The changes requested in the Gen-ART review of the -03 version have been made in the -04 version of this draft. Thanks, --David > -----Original Message----- > From: Black, David > Sent: Tuesday, November 22, 2011 5:51 PM > To: rbarnes at bbn.com; martin.thomson at andrew.com; james.winterbottom at andrew.com; > Hannes.Tschofenig at gmx.net; gen-art at ietf.org > Cc: Black, David; Robert Sparks; geopriv at ietf.org > Subject: Gen-ART review of draft-ietf-geopriv-policy-uri-03 > > I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, > please see the FAQ at . > > Please wait for direction from your document shepherd > or AD before posting a new version of the draft. > > Document: draft-ietf-geopriv-policy-uri-03 > Reviewer: David L. Black > Review Date: November 22, 2011 > IESG Telechat date: December 1, 2011 > > Summary: This draft is basically ready for publication, but has nits that > should be fixed before publication. > > This draft specifies policy URIs for management of privacy policy for location > information obtained and maintained by Location Configuration Protocols (LCPs). > The draft is clear and well written. > > All of the topics raised by the GenART review of the -02 version are addressed > in the -03 version, except that an unfortunate sentence structure has neutered > one of the agreed-to resolutions (PUT and DELETE requests SHOULD always be > rejected for http: URIs). > > The following changes should be made to correctly capture the intent (this is > a normative change): > > Section 7.1: > OLD > If other means of protection are available, an "http:" URI MAY be used. > NEW > If other means of protection are available, an "http:" URI MAY be used, > but location servers SHOULD reject all PUT and DELETE requests for policy > URIs that use the "http:" URI scheme. > END > > Section 7.2: > OLD > When neither application-layer or network- > layer security is provided, location servers MUST reject requests > using the PUT and DELETE methods, and SHOULD reject PUT and DELETE > requests for policy URIs that use the "http:" URI scheme. > NEW > When neither application-layer or network- > layer security is provided, location servers MUST reject requests > using the PUT and DELETE methods. > END > > idnits 2.12.12 did not find anything that needs attention. > > Thanks, > --David > ---------------------------------------------------- > David L. Black, Distinguished Engineer > EMC Corporation, 176 South St., Hopkinton, MA  01748 > +1 (508) 293-7953             FAX: +1 (508) 293-7786 > david.black at emc.com        Mobile: +1 (978) 394-7754 > ----------------------------------------------------