WWW/2002/ws/ra/edcopies wsenum.html,1.49,1.50 wsenum.xml,1.41,1.42

Update of /w3ccvs/WWW/2002/ws/ra/edcopies
In directory hutz:/tmp/cvs-serv30440

Modified Files:
	wsenum.html wsenum.xml 
Log Message:
7193


Index: wsenum.html
===================================================================
RCS file: /w3ccvs/WWW/2002/ws/ra/edcopies/wsenum.html,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -d -r1.49 -r1.50
--- wsenum.html	18 Aug 2009 20:54:30 -0000	1.49
+++ wsenum.html	18 Aug 2009 21:25:03 -0000	1.50
@@ -88,8 +88,8 @@
      this enumeration context over the span of one or more SOAP
      messages.
     </p><p>
-     Somewhere, state must be maintained regarding
-     the progress of the iteration. This state may be maintained between
+     Somewhere, state MUST be maintained regarding
+     the progress of the iteration. This state MAY be maintained between
      requests by the data source being enumerated or by the data
      consumer. WS-Enumeration allows the data source to decide, on a
      request-by-request basis, which party will be responsible for
@@ -101,33 +101,33 @@
      the body of a SOAP message. Each subsequent Pull operation returns
      the next N elements in the aggregate sequence.
     </p><p>
-     A data source may provide a custom mechanism for
+     A data source MAY provide a custom mechanism for
      starting a new enumeration. For instance, a data source that
-     provides access to a SQL database may support a SELECT operation
+     provides access to a SQL database can support a SELECT operation
      that performs a database query and uses an explicit database cursor
      to iterate through the returned rows. In general, however, it is
      simpler if all data sources support a single, standard operation to
      start an enumeration. This specification defines such an operation,
-     Enumerate, that data sources may implement for starting a new
+     Enumerate, that data sources MAY implement for starting a new
      enumeration of a data source. The Enumerate operation is used to
      create new enumeration contexts for subsequent traversal/retrieval.
      Each Enumerate operation results in a distinct enumeration context,
      each with its own logical cursor/position.
     </p><p>
-     It should be emphasized that different
-     enumerations of the same data source may produce different results;
-     this may happen even for two enumeration contexts created
+     Note that different
+     enumerations of the same data source can produce different results;
+     this can happen even for two enumeration contexts created
      concurrently by a single consumer using identical Enumerate
-     requests. In general, the consumer of an enumeration should not
+     requests. In general, the consumer of an enumeration SHOULD NOT
      make any assumptions about the ordering or completeness of the
      enumeration; the returned data items represent a selection by the
      data source of items it wishes to present to that consumer at that
      time in that order, with no guarantee that every available item is
      returned or that the order in which items is returned has any
      semantic meaning whatsoever (of course, any specific data source
-     may provide strong guarantees, if so desired). In particular, it
-     should be noted that the very act of enumerating the contents of a
-     data source may modify the contents of the data source; for
+     can provide strong guarantees, if so desired). In particular, 
+     note that the very act of enumerating the contents of a
+     data source can modify the contents of the data source; for
      instance, a queue might be represented as a data source such that
      items that are returned in a Pull response are removed from the
      queue.
@@ -214,8 +214,8 @@
       In cases where it is either desirable or necessary for the receiver 
       of a request that has been extended to indicate that it has 
       recognized and accepted the semantics associated with that extension, 
-      it is recommended that the receiver add a corresponding extension 
-      to the response message.  The definition of an extension should clearly 
+      it is RECOMMENDED that the receiver add a corresponding extension 
+      to the response message.  The definition of an extension SHOULD clearly 
       specify how the extension that appears in the response correlates 
       with that in the corresponding request.
      </p><p>
@@ -292,7 +292,7 @@
 <h2><a name="EnumMsgs" id="EnumMsgs"/>3 Enumeration Messages</h2><p>
     Enumeration contexts represent a specific
     traversal through a sequence of XML information items. An Enumerate
-    operation may be used to establish an enumeration context from a
+    operation MAY be used to establish an enumeration context from a
     data source. A Pull operation is used to fetch information items
     from a data source according to a specific enumeration context. A
     Release operation is used to tell a data source that the consumer
@@ -303,14 +303,14 @@
     that is opaque to the consumer. Initially, the consumer gets an
     enumeration context from the data source by means of an Enumerate
     operation. The consumer then passes that XML data back to the data
-    source in the Pull request. Optionally, the data source may return
+    source in the Pull request. Optionally, the data source MAY return
     an updated enumeration context in the Pull response; when present,
-    this new enumeration context should replace the old one on the
-    consumer, and should be passed to the data source in all future
+    this new enumeration context SHOULD replace the old one on the
+    consumer, and SHOULD be passed to the data source in all future
     responses until and unless the data source again returns an updated
     enumeration context.
    </p><p>
-    Consumers should not reuse old enumeration
+    Consumers SHOULD NOT reuse old enumeration
     contexts that have been replaced by the data source. Using a
     replaced enumeration context in a Pull response MAY yield undefined
     results, including being ignored or generating a
@@ -324,10 +324,10 @@
     Callers MAY issue a Release operation against a
     valid enumeration context at any time, which causes the enumeration
