otherwise handle content in the output
stream after an exception.  I do not have a strong interest in how this
turns out, though.

Some text was removed from the copyright notice about containing
pre-2008 material.  If this was intentional, please ignore this remark.

In several places the draft uses the new text "to inform the reason for
the error," which is not correct English.  I suggest "to communicate the
reason for the error."

The section 5.2 table contains the pre-existing typo "Covert" for
"Convert".  I noticed because the table was reformatted; it may or may
not be worth correcting.


I found a typo: "optionSHOULD" for "option SHOULD."