Thanks, Stephen. I'll try to apply the suggested changes before the cutoff.
-- Mike
-----Original Message-----
From: Stephen Farrell [mailto:[email protected]]
Sent: Monday, March 13, 2017 8:28 AM
To: The IESG <[email protected]>
Cc: [email protected]; Hannes Tschofenig
<[email protected]>; [email protected]; [email protected];
[email protected]
Subject: Stephen Farrell's No Objection on draft-ietf-oauth-amr-values-07:
(with COMMENT)
Stephen Farrell has entered the following ballot position for
draft-ietf-oauth-amr-values-07: No Objection
When responding, please keep the subject line intact and reply to all email
addresses included in the To and CC lines. (Feel free to cut this introductory
paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-oauth-amr-values/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
Thanks for clarifying that amr represents classes of auth methods and not
(always) individual methods, that all makes more sense now;-)
I think you might usefully add the phrase "classes of" (or similar) to the
draft in a few places to help folks understand that, in particular, I spotted
two places where I think something like that'd be good:
1. in the definition, I'd suggest:
OLD:
amr
OPTIONAL. Authentication Methods References. JSON array of
strings that are identifiers for authentication methods used in
the authentication.
NEW:
amr
OPTIONAL. Authentication Methods References. JSON array of
strings that are identifiers for classes of authentication methods used in
the authentication.
2. In the IANA considerations and DE guidance, maybe make the name of the new
registry reflect that these are classes, in case someone gets confused only
having looked at the IANA pages without reading the RFC, and perhaps point the
DE guidance back to the top bit where you explain this stuff and add "classes
of" in a few places in the template to save the DEs having to explain that over
and over to people who just copy templates.
Thanks,
S.
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth