Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization
RFC 8443

Note: This ballot was opened for revision 03 and is now closed.

Ben Campbell (was Discuss) Yes

Comment (2018-05-17 for -05)
No email
send info
Thank you for addressing my first discussion point and comments. I still have a concern on the second discuss point:

   o  The verification of the signature MUST include means of verifying
      that the signer is authoritative for the signed content of the
      resource priority namespace in the PASSporT."

The authors explained via email that they expect this to depend on some ATIS work. I understand that such work is in progress, but has not reached the point of being citable. I don't want to see this document blocked on that work, so I cleared my discuss. However, I still think it would be a good idea to add some scoping text early in the document to the effect that this mechanism is intended for environments where some means of verifying that the signer is authoritative is available. (In addition to keeping the normative text in §7.2)

Spencer Dawkins Yes

Adam Roach Yes

Deborah Brungard No Objection

Alissa Cooper No Objection

Benjamin Kaduk No Objection

Comment (2018-04-18 for -03)
No email
send info
I support Ben's discuss.

Thank you for working with the secdir reviewer to address those
comments; I think it will really improve the document.

In a similar vein, I wonder if this document would be easier to read
if it used less formal description terms for protocol elements that
are currently referred to by using the actual protocol element (with
quotes around the name).  For example, "SIP resource priority
header" instead of "'Resource-Priority' header field", or "priority
indicator" instead of "'namespace"."priority value"'.

I'm a little confused why the new registry created in Section 6.2 is
tied to the "resource priority header" (rph) name, when the discussion
in Section 5 has some potential envisioned use cases that are
broader than resource priority.

As Ben notes, there are some stale references.  Please double-check
the referred section numbers as well; in particular "Section 10.1 of
[4474bis]" does not exist in the only February-2017 verions of that

Section 7.2 uses "authority" in a couple of different senses; it
might be easier on the reader to refer to the authority (protocol
participant) as being "authoritative for the content of [stuff] that
it signs".

Suresh Krishnan No Objection

Mirja Kühlewind No Objection

Terry Manderson No Objection

Alexey Melnikov No Objection

Eric Rescorla No Objection

Alvaro Retana No Objection

Martin Vigoureux No Objection

Ignas Bagdonas No Record

Comment (2018-04-19 for -03)
No email
send info
NO RECORD, ran out of time for reviewing this document.