     context to become invalid and allows the data source to free up any
-    resources it may have allocated to the enumeration. Issuing a
+    resources it might have allocated to the enumeration. Issuing a
     Release operation prior to reaching the end of the sequence of
     elements is explicitly allowed; however, no further operations
-    should be issued after a Release.
+    SHOULD be issued after a Release.
    </p><p>
     In addition, the data source MAY invalidate an
     enumeration context at any time, as necessary.
@@ -335,7 +335,7 @@
 <h3><a name="Enumerate" id="Enumerate"/>3.1 Enumerate</h3><p>
      All data sources MUST support some operation
      that allows an enumeration to be started. A data source MAY support
-     the Enumerate operation, or it may provide some other mechanism for
+     the Enumerate operation, or it MAY provide some other mechanism for
      starting an enumeration and receiving an enumeration
      context.
     </p><p>
@@ -367,7 +367,7 @@
         Requested expiration time for the
         enumeration. (No implied value.) The data source defines the actual
         expiration and is not constrained to use a time less or greater
-        than the requested expiration. The expiration time may be a
+        than the requested expiration. The expiration time MAY be a
         specific time or a duration from the enumeration's creation time.
         Both specific times and durations are interpreted based on the data
         source's clock.
@@ -387,7 +387,7 @@
         MUST generate a wsen:InvalidExpirationTime fault indicating that an 
         invalid expiration time was requested.
        </p><p>
-        Some data sources may not have a "wall time"
+        Some data sources might not have a "wall time"
         clock available, and so are able only to accept durations as
         expirations. If such a source receives an Enumerate request
         containing a specific time expiration, then the request MUST fail;
@@ -398,7 +398,7 @@
         This optional element contains a Boolean
         predicate in some dialect (see <b>[<a href="#Dialect">[Body]/wsen:Enumerate/wsen:Filter/@Dialect </a>]</b>) 
         that all elements of
-        interest must satisfy. The resultant enumeration context MUST NOT
+        interest MUST satisfy. The resultant enumeration context MUST NOT
         return elements for which this predicate expression evaluates to
         the value false. If this element is absent, then the implied value
         is the expression true(), indicating that no filtering is
@@ -596,7 +596,7 @@
           </p></li><li><p>
            Context expired
           </p></li></ol></p><p>
-        Note that the data source may not be able to
+        Note that the data source might not be able to
         determine that an enumeration context is not valid, especially if
         all of the state associated with the enumeration is kept in the
         enumeration context and refreshed on every
@@ -635,10 +635,10 @@
         Even if a Pull request contains a
         MaxCharacters element, the consumer MUST be prepared to receive a
         Pull response that contains more data characters than specified, as
-        XML canonicalization or alternate XML serialization algorithms may
+        XML canonicalization or alternate XML serialization algorithms can
         change the size of the representation.
        </p><p>
-        It may happen that the next item the data
+        It can happen that the next item the data
         source would return to the consumer is larger than MaxCharacters.
         In this case, the data source MAY skip the item, or MAY return an
         abbreviated representation of the item that fits inside
@@ -655,7 +655,7 @@
      further constrained by this specification.
     </p><p>
      Upon receipt of a Pull request message, the
-     data source may wait as long as it deems necessary (but not longer
+     data source MAY wait as long as it deems necessary (but not longer
      than the value of the wsen:MaxTime element, if present) to produce
      a message for delivery to the consumer. The data source MUST
      recognize the wsen:MaxTime element and return a
@@ -664,8 +664,8 @@
     </p><p>
      Note, however, that this fault SHOULD NOT cause
      the enumeration context to become invalid (of course, the data
-     source may invalidate the enumeration context for other reasons).
-     That is, the requestor should be able to issue additional Pull
+     source MAY invalidate the enumeration context for other reasons).
+     That is, the requestor can issue additional Pull
      requests using this enumeration context after receiving this fault.
     </p><p>
      Upon successful processing of a Pull request
@@ -708,7 +708,7 @@
      wsen:EndOfSequence MUST appear. It is possible for both to appear
      if items are returned and the sequence is exhausted. Similarly,
      wsen:EnumerationContext and wsen:EndOfSequence MUST NOT both
-     appear; neither may appear, or one without the other, but not both
+     appear; neither can appear, or one without the other, but not both
      in the same PullResponse.
     </p><p><a href="#pullReq">Example 3-3</a> lists a Pull request.
     </p><div class="exampleOuter">
@@ -740,9 +740,9 @@
      Lines (05-07) in <a href="#pullReq">Example 3-3</a> indicate this message
      is a Pull request and that the data source is expected to respond
      with a Pull response message. Line (21) indicates that the response
-     message should be generated no more than 30 seconds after receipt
+     message SHOULD be generated no more than 30 seconds after receipt
      of the Pull request message. Line (22) indicates that no more than
-     10 elements should be returned in the body of the Pull response
+     10 elements can be returned in the body of the Pull response
      message.
     </p><p><a href="#pullRes">Example 3-4</a> lists a response to the request in 
      <a href="#pullReq">Example 3-3</a>.
@@ -1131,7 +1131,7 @@
      that the wsen:EndTo EPR is unusable.
     </p><table border="1"><tbody><tr><td><b>[Code]</b></td><td>s12:Sender</td></tr><tr><td><b>[Subcode]</b></td><td>wsen:UnusableEPR</td></tr><tr><td><b>[Reason]</b></td><td>The wsen:EndTo EPR is unusable.</td></tr><tr><td><b>[Detail]</b></td><td><em> Details as to why the EPR is unusable. </em></td></tr></tbody></table></div></div><div class="div1">
