Last Call Review of draft-ietf-netconf-http-client-server-16
review-ietf-netconf-http-client-server-16-secdir-lc-sahib-2024-02-09-00
Request | Review of | draft-ietf-netconf-http-client-server |
---|---|---|
Requested revision | No specific revision (document currently at 23) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2024-02-09 | |
Requested | 2024-01-26 | |
Authors | Kent Watsen | |
I-D last updated | 2024-02-09 | |
Completed reviews |
Secdir Last Call review of -16
by Shivan Kaul Sahib
(diff)
Yangdoctors Last Call review of -06 by Ladislav Lhotka (diff) Httpdir Telechat review of -23 by Mark Nottingham |
|
Assignment | Reviewer | Shivan Kaul Sahib |
State | Completed | |
Request | Last Call review on draft-ietf-netconf-http-client-server by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/7Eb8QhzIOWoM7s1RtPRBlNQHa10 | |
Reviewed revision | 16 (document currently at 23) | |
Result | Has nits | |
Completed | 2024-02-09 |
review-ietf-netconf-http-client-server-16-secdir-lc-sahib-2024-02-09-00
It looks like the document previously got review from HTTP WG, and generally looks well thought out. However, I'm not sure why only TCP and TLS are discussed in https://datatracker.ietf.org/doc/html/draft-ietf-netconf-http-client-server-16#section-2.1.2.2. Is the intention that network protocols like QUIC can be "augmented" in? I suspected that, but in that case, it should be mentioned the same way Basic auth is explicitly mentioned to be only one of the ways auth can happen with a MAY for other schemes: https://datatracker.ietf.org/doc/html/draft-ietf-netconf-http-client-server-16#section-2.1.2.1-4.4