Thanks, I'm working on tracking down stable references for these and will have a new version published addressing this feedback shortly.
Aaron On Thu, Jan 16, 2025 at 6:54 AM Rifaat Shekh-Yusef <rifaat.s.i...@gmail.com> wrote: > Section 11: RFC6819 is a normative reference, but it is Informational. >> We need to call that out in the IETF Last Call, and I have to approve the >> downref (which I will do). > > > Looking at the text in the document that references this RFC, it does not > look like any of these references are normative references. > I think this should be moved to the informative section. > > Regards, > Rifaat > > > > On Thu, Jan 16, 2025 at 9:27 AM Deb Cooley <debcool...@gmail.com> wrote: > >> Here are the comments on my AD review of this draft. Most of them will >> be easy to fix, except for the normative references to changeable >> standards: >> >> General: There are more than a couple of Normative references that are >> pointing to 'living documents'. From my reading of the draft these >> include: Cookie Prefixes, Fetch, Web-messaging, service-workers, >> webstorage. If at all possible, we need to find a way to specify a >> particular version via commit, snapshot, archive to make an immutable >> version. Or find a way to make them Informative. Basically this draft >> will be an RFC - immutable, yet a few of the Normative references are >> changeable. >> >> BCP 14 boilerplate: idnits (a little blue button '! Nits' on the line >> above the text of the draft on the main datatracker page). is throwing >> errors on the BCP14 boilerplate. Ideally, I'd like these fixed before >> moving this along (it just eliminates problems down the road). >> >> Section 6.1.3.2, para 4: '...the BFF SHOULD encrypt its cookie contents.' >> Why not a MUST? Under what circumstances would it be reasonable to ignore >> this SHOULD? >> >> Section 6.1.3.2, last para: Add this to the (Informative) references. >> >> Section 6.3.4.2.2, first para: Add 'CrytoKeyPair' to the (Informative) >> references. >> >> Section 7.4, first para, last sentence: Nit: 'This restrictions' should >> either be 'these restrictions' or 'this restriction'. >> >> Section 11: RFC6819 is a normative reference, but it is Informational. >> We need to call that out in the IETF Last Call, and I have to approve the >> downref (which I will do). >> >> Deb >> Sec AD for oauth >> >
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
