Hi Peter, thanks for your review. Comments inline. On Thu, Aug 29, 2013 at 11:21 PM, Peter Yee <pe...@akayla.com> wrote:
> I am the assigned Gen-ART reviewer for this draft. For background on > Gen-ART, please see the FAQ at > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq> > > Please resolve these comments along with any other Last Call comments you > may receive. > > Document: draft-ietf-repute-media-type-10 > Reviewer: Peter Yee > Review Date: August-27-2013 > IETF LC End Date: August-29-2013 > IESG Telechat date: September-12-2013 > > Summary: This draft is on the right track but has open issues, described in > the review. [Ready with minor issues.] > > This draft directs IANA to register an application/reputon+json media type. > It also defines a new IANA registry for reputation application-specific > uses > of that media type. > > Major issues: > > Minor issues: > > Authenticity and confidence ratings seem to be used interchangeably in the > document. Authenticity is never defined, but it appears that it may > previously have been used in place of confidence. The example spanning > pages 9 and 10 notes a confidence of 95% but uses that for the (undefined > in > the document) authenticity value instead of the confidence value. Either > define authenticity (which is absent in Section 3.1) or switch to > confidence. > This is actually a mistake. Earlier versions had something called rater-authenticity and did define it, but that component of a reputon has since been removed in favour of "normal-rating". There are still some vestiges of the old text in there, which is causing this confusion. I'll clean it up. > > Section 3.1, definition of rater: the wording of this definition could be > interpreted to mean either the party that is returning the rating > information in response to the query but which is not necessarily the party > creating the rating, or it could mean the party that created the rating. > This may go back to the muddled concept of authenticity (which seems to be > used to mean how much an unspecified "someone" believes that the rating > originated with the named rater) vs. confidence (how confident the rater is > in the rating). This definition should be cleared up to remove the > ambiguity that floats throughout the document. > Changing it to "The identity of the entity aggregating, computing, and providing the reputation information, typically expressed as a DNS domain name." I can't think of a case where the party receiving the query is not also at least within the same ADMD as the party doing the computation, so this seems like the right definition to me. > Nits: > [...] > All fixed. The "auth-value" one was old, as described above. Thanks! -MSK