 <h2><a name="Security" id="Security"/>5 Security Considerations</h2><p>
-    It is strongly recommended that the
+    It is strongly RECOMMENDED that the
     communication between services be secured using the mechanisms
     described in <a href="#WSSecurity">[WS-Security]</a>. 
    </p><p>
@@ -1145,13 +1145,13 @@
    </p><p>
     If a requestor is issuing multiple messages to a
     Web service, such as when a consumer is enumerating a data source,
-    it is recommended that a security context be established using the
+    it is RECOMMENDED that a security context be established using the
     mechanisms described in <a href="#WSSecureConversation">[WS-SecureConversation]</a>. It is often
     appropriate to establish a security context that is used both for
     the initiation of enumeration (i.e., the Enumerate request or an
     equivalent service-specific request) and the actual enumeration
-    itself (i.e., the Pull requests). It is further recommended that if
-    shared secrets are used, message-specific derived keys should be
+    itself (i.e., the Pull requests). It is further RECOMMENDED that if
+    shared secrets are used, message-specific derived keys SHOULD be
     used to protect the secret from crypto attacks.
    </p><p>
     The access control semantics of data sources is
@@ -1160,7 +1160,7 @@
     source independent of their transfer (e.g. embedded signatures and
     encryption) are also out-of-scope.
    </p><p>
-    It is recommended that the security
+    It is RECOMMENDED that the security
     considerations of WS-Security also be considered.
    </p><p>
     While a comprehensive set of attacks is not
@@ -1175,21 +1175,21 @@
       messages.
      </p></li><li><p><em>Invalid tokens</em> 
       - There are a number of token attacks including certificate 
-      authorities, false signatures, and PKI attacks. Care should be taken
+      authorities, false signatures, and PKI attacks. Care SHOULD be taken
       to ensure each token is valid (usage window, digest, signing
       authority, revocation, ...), and that the appropriate delegation
       policies are in compliance.
      </p></li><li><p><em>Man-in-the-middle</em>
       - The message exchanges in this
       specification could be subject to man-in-the-middle attacks so care
-      should be taken to reduce possibilities here such as establishing a
+      SHOULD be taken to reduce possibilities here such as establishing a
       secure channel and verifying that the security tokens user
       represent identities authorized to speak for, or on behalf of, the
       desired resource reference.
      </p></li><li><p><em>Message alteration</em> 
       - Alteration is prevented by
       including signatures of the message information using WS-Security.
-      Care should be taken to review message part references
+      Care SHOULD be taken to review message part references
       to ensure they haven't been forged (e.g. ID duplication).
      </p></li><li><p><em>Message disclosure</em> 
       - Confidentiality is preserved
@@ -1215,10 +1215,10 @@
       - All reliable
       messaging services are subject to a variety of availability
       attacks. Replay detection is a common attack and it is
-      recommended that this be addressed by the mechanisms described in
+      RECOMMENDED that this be addressed by the mechanisms described in
       WS-Security. Other attacks, such as network-level
       denial of service attacks are harder to avoid and are outside the
-      scope of this specification. That said, care should be
+      scope of this specification. That said, care SHOULD be
       taken to ensure that minimal state is saved prior to any
       authenticating sequences.
      </p></li></ul></div><div class="div1">
@@ -1304,7 +1304,7 @@
       (See http://www.w3.org/TR/1999/REC-xpath-19991116.)</dd></dl></div></div><div class="back"><div class="div1">
 <h2><a name="schema" id="schema"/>A XML Schema</h2><p>
     A normative copy of the XML Schema <a href="#XMLSchema1">[XMLSchema - Part 1]</a>,
-    <a href="#XMLSchema2">[XMLSchema - Part 2]</a> description for this specification may be
+    <a href="#XMLSchema2">[XMLSchema - Part 2]</a> description for this specification can be
     retrieved from the following address:
    </p><div class="exampleOuter"><div class="exampleInner"><pre><a href="http://www.w3.org/2009/02/ws-enu/enumeration.xsd">http://www.w3.org/2009/02/ws-enu/enumeration.xsd</a></pre></div></div><p>
     A non-normative copy of the XML schema is listed below for convenience.
@@ -1553,7 +1553,7 @@
 &lt;/xs:schema&gt;</pre></div></div></div><div class="div1">
 <h2><a name="WSDL" id="WSDL"/>B WSDL</h2><p>
     A normative copy of the WSDL <a href="#WSDL11">[WSDL11]</a>
-    description for this specification may be retrieved from the
+    description for this specification can be retrieved from the
     following address:
    </p><div class="exampleOuter"><div class="exampleInner"><pre><a href="http://www.w3.org/2009/02/ws-enu/enumeration.wsdl">http://www.w3.org/2009/02/ws-enu/enumeration.wsdl</a></pre></div></div><p>
     A non-normative copy of the WSDL description is
@@ -1682,4 +1682,5 @@
        <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=6956">6956</a></td></tr><tr><td> 2009/08/05 </td><td> DD </td><td> Added resolution of issue 
        <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7159">7159</a></td></tr><tr><td> 2009/08/06 </td><td> DD </td><td> Added resolution of issue 
        <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7192">7192</a></td></tr><tr><td> 2009/08/18 </td><td> DD </td><td> Added resolution of issue 
-       <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7206">7206</a></td></tr></tbody></table></div></div></body></html>
\ No newline at end of file
+       <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7206">7206</a></td></tr><tr><td> 2009/08/18 </td><td> DD </td><td> Added resolution of issue 
+       <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7193">7193</a></td></tr></tbody></table></div></div></body></html>
\ No newline at end of file

