Last Call Review of draft-ietf-kitten-rfc2853bis-
reviewing this document as part of the security directorate's ongoing effort to
review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments. Feel free to forward to any appropriate forum.
This refresh of RFC 2853 (GSSAPI JAVA BINDINGS) is almost
trivial. The only technical changes are the renumbering of error codes and OID
values because the values in RFC 2853 were internally inconsistent, missing, or
(in the case of OIDs) obsolete. There are a handful of other minor corrections
in the document (none technical). The document was also refreshed to use the
now-current copyright notices, etc.
Since all of the error codes correspond to fatal errors, it
is unlikely that even interoperation with an implementation with bad codes
could cause security problems (just confusing error messages). The security
considerations seemed reasonable in RFC 2853 and they are unchanged here.