[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] comments on wss-v1.1-spec-pr-SOAPMessageSecurity-01 (was:comments on wss-v1.1-spec-pr-UsernameTokenProfile-01.pdf)
> The subject line reads against UsernameToken but I gather this comment > is for the WSS:SOAP Message Security document yes, thanks, you're correct, the comments are on: wss-v1.1-spec-pr-SOAPMessageSecurity-01 I've corrected the subject: on this message; original msg content below. JeffH ----- a couple of quick, arguably nit-level, editorial comments.. 1. RFC 2119 is referenced in the para at line 231, but is not formally cited there (ie "RFC 2119" is used rather than, say, "[RFC2119]"), nor is it listed in the section "16 References". Since this is the basis of the normative MUST, SHOULD, MAY, etc language, it probably should be fixed up. 2. Although "Appendix D: SecurityTokenReference Model" is clearly claimed as non-normative in the introductory sentence at line 2319, and again in its final line (2418), it contains capitalized instances of MUST (line 2362), MAY (line 2366), RECOMMENDED (line 2383), and RECOMMENDS (line 2408; and technically not a rfc2119 term). Given this excerpt of rfc2119.. 6. Guidance in the use of these Imperatives Imperatives of the type defined in this memo must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions) For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability. ..I suggest that if we do indeed intend Appendix D to be non-normative, that we lowercase the 4 words cited above. Else, we consider making appendix D normative (and leave the words as-is). JeffH
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]