Last Call Review of draft-klensin-idna-unicode-review-03
review-klensin-idna-unicode-review-03-secdir-lc-wood-2019-09-10-00
Request | Review of | draft-klensin-idna-unicode-review |
---|---|---|
Requested revision | No specific revision (document currently at 05) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2019-08-30 | |
Requested | 2019-08-02 | |
Authors | Dr. John C. Klensin , Patrik Fältström | |
I-D last updated | 2019-09-10 | |
Completed reviews |
Secdir Last Call review of -03
by Christopher A. Wood
(diff)
Genart Last Call review of -02 by Joel M. Halpern (diff) |
|
Assignment | Reviewer | Christopher A. Wood |
State | Completed | |
Request | Last Call review on draft-klensin-idna-unicode-review by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/WKjh3DM8tPxd5c4vV4A5mjeHVG4 | |
Reviewed revision | 03 (document currently at 05) | |
Result | Has nits | |
Completed | 2019-09-10 |
review-klensin-idna-unicode-review-03-secdir-lc-wood-2019-09-10-00
This document looks mostly good to go. I only have a few questions and some various editorial nits. Questions: - Section 4, last paragraph: Will code points "considered unsafe" be labelled as such, and if so, where? In the derived property IANA tables? (Assuming those tables are kept.) - Section 5, second paragraph: How will the success of this document's proposed changes be measured in order to determine if further steps towards minimizing confusion are needed? Nits: - Section 2, first paragraph, first sentence: It seems a comma is missing after [RFC3491] reference, i.e., "..., commonly known as "IDNA2003" [RFC3490] [RFC3491], ...". - Section 3, second paragraph: s/full Unicode versions/major Unicode versions? - Section 3.1: s/also concluded that maintain Unicode/also concluded that Unicode? - Section 4, third paragraph: Is the requirement that changes which are "documented" redundant with the following "explained" requirement? (That is, perhaps just say "... must be documented and explained." - Security Considerations, second paragraph: Do "end users" include systems that process or interpret Unicode values? If not, it might help to specifically call them out, as problems may arise from misinterpretation there.