[Gen-art] Gen-ART review of draft-ietf-karp-threats-reqs-05

I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at . Please resolve these comments along with any other Last Call comments you may receive. Document: draft-ietf-karp-threats-reqs-05 Reviewer

Re: [Gen-art] Gen-ART review of draft-ietf-dnsop-dnssec-dps-framework-08

On 2012-07-18, at 11:49, Russ Housley wrote: > So a DNSSEC signer starts under one set of documents, and then for whatever > reason, the policy changes and the parties validating the signature have no > means to determine that the signer is following a new policy. They have means, they just do

Re: [Gen-art] Gen-ART review of draft-ietf-dnsop-dnssec-dps-framework-08

Joe You're right, I did miss your point, quite thoroughly :-) I am guessing that the answer is that there's no corresponding facility in DNSSEC to for a policy identifier to be published with a DNSKEY RR, but I say that largely ignorant of X.509 and attendant CA policy and hence perhaps am st

Re: [Gen-art] Gen-ART review of draft-ietf-dnsop-dnssec-dps-framework-08

Joe: >> I think you missed my point. In a PKI, when the issuer significantly >> changes the policy, subsequent certificates have a different policy >> identifier. I do not see a similar concept here. > > You're right, I did miss your point, quite thoroughly :-) > > I am guessing that the ans

Re: [Gen-art] [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt

On 17/07/2012 19:01, Mike Jones wrote: You should actually probably make that name change request to the HTTPbis working group. I suspect that if they decide to change the name, that we could direct the RFC editor to make the same name change as HTTPbis does. It looks like the discussion of ch