Index: wsenum.xml
===================================================================
RCS file: /w3ccvs/WWW/2002/ws/ra/edcopies/wsenum.xml,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -d -r1.41 -r1.42
--- wsenum.xml	18 Aug 2009 21:10:01 -0000	1.41
+++ wsenum.xml	18 Aug 2009 21:25:03 -0000	1.42
@@ -108,8 +108,8 @@
      messages.
     </p>
     <p>
-     Somewhere, state must be maintained regarding
-     the progress of the iteration. This state may be maintained between
+     Somewhere, state MUST be maintained regarding
+     the progress of the iteration. This state MAY be maintained between
      requests by the data source being enumerated or by the data
      consumer. WS-Enumeration allows the data source to decide, on a
      request-by-request basis, which party will be responsible for
@@ -123,34 +123,34 @@
      the next N elements in the aggregate sequence.
     </p>
     <p>
-     A data source may provide a custom mechanism for
+     A data source MAY provide a custom mechanism for
      starting a new enumeration. For instance, a data source that
-     provides access to a SQL database may support a SELECT operation
+     provides access to a SQL database can support a SELECT operation
      that performs a database query and uses an explicit database cursor
      to iterate through the returned rows. In general, however, it is
      simpler if all data sources support a single, standard operation to
      start an enumeration. This specification defines such an operation,
-     Enumerate, that data sources may implement for starting a new
+     Enumerate, that data sources MAY implement for starting a new
      enumeration of a data source. The Enumerate operation is used to
      create new enumeration contexts for subsequent traversal/retrieval.
      Each Enumerate operation results in a distinct enumeration context,
      each with its own logical cursor/position.
     </p>
     <p>
-     It should be emphasized that different
-     enumerations of the same data source may produce different results;
-     this may happen even for two enumeration contexts created
+     Note that different
+     enumerations of the same data source can produce different results;
+     this can happen even for two enumeration contexts created
      concurrently by a single consumer using identical Enumerate
-     requests. In general, the consumer of an enumeration should not
+     requests. In general, the consumer of an enumeration SHOULD NOT
      make any assumptions about the ordering or completeness of the
      enumeration; the returned data items represent a selection by the
      data source of items it wishes to present to that consumer at that
      time in that order, with no guarantee that every available item is
      returned or that the order in which items is returned has any
      semantic meaning whatsoever (of course, any specific data source
-     may provide strong guarantees, if so desired). In particular, it
-     should be noted that the very act of enumerating the contents of a
-     data source may modify the contents of the data source; for
+     can provide strong guarantees, if so desired). In particular, 
+     note that the very act of enumerating the contents of a
+     data source can modify the contents of the data source; for
      instance, a queue might be represented as a data source such that
      items that are returned in a Pull response are removed from the
      queue.
@@ -534,7 +534,7 @@
    <p>
     Enumeration contexts represent a specific
     traversal through a sequence of XML information items. An Enumerate
-    operation may be used to establish an enumeration context from a
+    operation MAY be used to establish an enumeration context from a
     data source. A Pull operation is used to fetch information items
     from a data source according to a specific enumeration context. A
     Release operation is used to tell a data source that the consumer
@@ -546,15 +546,15 @@
     that is opaque to the consumer. Initially, the consumer gets an
     enumeration context from the data source by means of an Enumerate
     operation. The consumer then passes that XML data back to the data
-    source in the Pull request. Optionally, the data source may return
+    source in the Pull request. Optionally, the data source MAY return
     an updated enumeration context in the Pull response; when present,
-    this new enumeration context should replace the old one on the
-    consumer, and should be passed to the data source in all future
+    this new enumeration context SHOULD replace the old one on the
+    consumer, and SHOULD be passed to the data source in all future
     responses until and unless the data source again returns an updated
     enumeration context.
    </p>
    <p>
-    Consumers should not reuse old enumeration
+    Consumers SHOULD NOT reuse old enumeration
     contexts that have been replaced by the data source. Using a
     replaced enumeration context in a Pull response MAY yield undefined
     results, including being ignored or generating a
@@ -570,10 +570,10 @@
     Callers MAY issue a Release operation against a
     valid enumeration context at any time, which causes the enumeration
     context to become invalid and allows the data source to free up any
-    resources it may have allocated to the enumeration. Issuing a
+    resources it might have allocated to the enumeration. Issuing a
     Release operation prior to reaching the end of the sequence of
     elements is explicitly allowed; however, no further operations
-    should be issued after a Release.
+    SHOULD be issued after a Release.
    </p>
    <p>
     In addition, the data source MAY invalidate an
@@ -586,7 +586,7 @@
     <p>
      All data sources MUST support some operation
      that allows an enumeration to be started. A data source MAY support
-     the Enumerate operation, or it may provide some other mechanism for
+     the Enumerate operation, or it MAY provide some other mechanism for
      starting an enumeration and receiving an enumeration
      context.
     </p>
@@ -637,7 +637,7 @@
         Requested expiration time for the
         enumeration. (No implied value.) The data source defines the actual
         expiration and is not constrained to use a time less or greater
-        than the requested expiration. The expiration time may be a
+        than the requested expiration. The expiration time MAY be a
         specific time or a duration from the enumeration's creation time.
         Both specific times and durations are interpreted based on the data
         source's clock.
@@ -661,7 +661,7 @@
        </p>
 
