Last Call Review of draft-ietf-httpbis-unprompted-auth-10
review-ietf-httpbis-unprompted-auth-10-opsdir-lc-chen-2024-09-10-00
Request | Review of | draft-ietf-httpbis-unprompted-auth |
---|---|---|
Requested revision | No specific revision (document currently at 12) | |
Type | Last Call Review | |
Team | Ops Directorate (opsdir) | |
Deadline | 2024-09-11 | |
Requested | 2024-08-28 | |
Authors | David Schinazi , David Oliver , Jonathan Hoyland | |
I-D last updated | 2024-09-10 | |
Completed reviews |
Secdir Last Call review of -10
by Rich Salz
(diff)
Genart Last Call review of -10 by Reese Enghardt (diff) Opsdir Last Call review of -10 by Ran Chen (diff) Artart Last Call review of -10 by Robert Sparks (diff) |
|
Assignment | Reviewer | Ran Chen |
State | Completed | |
Request | Last Call review on draft-ietf-httpbis-unprompted-auth by Ops Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/ops-dir/ZlLV1140bxRL8tkRQd9wH_KuG0o | |
Reviewed revision | 10 (document currently at 12) | |
Result | Has nits | |
Completed | 2024-09-10 |
review-ietf-httpbis-unprompted-auth-10-opsdir-lc-chen-2024-09-10-00
I have reviewed this document as part of the Ops area directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Ops area directors. Document editors and WG chairs should treat these comments just like any other last-call comments. This document defines a new signature-based authentication scheme that is not probeable. Here are some comments and nits. ## Comments 1. Abstract I'm wondering if it's necessary to retain the phrase "at the time of writing this document" that appears in the Abstract of this document. I noticed that this sentence was originally added in version 07. 2. Section 2 Please indicate the source of “the Authorization or Proxy-Authorization header field” mentioned in this section. 3.Section 5 & 6 There are references to "RFC8792" in Chapters 5 and 6. But it is not displayed correctly: [RFC8792]. ## NITS: 1.Abstract s/HTTP/ Hypertext Transfer Protocol (HTTP) 2.Section 2 s/the Authorization or Proxy-Authorization header field/ the Authorization (or Proxy-Authorization) header field Note: The whole text remains consistent 3. Section 3 OLD --> When a client wishes to uses the Concealed HTTP authentication scheme with a request. NEW --> When a client wishes to use the Concealed HTTP authentication scheme with a request. Best Regards, Ran Chen