Skip to main content

Telechat Review of draft-ietf-tram-turn-third-party-authz-11

Request Review of draft-ietf-tram-turn-third-party-authz
Requested revision No specific revision (document currently at 16)
Type Telechat Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2015-02-17
Requested 2015-02-04
Authors Tirumaleswar Reddy.K , Prashanth Patil , Ram R , Justin Uberti
I-D last updated 2015-02-16
Completed reviews Genart Last Call review of -08 by Christer Holmberg (diff)
Genart Telechat review of -11 by Christer Holmberg (diff)
Secdir Last Call review of -07 by Yaron Sheffer (diff)
Opsdir Last Call review of -08 by Tom Taylor (diff)
Assignment Reviewer Christer Holmberg
State Completed
Review review-ietf-tram-turn-third-party-authz-11-genart-telechat-holmberg-2015-02-16
Reviewed revision 11 (document currently at 16)
Result Ready with Nits
Completed 2015-02-16

I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART,
please see the FAQ at <>

Document:                         draft-ietf-tram-turn-third-party-authz-09.txt

Reviewer:                           Christer Holmberg

Review Date:                     13 February 2015

IETF LC End Date:             4 January 2015

IETF Telechat Date:         19 February 2015

Summary:        I see that there has been quite of bit of changes in the draft
since the previously reviewed version (-08). However, most of my comments seem
to have been addressed. But, I still have a few comments, most
 related to my comments on the previously reviewed version.

Major Issues: None

Minor Issues: None

Editorial nits: See below


Section 1:

Q1_2: Please add an OAuth reference on first occurrence.


Section 4:

Q4_2:  The section gives examples for the key establishment. I think you should
make it clear that, when you say that the mechanism to use is outside the scope
of the document, also should say the draft does not mandate
 any given mechanism.

Something like:

        “The procedure for establishment of the symmetric key is outside the
        scope of this

        specification, and this specification does not mandate support of any
        given mechanism.

        Sections 4.1.2, 4.1.2 and 4.1.3 show examples of mechanisms that can be

Section 4.1.2:

Q4-1-2_1: Please add a reference to JSON on first occurrence. I see that
section 3 no longer mentions JSON.

Q4-1-2_2: I suggest to add a reference to [I-D.ietf-oauth-pop-key-distribution]
also in this section, and indicate that it defines the format of the JSON