Thanks for your review Benoit. I'm adding the working group to the thread so they're aware of your comments. Replies inline below...
> -----Original Message----- > From: Benoit Claise [mailto:bcla...@cisco.com] > Sent: Monday, October 13, 2014 6:34 AM > To: The IESG > Cc: Tom Taylor; oauth-cha...@tools.ietf.org; draft-ietf-oauth-saml2- > bea...@tools.ietf.org > Subject: Benoit Claise's Discuss on draft-ietf-oauth-saml2-bearer-21: (with > DISCUSS and COMMENT) > > Benoit Claise has entered the following ballot position for > draft-ietf-oauth-saml2-bearer-21: Discuss > > When responding, please keep the subject line intact and reply to all email > addresses included in the To and CC lines. (Feel free to cut this introductory > paragraph, however.) > > > Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > http://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > No objection on the document itself, but, as rightly noted by Tom Taylor in > the > OPS-DIR review: > Process issue: IDnits complains of a normative reference to Informational > document RFC 6755. This was NOT noted in the Last Call announcement (but > was noted in the Shepherd writeup). No operational issue identified beyond > what is already covered by the Interoperability Considerations section. > > As an example, in the case of > http://datatracker.ietf.org/doc/rfc7317/history/, I had to redo the IETF LC > with > the appropriate statement (based on a DISCUSS from my fellow-AD). > We should be consistent here. Barry Leiba had written in response to this "I think the right answer here is to make 6755 an informative reference: it's not needed to understand this document, and is only used as a reference to the document where the namespace was created." I agree that this resolution would be fine. > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Editorial Nits: > > S2.2: The paragraph before the actual example uses terminology inconsistent > with RFC 6749: > > s/authorization code grant/authorization grant/ Per my reply on October 6 to Tom Taylor's review which made the same comment, actually, RFC 6749 uses both terms. Authorization grant is the generic term. Authorization Code Grant (defined in Section 4.1 of 6749) is a specific kind of authorization grant. The text is correct as-is. Thanks again, -- Mike _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
