Document: draft-salowey-tls-rfc4507bis-00
Reviewer: Robert Sparks
Review Date: 21Aug07
IETF LC End Date: 22Aug07
IESG Telechat date: (if known)

Summary: This draft is basically ready for publication as proposed standard. It has 
some minor nits to consider prior to publication.

Comments:

1) The first paragraph of section 3 says:
        This specification defines a mechanism .... (implying one)
        Implementations ... are expected to support both mechanisms.  
(implying two)
      What are the two mechanisms? Could this introduction be phrased to make that 
more obvious?


2) The caption for figure 2 is misformatted (and contains TAB
characters)

3) Should the references to 2246 at the bottom of page 5 and in Sections 5.6 point to 
4346 instead?

I also was curious about whether the cookie approach to detecting
4507 clients introduced any newpoints of vulnerability, but I'm not the person 
to do that analysis so I asked ekr. 
When you were putting this together, did you have any discussion about that? 
Apologies if it's just dead obvious there's no potential issue.