Last Call Review of draft-ietf-tokbind-https-15
review-ietf-tokbind-https-15-secdir-lc-gondrom-2018-05-18-00

Request Review of draft-ietf-tokbind-https
Requested rev. no specific revision (document currently at 18)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-03-12
Requested 2018-02-26
Draft last updated 2018-05-18
Completed reviews Secdir Last Call review of -15 by Tobias Gondrom (diff)
Genart Last Call review of -14 by Linda Dunbar (diff)
Opsdir Last Call review of -14 by Tim Chown (diff)
Assignment Reviewer Tobias Gondrom
State Completed
Review review-ietf-tokbind-https-15-secdir-lc-gondrom-2018-05-18
Reviewed rev. 15 (document currently at 18)
Review result Ready
Review completed: 2018-05-18

Review
review-ietf-tokbind-https-15-secdir-lc-gondrom-2018-05-18

Reviewer: Tobias Gondrom

Review result: Ready

 

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.

These comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

 

Overall the document looks good, ready to go. 

In my review, I did not find any material concerns with the document, and no
nits. 

It is good that the security considerations part is quite detailed and
reflects the main security risks. 

Additionally also appreciated that privacy considerations are also
reasonably addressed in section 8. In case of this particular protocol time
well spent to spell this out. 

 

Ready to release. 

 

Best regards, Tobias

 

 

Ps.: apologies for my delay in sending out the review.