[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: comments on wss-v1.1-spec-pr-UsernameTokenProfile-01.pdf
a couple of quick, arguably nit-level, editorial comments..
1. RFC 2119 is referenced in the para at line 231, but is not formally cited
there (ie "RFC 2119" is used rather than, say, "[RFC2119]"), nor is it listed
in the section "16 References". Since this is the basis of the normative MUST,
SHOULD, MAY, etc language, it probably should be fixed up.
2. Although "Appendix D: SecurityTokenReference Model" is clearly claimed as
non-normative in the introductory sentence at line 2319, and again in its final
line (2418), it contains capitalized instances of MUST (line 2362), MAY (line
2366), RECOMMENDED (line 2383), and RECOMMENDS (line 2408; and technically not
a rfc2119 term).
Given this excerpt of rfc2119..
6. Guidance in the use of these Imperatives
Imperatives of the type defined in this memo must be used with care
and sparingly. In particular, they MUST only be used where it is
actually required for interoperation or to limit behavior which has
potential for causing harm (e.g., limiting retransmisssions) For
example, they must not be used to try to impose a particular method
on implementors where the method is not required for
interoperability.
..I suggest that if we do indeed intend Appendix D to be non-normative, that we
lowercase the 4 words cited above. Else, we consider making appendix D
normative (and leave the words as-is).
JeffH
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]