        <p>
-        Some data sources may not have a "wall time"
+        Some data sources might not have a "wall time"
         clock available, and so are able only to accept durations as
         expirations. If such a source receives an Enumerate request
         containing a specific time expiration, then the request MUST fail;
@@ -680,7 +680,7 @@
         This optional element contains a Boolean
         predicate in some dialect (see <specref ref="Dialect"/>) 
         that all elements of
-        interest must satisfy. The resultant enumeration context MUST NOT
+        interest MUST satisfy. The resultant enumeration context MUST NOT
         return elements for which this predicate expression evaluates to
         the value false. If this element is absent, then the implied value
         is the expression true(), indicating that no filtering is
@@ -1007,7 +1007,7 @@
        </p>
 
        <p>
-        Note that the data source may not be able to
+        Note that the data source might not be able to
         determine that an enumeration context is not valid, especially if
         all of the state associated with the enumeration is kept in the
         enumeration context and refreshed on every
@@ -1069,11 +1069,11 @@
         Even if a Pull request contains a
         MaxCharacters element, the consumer MUST be prepared to receive a
         Pull response that contains more data characters than specified, as
-        XML canonicalization or alternate XML serialization algorithms may
+        XML canonicalization or alternate XML serialization algorithms can
         change the size of the representation.
        </p>
        <p>
-        It may happen that the next item the data
+        It can happen that the next item the data
         source would return to the consumer is larger than MaxCharacters.
         In this case, the data source MAY skip the item, or MAY return an
         abbreviated representation of the item that fits inside
@@ -1097,7 +1097,7 @@
  
