On Mon, 26 Nov 2012 15:18:39 -0500 (EST) Benjamin Kaduk <[email protected]> wrote:
> I have new commits up at https://github.com/kaduk/openafs/commits/prot > (HEAD is 67b21de). > d879f84 Remove channel-binding +1 > a80abb9 New CombineTokens prototype Typo: + <t hangText="GXGK_CT_PRINTED">One or more of the supplied tokens Should be RXGK_CT_PRINTED. Also, the new registry should be mentioned in a 'AFS-3 Registry Considerations' section, and the details of this and the values should probably be moved there. Otherwise, +1. > 6e8edde Allow key version number to wrap at 16 bits I'm not sure I see the point of making this optional, but okay. Nits at the language, though: + If rekeying would cause this value to wrap, then the key version number + can be stored locally "MAY be stored locally", I think? + key version number would wrap, that endpoint must terminate the + connection. "MUST terminate the connection" > 6f75718 Tokens SHOULD NOT expire late +1 > 67b21de Add Security Consideration for token expiry Isn't this missing a trailing "</section>" for the added 'Token Expiry' section? Otherwise, +1. -- Andrew Deason [email protected] _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
