I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please resolve these comments along with any other Last Call comments
you may receive.
Document: draft-salowey-tls-rfc4507bis-00
Reviewer: Robert Sparks
Review Date: 21Aug07
IETF LC End Date: 22Aug07
IESG Telechat date: (if known)
Summary: This draft is basically ready for publication as proposed
standard. It has some
minor nits to consider prior to publication.
Comments:
1) The first paragraph of section 3 says:
This specification defines a mechanism .... (implying one)
Implementations ... are expected to support both mechanisms.
(implying two)
What are the two mechanisms? Could this introduction be phrased
to make that more obvious?
2) The caption for figure 2 is misformatted (and contains TAB
characters)
3) Should the references to 2246 at the bottom of page 5 and in
Sections 5.6 point to 4346 instead?
I also was curious about whether the cookie approach to detecting
4507 clients introduced any new
points of vulnerability, but I'm not the person to do that analysis
so I asked ekr. When you were putting
this together, did you have any discussion about that? Apologies if
it's just dead obvious there's no
potential issue.
RjS
_______________________________________________
Gen-art mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/gen-art
