Last Call Review of draft-ietf-oauth-discovery-07
review-ietf-oauth-discovery-07-opsdir-lc-bhandari-2017-10-23-00

Request Review of draft-ietf-oauth-discovery
Requested rev. no specific revision (document currently at 08)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2017-10-09
Requested 2017-09-25
Other Reviews Secdir Last Call review of -07 by Donald Eastlake (diff)
Genart Last Call review of -07 by Brian Carpenter (diff)
Genart Telechat review of -08 by Brian Carpenter
Review State Completed
Reviewer Shwetha Bhandari
Review review-ietf-oauth-discovery-07-opsdir-lc-bhandari-2017-10-23
Posted at https://www.ietf.org/mail-archive/web/ops-dir/current/msg02896.html
Reviewed rev. 07 (document currently at 08)
Review result Ready
Draft last updated 2017-10-23
Review completed: 2017-10-23

Review
review-ietf-oauth-discovery-07-opsdir-lc-bhandari-2017-10-23

Reviewer: Shwetha Bhandari

Review result: Ready

 

I have reviewed this document as part of the Operational directorate's ongoing

effort to review all IETF documents being processed by the IESG.  These

comments were written with the intent of improving the operational aspects of

the IETF drafts. Comments that are not addressed in last call may be included

in AD reviews during the IESG review.  Document editors and WG chairs should

treat these comments just like any other last call comments.

 

Summary:

This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server. The process of deploying authorization server metadata and discovering its location is out of scope of this specification. The specification establishes and populates IANA registry for authorization server metadata names. It also registers URI suffix “oauth-authorization-server” in the IANA "Well-Known URIs" registry without mandating applications to use only this suffix to publish authorization server metadata.
 

There is no operational considerations or manageability section in the document.

I don’t see any operational, network management or security management concerns with this document.

 

Thanks,

Shwetha