Last Call Review of draft-ietf-httpauth-mutual-10

Request Review of draft-ietf-httpauth-mutual
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2016-10-25
Requested 2016-10-13
Authors Yutaka Oiwa, Hajime Watanabe, Hiromitsu Takagi, Kaoru Maeda, Tatsuya Hayashi, Yuichi Ioku
Draft last updated 2016-10-25
Completed reviews Genart Last Call review of -10 by Meral Shirazipour (diff)
Assignment Reviewer Meral Shirazipour 
State Completed
Review review-ietf-httpauth-mutual-10-genart-lc-shirazipour-2016-10-25
Reviewed rev. 10 (document currently at 11)
Review result Ready with Nits
Review completed: 2016-10-25


I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair.  Please treat these comments just like any other last call comments. For
 more information, please see the FAQ at <>.


Document: draft-ietf-httpauth-mutual-10

Reviewer: Meral Shirazipour

Review Date:             2016-10-25

IETF LC End Date:     2016-10-25

IESG Telechat date: 2016-11-03



This draft is ready to be published as Experimental RFC, but I have some comments.


Major issues:

Minor issues:


Nits/editorial comments:

-General: the introduction should clarify the downside or extra complexity with the proposed method (does the client need to be modified? what was the reason the web did not opt for this method at first place? are there cases where this
 method cannot be applied?


-[Page 4], "are a one of"----->"are one of"


-[Page 46], Section 18, not sure if it should be left in the RFC or removed? Please check with chair or Responsible AD.



Best Regards,



Meral Shirazipour

Ericsson Research