thanks for the review Paul. I noticed I didn't respond to some portions of your
message that didn't get transformed into issue tickets. here goes...
Significant:
This document pretends that the TLSA protocol from the DANE WG will not
exist.
this item is captured in http://trac.tools.ietf.org/wg/websec/trac/ticket/39
and has been discussed in a separate thread..
https://www.ietf.org/mail-archive/web/websec/current/msg01141.html
Moderate:
In section 8.1.2, I don't know what ignoring separator characters means,
and suspect it will cause pain if left this way.
That phrase is simply deleted in my -07 working copy.
[I-D.ietf-tls-ssl-version3] is not a work in progress. I'll take this up
on the rfc-interest mailing list, and nothing needs to be done here.
That is addressed in my working copy via ref of (the recently published)
[RFC6101] instead.
RFC 2818 is listed as a normative reference, and yet it is Informational.
This will need to be called out in the PROTO report. Alternately, it can be
called an informative reference, since one does not need to understand it
in order to implement this document.
this item was addressed by Alexey in his reply here..
https://www.ietf.org/mail-archive/web/websec/current/msg01104.html
I have alerted the idna-update mailing list of this WG LC. This might cause
some helicoptered-in comments, but better now than during IETF LC.
I had noticed that. I'll followup there once -07 is pub'd. Note that I'd
engaged in non-trivial discussions there on idna-update@ about various aspects
of -strict-transport-sec back in Sep-2011...
http://www.alvestrand.no/pipermail/idna-update/2011-September/007140.html
..and I have some hopefull-improved IDNA language in my -07 working copy.
Editorial:
annunciate (used a few times) is a fancy word for announce. Maybe use
the far more common word instead.
In section 3.1, suboptimal downside is unclear. Is there an optimal
downside? I suggest replacing it with negative.
The lead sentences in sections 11.2, 11.4, and 11.5 lack verbs; verbs are
used in 11.1 and 11.3. This should be an easy fix.
the above are captured in issue ticket #40
http://trac.tools.ietf.org/wg/websec/trac/ticket/40
thanks again,
=JeffH
___
websec mailing list
websec@ietf.org
https://www.ietf.org/mailman/listinfo/websec