Last Call Review of draft-ietf-ohai-ohttp-06
review-ietf-ohai-ohttp-06-genart-lc-yee-2022-12-15-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-ohai-ohttp-06
Reviewer: Peter Yee
Review Date: 2022-12-15
IETF LC End Date: 2022-12-09
IESG Telechat date: Not scheduled for a telechat

Summary: The draft describes a privacy-enhancing scheme for HTTP requests that
makes use of two intermediaries between a client and the intended HTTP server.
The document is well written, with good explanations of the choices and
recommendations it makes. There are nits in the document that should be fixed
prior to publication. [Ready with nits]

Sorry about the tardy review.

Major issues: None.

Minor issues: None. [Well, I had some, but they didn’t seem worth pursuing.]

Nits/editorial comments:

Page 4, 1st partial paragraph, 1st full sentence: change “minumum” to “minimum”.

Page 4, section 2, 2nd bullet item: I’m not entirely happy with “accepts” as
the verb here, but “uses” probably isn’t quite right either. Page 6, section
2.1, 1st bullet item: should this be “two additional regular HTTP requests”
instead of “two regular HTTP requests”?

Page 8, 1st partial paragraph (“Oblivious Gateway Resource”), 1st partial
sentence: I’m not sure why “encapsulated” was removed from “that encapsulated
response” at the end of this sentence in draft -05. The output of encapsulation
isn’t a response per se, so returning “that response” sort of sounds like it
means the unencapsulated response. It isn’t, upon reflection, but it takes
extra thought where the removed word would have sufficed to make it clear
immediately.

Page 8, 3rd full paragraph (“Encoding..”), 3rd sentence: The len() function
doesn’t appear to be referenced anywhere else in the document, at least from a
cursory search. Delete the sentence if the function is unneeded.

Page 9, section 3.2, figure 2: Is 262140 the right number here? It’s not
divisible by 32. I would have thought it needed to be.

Page 14, item 3, 1st sentence: bracket “prk” in commas as done with “secret” in
item 1 on the previous page.

Page 14, item 4, 1st sentence: fully bracket “key” in commas […AEAD key, key,
of…].

Page 14, item 7, 1st sentence: a comma is probably desirable after
“Encapsulated Response”.

Page 14, last line before section 4.5: change “reponse” to “response”.

Page 17, section 5.2, 3rd paragraph, 2nd sentence: append a comma after
“malformed”.

Page 21, section 6.2, 4th paragraph, last sentence: this is the second mention
of “information that a Client is aware of”. Would it be possible to give an
example or a pointer?

Page 25, 2nd paragraph, 1st sentence: change “affects” to “effects”.

Page 29, section 7, 4th paragraph, 2nd sentence: delete the second occurrence
of “of”.

Page 38, near the middle of the page(!): change “Oblivous” to “Oblivious”.