Last Call Review of draft-ietf-netconf-http-client-server-16
review-ietf-netconf-http-client-server-16-secdir-lc-sahib-2024-02-09-00
| Request | Review of | draft-ietf-netconf-http-client-server |
|---|---|---|
| Requested revision | No specific revision (document currently at 20) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2024-02-09 | |
| Requested | 2024-01-26 | |
| Authors | Kent Watsen | |
| I-D last updated | 2024-02-09 | |
| Completed reviews |
Secdir Last Call review of -16
by Shivan Kaul Sahib
(diff)
Yangdoctors Last Call review of -06 by Ladislav Lhotka (diff) |
|
| Assignment | Reviewer | Shivan Kaul Sahib |
| State | Completed | |
| Request | Last Call review on draft-ietf-netconf-http-client-server by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/7Eb8QhzIOWoM7s1RtPRBlNQHa10 | |
| Reviewed revision | 16 (document currently at 20) | |
| Result | Has nits | |
| Completed | 2024-02-09 |
review-ietf-netconf-http-client-server-16-secdir-lc-sahib-2024-02-09-00
It looks like the document previously got review from HTTP WG, and generally looks well thought out. However, I'm not sure why only TCP and TLS are discussed in https://datatracker.ietf.org/doc/html/draft-ietf-netconf-http-client-server-16#section-2.1.2.2. Is the intention that network protocols like QUIC can be "augmented" in? I suspected that, but in that case, it should be mentioned the same way Basic auth is explicitly mentioned to be only one of the ways auth can happen with a MAY for other schemes: https://datatracker.ietf.org/doc/html/draft-ietf-netconf-http-client-server-16#section-2.1.2.1-4.4