Last Call Review of draft-ietf-jmap-core-12

Request Review of draft-ietf-jmap-core
Requested rev. no specific revision (document currently at 17)
Type Last Call Review
Team Transport Area Review Team (tsvart)
Deadline 2018-12-28
Requested 2018-12-14
Authors Neil Jenkins, Chris Newman
Draft last updated 2018-12-28
Completed reviews Tsvart Last Call review of -12 by Allison Mankin (diff)
Secdir Last Call review of -12 by Tero Kivinen (diff)
Secdir Telechat review of -14 by Tero Kivinen (diff)
Assignment Reviewer Allison Mankin 
State Completed
Review review-ietf-jmap-core-12-tsvart-lc-mankin-2018-12-28
Reviewed rev. 12 (document currently at 17)
Review result Ready
Review completed: 2018-12-28


This document has been reviewed as part of the transport area review team's
ongoing effort to review key IETF documents. These comments were written
primarily for the transport area directors, but are copied to the document's
authors and WG to allow them to address any issues raised and also to the IETF
discussion list for information.

When done at the time of IETF Last Call, the authors should consider this
review as part of the last-call comments they receive. Please always CC if you reply to or forward this review.

This standards track specification is in good shape from a transport point of view. Topics considered in this assessment were its discovery mechanism, its support of tools for denial of service and rate control issues on both the server and clients side, its ordering and data flow for the allowed disparate client endpoints, and its transport mapping, which is mandatory HTTPS.

One question that is referred to other areas is what recommendations would be given (or what spec referenced) for validation of uploaded blob objects (it looks like the flow control for these is fine).