Re: WG Last Call: draft-ietf-sasl-scram-02
Simon Josefsson <simon@josefsson.org> Tue, 28 July 2009 08:12 UTC
Return-Path: <owner-ietf-sasl@mail.imc.org>
X-Original-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Delivered-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 53E9A3A6CEB for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Tue, 28 Jul 2009 01:12:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jWsKiNUZq1t0 for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Tue, 28 Jul 2009 01:12:06 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id A21D43A6ABC for <sasl-archive-Zoh8yoh9@ietf.org>; Tue, 28 Jul 2009 01:12:05 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n6S83mAR027127 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 28 Jul 2009 01:03:48 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n6S83m2I027126; Tue, 28 Jul 2009 01:03:48 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n6S83YXw027109 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-sasl@imc.org>; Tue, 28 Jul 2009 01:03:46 -0700 (MST) (envelope-from simon@josefsson.org)
Received: from mocca.josefsson.org (dhcp-11c1.meeting.ietf.org [130.129.17.193]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5) with ESMTP id n6S83UkX029731 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 28 Jul 2009 10:03:32 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Tom Yu <tlyu@MIT.EDU>
Cc: ietf-sasl@imc.org
Subject: Re: WG Last Call: draft-ietf-sasl-scram-02
References: <ldvbpnouhy3.fsf@cathode-dark-space.mit.edu>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090728:ietf-sasl@imc.org::rQaXyCsUW9g+UWZR:7lOs
X-Hashcash: 1:22:090728:tlyu@mit.edu::7FjzQgOGW1wObdaK:pgpz
Date: Tue, 28 Jul 2009 10:03:29 +0200
In-Reply-To: <ldvbpnouhy3.fsf@cathode-dark-space.mit.edu> (Tom Yu's message of "Mon, 13 Jul 2009 22:17:08 -0400")
Message-ID: <87prblutda.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.96 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: clamav-milter 0.95.2 at yxa-v
X-Virus-Status: Clean
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
I'll get to reviewing the technical part of the document, promise! :)
Running idnits on the document, it says
== The document seems to lack a disclaimer for pre-RFC5378 work, but was
first submitted before 10 November 2008. Should you add the disclaimer?
(See the Legal Provisions document at
http://trustee.ietf.org/license-info for more information.).
The document has a long history, is the current legal boilerplate ok?
Idnits also complains about these references, but these complaints seems
bogus:
== Missing Reference: 'I-D.ietf-sasl-gs2' is mentioned on line 1014, but
not defined
== Missing Reference: 'RFC2743' is mentioned on line 1019, but not defined
== Missing Reference: 'RFC4121' is mentioned on line 1025, but not defined
== Missing Reference: 'RFC3962' is mentioned on line 1022, but not defined
== Missing Reference: 'RFC4401' is mentioned on line 1030, but not defined
== Missing Reference: 'RFC4402' is mentioned on line 1034, but not defined
== Missing Reference: 'RFCXXXX' is mentioned on line 807, but not defined
However there are several documents added as references but not
mentioned in the document itself:
== Unused Reference: 'I-D.ietf-sasl-rfc2831bis' is defined on line 1050,
but no explicit reference was found in the text
== Unused Reference: 'RFC2195' is defined on line 1055, but no explicit
reference was found in the text
== Unused Reference: 'RFC2202' is defined on line 1059, but no explicit
reference was found in the text
== Unused Reference: 'RFC4086' is defined on line 1065, but no explicit
reference was found in the text
The first three should probably be just removed (?). But the last one
seems useful to reference normatively. How about adding the following
to Security Considerations?
See [RFC4086] for more information about generating randomness.
/Simon
- WG Last Call: draft-ietf-sasl-scram-02 Tom Yu
- Re: WG Last Call: draft-ietf-sasl-scram-02 Chris Newman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Jeffrey Hutzelman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Chris Newman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Jeffrey Hutzelman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Kurt Zeilenga
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Dave Cridland
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov