Reviewer: Yaron Sheffer Review result: Has Issues ### What are groups? In Sec. 2, a group is defined as a "group of people". Directories often support groups of resources, too. Also, can groups be hierarchical, i.e. contain other groups? ### Principal type Why is the type not immutable? It is just as security-sensitive as the name, maybe more so. ### Time zone ID I think you mean time zone name, and please include an example such as America/Los_Angeles. ### Filter definition "Looks for the text" is very informal wording. Perhaps: the filter matches if the filter string is a substring of the name (email, etc.) property. Also, I assume (but you do not say) that all filter properties are optional. ### Spoofing The type and email properties are also sensitive. And probably capabilities. ### ShareNotification Object Properties Why is the changedBy property restricted to a Person? What about cases when it's an application that makes the change? ### ShareNotifiction sent to a group principal For some reason this is SHOULD NOT. IMO this is a security feature, and often has a trade off vs. usability, so it should be left to the server's discretion. There may be cases when an object is shared with a small group, and members of that group would want to be updated if another sharer is added. ### Object Properties objectType Where is the list of possible data types defined? ### ShareNotification Filtering Again, please specify that each of the FilterCondition properties is optional. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
