Last Call Review of draft-ietf-stir-passport-09
review-ietf-stir-passport-09-opsdir-lc-wijnen-2016-11-03-00

Request Review of draft-ietf-stir-passport
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2016-11-01
Requested 2016-10-22
Draft last updated 2016-11-03
Completed reviews Genart Last Call review of -09 by Roni Even (diff)
Opsdir Last Call review of -09 by Bert Wijnen (diff)
Assignment Reviewer Bert Wijnen
State Completed
Review review-ietf-stir-passport-09-opsdir-lc-wijnen-2016-11-03
Reviewed rev. 09 (document currently at 11)
Review result Ready
Review completed: 2016-11-03

Review
review-ietf-stir-passport-09-opsdir-lc-wijnen-2016-11-03

I did OPS-DIR review for this document.
I think that from an OPS point of view the document is ready for publication.
I do not see any concerns for operations and/or network management.

I cannot say that I can follow all the example encodings
specifically the cpmpact ones.
I would probably have to study some of the referenced RFCS
in more detail before I can make sense out of them.

While I was at it, I found someNits and/or typos:

The abstract states:


                            The PASSporT token is cryptographically
   signed to protect the integrity of the identity the originator and to
   verify the assertion of the identity information at the destination.

s/the identity the originator/the identity of the originator/
Or so I think.

section 5.1.1 states:


                   As defined the "iat" should be set to the date and
   time of issuance of the JWT and MUST the origination of the personal
   communications.  The time value should be of the format defined in
   [RFC7519] Section 2 NumericDate.

Is that a correct sentence? or is the a verb missing around
   "the JWT and MUST the origination" ???

Section 5.2.2



5.2.2. "mky" - Media Key claim Why such a cryptic "mky". Why not "mkey" ?? I can live with it. I just wonder why we make it more 


cryptic than needed. Section 10.2 2nd bullet        In many applications, the end user represented by the asserted



      identity represents and signer may not be one in the same


I do/did not know the term "one in the same". I do know "one and the same". I guess other people may have the same knowledge as I do 


(as non native English speaker) Bert