Reviewer: Sean Turner Review result: Ready with Nits Note I reviewed the -05 version and the editor’s diff to their working draft. Thanks for the well written doc. I really have only two questions and some nits: 1. Is “intercept” the right word in the following text from s3: In order to ensure that Clients do not encapsulate messages that other entities can intercept, the key configuration MUST be authenticated and have integrity protection. I do not usually think of authentication and integrity as a mitigation against interception. Maybe it’s that it just can’t be encrypted it must use AEAD? Or, maybe I missed something. 2. The text in s6.5 about the Client and Oblivious Relay not automatically attempting a retry makes me wonder if this protocol is applicable only to HTTP/2 and HTTP/3, but I know that’s not intended (see HTTP/1.1 examples)? How is a pre-HTTP/2 client supposed to know no processing occurred? Nits follow, but are in a PR (https://github.com/ietf-wg-ohai/oblivious-http/pull/221): s2: s/A Oblivious/An Oblivious s4.3: s/request request/request, request, s4.4:s/response response/response, response, s4.4, step 1: s/secret secret/secret, secret, s4.4, step 3: s/response_nonce/response_nonce. s4.4, step 5: s/nonce nonce/nonce, nonce, s5: s/For the request the/For the request, the s6.2: s/HTTP, a Oblivious/HTTP, an Oblivious s6.2:s/though it assumed to/though it is assumed s6.3: s:/ such those/such as those s7: s/critical prevent/critical to prevent Hobby Horse: When are HTTP examples going to switch to H2 or H3? -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
