Skip to main content

Last Call Review of draft-ietf-extra-imap-unauth-00
review-ietf-extra-imap-unauth-00-secdir-lc-waltermire-2018-05-29-00

Request Review of draft-ietf-extra-imap-unauth
Requested revision No specific revision (document currently at 01)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-05-21
Requested 2018-05-07
Authors Chris Newman
Draft last updated 2018-05-29
Completed reviews Genart Last Call review of -00 by Roni Even (diff)
Secdir Last Call review of -00 by David Waltermire (diff)
Assignment Reviewer David Waltermire
State Completed
Review review-ietf-extra-imap-unauth-00-secdir-lc-waltermire-2018-05-29
Reviewed revision 00 (document currently at 01)
Result Has Nits
Completed 2018-05-29
review-ietf-extra-imap-unauth-00-secdir-lc-waltermire-2018-05-29-00
This standards track draft adds a new state transition to IMAP allowing the
current authentication context to be reset to an non-authenticated state using
the UNAUTHENTICATE command. This allows a client to issue the IMAP AUTHENTICATE
command with administrative credentials to act on behalf of other users,
without having to create a new connection for each user, providing for greater
efficiency.

This draft appears to be ready for publication, with some relatively minor nits
to improve readability.

Section 4.1: The requirements in this list go beyond the stated requirement to
reset connection state. Some text should be added to make it clear that the
list defines additional behavior to be followed.

Something like the following could be used to address this:

s/This lists some IMAP extensions that have connection state that/The
connection state for the following list of IMAP extensions/

Append to the end of the paragraph "Additional requirements apply to specific
extensions as follows:".