Last Call Review of draft-ietf-abfab-usecases-
review-ietf-abfab-usecases-genart-lc-krishnan-2012-08-14-00
Request | Review of | draft-ietf-abfab-usecases |
---|---|---|
Requested revision | No specific revision (document currently at 05) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2012-08-06 | |
Requested | 2012-07-26 | |
Authors | Rhys Smith | |
I-D last updated | 2012-08-14 | |
Completed reviews |
Secdir Last Call review of -??
by Brian Weis
Genart Last Call review of -?? by Suresh Krishnan |
|
Assignment | Reviewer | Suresh Krishnan |
State | Completed | |
Request | Last Call review on draft-ietf-abfab-usecases by General Area Review Team (Gen-ART) Assigned | |
Result | Ready | |
Completed | 2012-08-14 |
review-ietf-abfab-usecases-genart-lc-krishnan-2012-08-14-00
I am the assigned Gen-ART reviewer for draft-ietf-abfab-usecases-03.txt For background on Gen-ART, please see the FAQ at < http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html >. Please resolve these comments along with any other Last Call comments you may receive. Summary: This draft is ready for publication as an Informational RFC, but I do have some minor comments that you may like to address. Minor ===== * This document references obsolete versions of IMAP and SMTP. Is there any specific reason for referring to the older versions? If not, I recommend replacing references to -> RFC2060 with RFC3501 -> RFC2821 with RFC5321 * Section 3.7 The following text is a bit out of date. "At present, authentication to these applications will be typically configured manually by the user on the device (or on a different device connected to that device) but inputting their (usually pre- provisioned out-of-band) credentials for that application - one per application." With systems such as IMS that have gotten deployed, at least telco operator hosted applications can use some form of federated identity already. I do not have strong feelings about this but I suggest leaving out operator hosted applications from this characterization. * Section 3.9 I am not sure I understand the following text "The utility company may wish to grant access only to authorized devices; for example, a consortium of utility companies and device manufacturers may certify devices to connect to power networks." What does the word certify mean here? I have always understood it to mean testing compliance to certain requirements rather than verification of identity. Can you please clarify? Thanks Suresh