[Unbearable] Opsdir last call review of draft-ietf-tokbind-negotiation-10
Will LIU <liushucheng@huawei.com> Mon, 04 December 2017 13:19 UTC
Return-Path: <liushucheng@huawei.com>
X-Original-To: unbearable@ietf.org
Delivered-To: unbearable@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E503B127275; Mon, 4 Dec 2017 05:19:14 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Will LIU <liushucheng@huawei.com>
To: ops-dir@ietf.org
Cc: unbearable@ietf.org, draft-ietf-tokbind-negotiation.all@ietf.org, ietf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.66.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151239355490.6314.4963597716182552461@ietfa.amsl.com>
Date: Mon, 04 Dec 2017 05:19:14 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/-l-Ca2IhDjHvCsRrf47qJh8pLgw>
Subject: [Unbearable] Opsdir last call review of draft-ietf-tokbind-negotiation-10
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Dec 2017 13:19:15 -0000
Reviewer: Will LIU Review result: Ready I have reviewed draft-ietf-tokbind-negotiation-10 as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. “ This document specifies a Transport Layer Security (TLS) extension for the negotiation of Token Binding protocol version and key parameters.” My overall view of the document is 'Ready with Nits' for publication. Section 3 > "token_binding_version" contains the lower of: > o the Token Binding protocol version offered by the client in the > "token_binding" extension and > o the highest version supported by the server. "The highest version" means the highest *Token Binding protocol* version? If yes, please indicate directly to eliminate confusion. Section 8 > [I-D.ietf-tokbind-protocol] > Popov, A., Nystrom, M., Balfanz, D., Langley, A., and J. > Hodges, "The Token Binding Protocol Version 1.0", draft- > ietf-tokbind-protocol-15 (work in progress), July 2017. A later version (-16) should be put here.