Last Call Review of draft-ietf-appsawg-rfc3536bis-
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
This draft provides definitions for a set of terms commonly used in internationalization in the IETF, that is terms having to do with the representation of text strings that
appear in protocols in different languages, writing systems, and alphabets. In the security considerations sections the authors point out that since this draft consists of definitions
of terminology having to do with the representation of text strings, it has only an indirect connection with security in some authentication methods may rely on the comparison of
text strings. However, I don't see anything in the definition of terms here that would negatively impact the ability to discuss or specify such security methods, so I don't see any
security issues here.
One nit, having nothing to do with security: I found the phrase
"Internet users must be
able to be enter text in typical input methods and displayed in any
in the introduction somewhat hard to parse. Does it mean that 1) users should be able to use any of a set of typical input methods and
2) it should be possible to display the results in any human language, or that users should be able to enter text from any human
language using typical input methods?
Naval Research Laboratory
4555 Overlook Ave., S.W.
Washington DC, 20375
catherine.meadows at nrl.navy.mil