Reviewer: Yingzhen Qu Review result: Has Nits I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Document: draft-ietf-ace-extend-dtls-authorize-06 - Extension of the CoAP-DTLS Profile for ACE to TLS Reviewer: Yingzhen Qu Review Date: 2023-02-09 Summary: This document updates the CoAP-DTLS profile for ACE described in RFC 9202 to apply to TLS as well as DTLS. The document is ready, but the following nits may be considered by the authors before publication. Nits: General: This document is updating RFC 9202, so there are lots of abbreviations from RFC 9202. I’m not an expert in this field, I’d suggest expanding some of these terms when they are used for the first time in the document, such as CoAP, ACE. Question (line number from idnits): 114 The ace_profile parameter indicates the use of the DTLS profile for 115 ACE as defined in [RFC9202]. Therefore, the Client typically first 116 tries using DTLS to connect to the Resource Server. If this fails 117 the Client MAY try to connect to the Resource Server via TLS. The 118 client can try TLS and DTLS in parallel to accelerate the connection 119 setup. It is up to the implementation to handle the case where the 120 RS reponds to both connection requests. In case both the client and server support both TLS and DTLS, it says here “It is up to the implementation to handle”. However it also says “the client typically first tries using DTLS”, this seems to give priority to DTLS. Please clarify. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call