I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Document: draft-ietf-httpauth-scram-auth-14 Reviewer: Ralph Droms Review Date: 2015-13-9 IETF LC End Date: 2015-12-16 IESG Telechat date: (if known) Summary: This draft is ready for publication as an Experimental RFC. Major issues: None. Minor issues: None. Nits/editorial comments: Nicely written, very clear document. idnits reports some lines too long and an unused reference. In the third paragraph of the Introduction, I suggest removing the parentheses and editing the second sentence for clarity; specifically, what is "SCRAM data"? You could probably omit the parentheses in the second paragraph of Setion 3, as well, I'm likely just arguing style. The last sentence of the last paragraph of sectino 3 was unclear to me: which messages are referred to? I think, in the phrase "fail the authentication" in the fifth paragraph of section 8, you are using "fail" as a transitive verb, as in "the client considers the authentication of the message to have failed". If I have that write, I suggest rewriting the containing sentence to improve the clarity. Attachment: signature.asc Description: Message signed with OpenPGP using GPGMail