Apologies for the slow reply, I've been buried in work recently: >p. 19, section 3.3.1, British spelling of authorization is used >(authorisation). RFC editor may want to change or author may want to change >to US spelling. The author speaks British English :-). As I told a US Customs person some years ago, "madam, I speak the Queen's English". I'm not sure they were impressed. Peter. ________________________________________ From: Susan Hares <shares@xxxxxxxx> Sent: Thursday, 26 April 2018 22:28 To: ops-dir@xxxxxxxx Cc: draft-gutmann-scep.all@xxxxxxxx; ietf@xxxxxxxx Subject: Opsdir telechat review of draft-gutmann-scep-10 Reviewer: Susan Hares Review result: Ready caveat: I am not a security expert famliy with the deployment of the SCEP protocol. If an operational experience with this protocol is required for this review, I suggest you obtain a secondary review. General comments: The document summarizes in a readable fashion all the issues I could image regarding this protocol's deployment issues. Issues of scale and security have been examined. Editorial: p. 19, section 3.3.1, British spelling of authorization is used (authorisation). RFC editor may want to change or author may want to change to US spelling. p. 26 - I appreciate the use of non-idempotent and idempotent in this section. I hope this is normal language for the security area.
