Last Call Review of draft-ietf-oauth-jwt-bearer-10

Request Review of draft-ietf-oauth-jwt-bearer
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2014-09-29
Requested 2014-09-19
Authors Michael Jones, Brian Campbell, Chuck Mortimore
Draft last updated 2014-09-29
Completed reviews Genart Last Call review of -10 by Joel Halpern (diff)
Secdir Last Call review of -10 by Radia Perlman (diff)
Opsdir Last Call review of -10 by Tim Wicinski (diff)
Assignment Reviewer Tim Wicinski
State Completed
Review review-ietf-oauth-jwt-bearer-10-opsdir-lc-wicinski-2014-09-29
Reviewed rev. 10 (document currently at 12)
Review result Has Issues
Review completed: 2014-09-29


I have reviewed this document as part of the Operational directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
operational area directors.  Document editors and WG chairs should
treat these comments just like any other last call comments.

Summary: Ready with some questions

Editorial Nits:

Terminology; there are several terms in the draft which are used, and

in the Terminology section, the authors refer to 3 different drafts. 

However though documents use this terminology in a standard format (ex 

'Authorization Grant'), but this document fails to follow this format.

Editorially, I would think with multiple documents as sources, the 

terminologies should be attributed to specific documents.  This may be 

my personal opinion.

Section 2:  The draft is referencing work done on a draft that has not 

been published, I-D.ietf-oauth-assertions but is being the basis for 

this draft. I would think this document should wait until that draft has 

been published, as it could change before publication.

I got hung up on that issue, and while I read the rest of the draft and 

it does appear to be ready for publication with some editorial bits, I 

felt I gave some of the later sections less vigorous approach based on 

my previous blocker.