On 2014-12-27 04:15, Black, David wrote:
The -08 draft addresses all of the important issues in the combined Gen-ART
and OPS-Dir review of the -07 version, and is a definite improvement over
its -07 version.
Based on discussion of item [5], there are a couple of remaining editorial
nits in Section 5.3:
During the authentication phase, if the server cannot determine the
correct CPK, it could use HTML and JavaScript to ask the user if they
are really a new user or want to associate this new CPK with another
CPK. The server can then use some out-of-band method (such as a
"can" -> "should"
confirmation email round trip, SMS, or an UA that is already
enrolled) to verify that the "new" user is the same as the already-
enrolled one. Thus, logging in on a new user agent is identical to
logging in with an existing account.
If the server does not recognize the CPK the server might send the
client through a either a join or login-new-UA (see below) process.
"might" -> "should"
I agree w/the draft editor that these are matters of editorial taste.
Thanks,
--David
For the record: I strongly disagree with the proposal to insert
lower-cased BCP 14 keywords.
Best regards, Julian