# AD Review of draft-ietf-httpbis-client-cert-field-04 cc @fpalombini Thank you for this document. No major comments from me, only one comment around a normative MUST and some nits, which you can address together with any other last call comments. I also note that the consensus of the wg is for it to be informational, which is fine since I understand this document is meant to be the reference specification for two IANA registrations that are "specification required", but it read to me as a standard track doc. As the wg has discussed and gotten consensus around informational, I don't expect any change, just bringing it up one last time before LC since I expect there might be more comments in LC and IESG eval. ## Comments ### MUST prevent unintended use Section 4: > Therefore, steps MUST be taken to prevent unintended use, both in sending the header field and in relying on its value. This might simply be a formulation problem, but when I read it I am not sure this is a MUST the reader will know how to implement. ## Nits ### Editorial nits Section 4: > The configuration options and request sanitization are necessarily functionally of the respective servers. s/necessarily functionally/necessary functions ? ### Considerations considered Funny title for Appendix B :) Where are the considerations not considered? ## Notes This review is in the ["IETF Comments" Markdown format][ICMF], You can use the [`ietf-comments` tool][ICT] to automatically convert this review into individual GitHub issues. [ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md [ICT]: https://github.com/mnot/ietf-commentsReceived on Monday, 6 February 2023 16:42:29 UTC
This archive was generated by hypermail 2.4.0 : Monday, 6 February 2023 16:42:31 UTC