Skip to main content

Last Call Review of draft-santesson-auth-context-extension-09
review-santesson-auth-context-extension-09-genart-lc-korhonen-2015-10-15-00

Request Review of draft-santesson-auth-context-extension
Requested revision No specific revision (document currently at 12)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2015-10-27
Requested 2015-10-01
Authors Stefan Santesson
I-D last updated 2015-10-15
Completed reviews Genart Last Call review of -09 by Jouni Korhonen (diff)
Genart Last Call review of -11 by Jouni Korhonen (diff)
Secdir Last Call review of -09 by Matthew A. Miller (diff)
Opsdir Last Call review of -09 by Éric Vyncke (diff)
Opsdir Telechat review of -11 by Éric Vyncke (diff)
Assignment Reviewer Jouni Korhonen
State Completed
Request Last Call review on draft-santesson-auth-context-extension by General Area Review Team (Gen-ART) Assigned
Reviewed revision 09 (document currently at 12)
Result Ready w/nits
Completed 2015-10-15
review-santesson-auth-context-extension-09-genart-lc-korhonen-2015-10-15-00
I am the assigned Gen-ART reviewer for this draft. For background on

Gen-ART, please see the FAQ at

<

http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Please resolve these comments along with any other Last Call comments

you may receive.

Document:draft-santesson-auth-context-extension-10

Reviewer: Jouni Korhonen

Review Date:

Oct-15-2015

IETF LC End Date: Oct-27-2015

IESG Telechat date:

not yet

Summary:

--------

Ready for publication as an Informational RFC.

Comments:

---------

I do not have deep expertise on the area this I-D covers. Having read it
through and knowing the solution is already deployed for few years I have no
technical comments.

Minor issues/nits:

------------------

1) IDNits result that need to be addressed:

   ** The abstract seems to contain references ([RFC5280], [SAML]), which it
      shouldn't.  Please replace those with straight textual mentions of the
      documents in question.

2) == Unused Reference: 'RFC5322' is defined on line 416, but no explicit
      reference was found in the text

3) Since this targets Informational RFC I wouldn't mind seeing all references

   except RFC2119 as informational references and not normative. We could argue

   whether RFC2119 language is needed at all (but no strong opinion here).

4) Introduction third paragraph:

   * expand SAML on the first occurrence

   * I would welcome a reference for "SAML federation"

5) Introduction eight paragraph:

   * expand CA on the first occurrence

6) Section 3.1.2:

   * expand OID on the first occurrence (now it comes after the paragraph

     explaining "Ref")

   * three times  s/REF/Ref