Document: draft-krb-wg-ananon-12.txt Reviewer: Elwyn Davies Review Date: 2010-09-10 IETF LC End Date: 2010-09-10 ESG Telechat date: (if known) Summary: Essentially ready for the IESG. There are three vital client checks that need to be done but are not externally visible/testable as part of this protocol and so ought not to use RFC 2119 MUSTs. However I note that failure of a client to perform these checks might be visible if the allegedly anonymous ticket was used as part of another exchange. There are also a few nits. Major Issues: Minor Issues: s4.3, para 3: The 'MUST' is not enforceable: certainly the client needs to check it has got what it asked for but this isn't a protocol requirement. Maybe s/the client MUST check to make sure/it is essential for the client to check/ s6, para 4: As in s4.3, the first MUST is not enforceable.s/MUST/needs to/ s8, para 2: same problem again. Nits/editorial: s4, para 1: s/an TGS/a TGS/ s4.1, para 6: It might be helpful to give a little more guidance about what might reveal the client's identity, or at least provide a pointer back to s3's list of what *can* be included. s4.1.1, para 1: The section title and usage elsewhere is 'Anonymous PKINIT': should this para have s/anonymity/anonymous/? s4.2, lat para: s/the TGS MAY omit the previous realm if the cross realm TGT is an anonymous one in order to hide/the TGS MAY omit the previous realm, if the cross realm TGT is an anonymous one, in order to hide/ s4.3, para 7: s/preformed/performed/ s6, para 3: s/insure/ensures/ [otherwise which Insurance Company should it use?]