Last Call Review of draft-santesson-auth-context-extension-09
review-santesson-auth-context-extension-09-genart-lc-korhonen-2015-10-15-00

I am the assigned Gen-ART reviewer for this draft. For background on

Gen-ART, please see the FAQ at

<

http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Please resolve these comments along with any other Last Call comments

you may receive.

Document:draft-santesson-auth-context-extension-10

Reviewer: Jouni Korhonen

Review Date:

Oct-15-2015

IETF LC End Date: Oct-27-2015

IESG Telechat date:

not yet

Summary:

--------

Ready for publication as an Informational RFC.

Comments:

---------

I do not have deep expertise on the area this I-D covers. Having read it
through and knowing the solution is already deployed for few years I have no
technical comments.

Minor issues/nits:

------------------

1) IDNits result that need to be addressed:

   ** The abstract seems to contain references ([RFC5280], [SAML]), which it
      shouldn't.  Please replace those with straight textual mentions of the
      documents in question.

2) == Unused Reference: 'RFC5322' is defined on line 416, but no explicit
      reference was found in the text

3) Since this targets Informational RFC I wouldn't mind seeing all references

   except RFC2119 as informational references and not normative. We could argue

   whether RFC2119 language is needed at all (but no strong opinion here).

4) Introduction third paragraph:

   * expand SAML on the first occurrence

   * I would welcome a reference for "SAML federation"

5) Introduction eight paragraph:

   * expand CA on the first occurrence

6) Section 3.1.2:

   * expand OID on the first occurrence (now it comes after the paragraph

     explaining "Ref")

   * three times  s/REF/Ref