This is a set of first impressions and should not be construed as an actual review of the document.
1. Section 4 s/for a user to user a different/for a user to use a different/ Issues: 1. application specific choice of identities 2. separation of ABFAB identities from other GSS-API credentials 3. Ordering of identity choice for least privilege principles 4. Identification of non password based credentials - where does the secret come from? Credential may or may not be usable based on the state of a plug in token as an example. _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
