Last Call Review of draft-ietf-geopriv-policy-uri-
review-ietf-geopriv-policy-uri-genart-lc-black-2011-11-30-2-00
| Request | Review of | draft-ietf-geopriv-policy-uri |
|---|---|---|
| Requested revision | No specific revision (document currently at 07) | |
| Type | Last Call Review | |
| Team | General Area Review Team (Gen-ART) (genart) | |
| Deadline | 2011-12-13 | |
| Requested | 2011-11-30 | |
| Authors | Richard Barnes , Martin Thomson , James Winterbottom , Hannes Tschofenig | |
| I-D last updated | 2011-11-30 | |
| Completed reviews |
Genart Telechat review of -??
by Suresh Krishnan
Genart Last Call review of -?? by David L. Black Genart Last Call review of -?? by David L. Black Genart Last Call review of -?? by David L. Black Secdir Last Call review of -?? by Scott G. Kelly |
|
| Assignment | Reviewer | David L. Black |
| State | Completed | |
| Request | Last Call review on draft-ietf-geopriv-policy-uri by General Area Review Team (Gen-ART) Assigned | |
| Completed | 2011-11-30 |
review-ietf-geopriv-policy-uri-genart-lc-black-2011-11-30-2-00
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please wait for direction from your document shepherd or AD before posting a new version of the draft. Document: draft-ietf-geopriv-policy-uri-03 Reviewer: David L. Black Review Date: November 22, 2011 IESG Telechat date: December 1, 2011 Summary: This draft is basically ready for publication, but has nits that should be fixed before publication. This draft specifies policy URIs for management of privacy policy for location information obtained and maintained by Location Configuration Protocols (LCPs). The draft is clear and well written. All of the topics raised by the GenART review of the -02 version are addressed in the -03 version, except that an unfortunate sentence structure has neutered one of the agreed-to resolutions (PUT and DELETE requests SHOULD always be rejected for http: URIs). The following changes should be made to correctly capture the intent (this is a normative change): Section 7.1: OLD If other means of protection are available, an "http:" URI MAY be used. NEW If other means of protection are available, an "http:" URI MAY be used, but location servers SHOULD reject all PUT and DELETE requests for policy URIs that use the "http:" URI scheme. END Section 7.2: OLD When neither application-layer or network- layer security is provided, location servers MUST reject requests using the PUT and DELETE methods, and SHOULD reject PUT and DELETE requests for policy URIs that use the "http:" URI scheme. NEW When neither application-layer or network- layer security is provided, location servers MUST reject requests using the PUT and DELETE methods. END idnits 2.12.12 did not find anything that needs attention. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 david.black at emc.com Mobile: +1 (978) 394-7754 ----------------------------------------------------