Re: explicitly authenticated proxy: new draft

thanks a lot for the very good suggestions

br
Salvatore

On Jun 17, 2014, at 6:28 PM, "Smith, Kevin, (R&D) Vodafone Group" <Kevin.Smith@vodafone.com> wrote:

> Hi Salvatore,
> 
> Some feedback on the Abstract and section 1 of the draft. I'll provide any feedback on the remaining sections later in the week. Should any of these be approved, let me know if I can help with the editing.
> 
> Cheers!
> Kevin
> 
> Throughout: Suggest to change 'http://' to 'http' (since http is the name of the URI scheme). Same for https:// to 'https'
> 
> ## Abstract: I think most of this can be explained in the introduction, and that we simply define the scope here:
> 
> --start--
> Abstract
> 
> This document specifies the behaviour of an Explicitly Authenticated proxy as an intermediary of TLS-protected 'http' traffic over HTTP/2.
> --end--
> 
> ## Add new section on goals/non-goals. i.e. why we are doing this, and what we are not doing
> 
> --start--
> Goals and non-goals
> The primary goal is to define an intermediary to TLS-protected 'http' traffic, that operates with the knowledge 
> and explicit consent of the user
> 
> Non-goals are to define an intermediary for unprotected 'http' traffic over both HTTP/1.1 and HTTP/2, and for 'https' URIs. However the intermediary's expected behaviour for these cases is listed for completeness.
> --end--
> 
> ## Introduction (section 1). This is all good text but often repeats what is being discussed in the three referenced RFCs, which you have summarised well: so I suggest to remove the three explanatory paragraphs above 'Several drafts analysing[...]'.
> 
> Also for the last line of this section, needs to be explicit that this is TLS-protected http URIs:
> --start--
> This draft explicitly narrows down the general discussion to the role of Proxy as an intermediary of TLS-protected 'http' URIs over HTTP/2
> --end--
> 
> 
> 
> 
> 
> 
>

Received on Wednesday, 18 June 2014 13:14:51 UTC