[secdir] Secdir last call review of draft-ietf-extra-imap-unauth-00

David Waltermire <david.waltermire@nist.gov> Tue, 29 May 2018 17:50 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: David Waltermire <david.waltermire@nist.gov>
To: secdir@ietf.org
Cc: extra@ietf.org, ietf@ietf.org, draft-ietf-extra-imap-unauth.all@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152761621220.30011.11575332790456344157@ietfa.amsl.com>
Date: Tue, 29 May 2018 10:50:12 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/t5w7I_P-Gxoux9jzV9Tv2c1SXTU>
Subject: [secdir] Secdir last call review of draft-ietf-extra-imap-unauth-00

Reviewer: David Waltermire
Review result: Has Nits

This standards track draft adds a new state transition to IMAP allowing the
current authentication context to be reset to an non-authenticated state using
the UNAUTHENTICATE command. This allows a client to issue the IMAP AUTHENTICATE
command with administrative credentials to act on behalf of other users,
without having to create a new connection for each user, providing for greater
efficiency.

This draft appears to be ready for publication, with some relatively minor nits
to improve readability.

Section 4.1: The requirements in this list go beyond the stated requirement to
reset connection state. Some text should be added to make it clear that the
list defines additional behavior to be followed.

Something like the following could be used to address this:

s/This lists some IMAP extensions that have connection state that/The
connection state for the following list of IMAP extensions/

Append to the end of the paragraph "Additional requirements apply to specific
extensions as follows:".

[secdir] Secdir last call review of draft-ietf-ex… David Waltermire