     <p>
      Upon receipt of a Pull request message, the
-     data source may wait as long as it deems necessary (but not longer
+     data source MAY wait as long as it deems necessary (but not longer
      than the value of the wsen:MaxTime element, if present) to produce
      a message for delivery to the consumer. The data source MUST
      recognize the wsen:MaxTime element and return a
@@ -1108,8 +1108,8 @@
     <p>
      Note, however, that this fault SHOULD NOT cause
      the enumeration context to become invalid (of course, the data
-     source may invalidate the enumeration context for other reasons).
-     That is, the requestor should be able to issue additional Pull
+     source MAY invalidate the enumeration context for other reasons).
+     That is, the requestor can issue additional Pull
      requests using this enumeration context after receiving this fault.
     </p>
 
@@ -1189,7 +1189,7 @@
      wsen:EndOfSequence MUST appear. It is possible for both to appear
      if items are returned and the sequence is exhausted. Similarly,
      wsen:EnumerationContext and wsen:EndOfSequence MUST NOT both
-     appear; neither may appear, or one without the other, but not both
+     appear; neither can appear, or one without the other, but not both
      in the same PullResponse.
     </p>
  
@@ -1230,9 +1230,9 @@
      Lines (05-07) in <specref ref="pullReq"/> indicate this message
      is a Pull request and that the data source is expected to respond
      with a Pull response message. Line (21) indicates that the response
-     message should be generated no more than 30 seconds after receipt
+     message SHOULD be generated no more than 30 seconds after receipt
      of the Pull request message. Line (22) indicates that no more than
-     10 elements should be returned in the body of the Pull response
+     10 elements can be returned in the body of the Pull response
      message.
     </p>
 
@@ -2102,7 +2102,7 @@
    <head>Security Considerations</head>
 
    <p>
-    It is strongly recommended that the
+    It is strongly RECOMMENDED that the
     communication between services be secured using the mechanisms
     described in <bibref ref="WSSecurity"/>. 
    </p>
@@ -2118,13 +2118,13 @@
    <p>
     If a requestor is issuing multiple messages to a
     Web service, such as when a consumer is enumerating a data source,
-    it is recommended that a security context be established using the
+    it is RECOMMENDED that a security context be established using the
     mechanisms described in <bibref ref="WSSecureConversation"/>. It is often
     appropriate to establish a security context that is used both for
     the initiation of enumeration (i.e., the Enumerate request or an
     equivalent service-specific request) and the actual enumeration
-    itself (i.e., the Pull requests). It is further recommended that if
-    shared secrets are used, message-specific derived keys should be
+    itself (i.e., the Pull requests). It is further RECOMMENDED that if
+    shared secrets are used, message-specific derived keys SHOULD be
     used to protect the secret from crypto attacks.
    </p>
    <p>
@@ -2135,7 +2135,7 @@
     encryption) are also out-of-scope.
    </p>
    <p>
-    It is recommended that the security
+    It is RECOMMENDED that the security
     considerations of WS-Security also be considered.
    </p>
    <p>
@@ -2161,7 +2161,7 @@
      <p>
       <emph>Invalid tokens</emph> 
       - There are a number of token attacks including certificate 
-      authorities, false signatures, and PKI attacks. Care should be taken
+      authorities, false signatures, and PKI attacks. Care SHOULD be taken
       to ensure each token is valid (usage window, digest, signing
       authority, revocation, ...), and that the appropriate delegation
       policies are in compliance.
@@ -2173,7 +2173,7 @@
       <emph>Man-in-the-middle</emph>
       - The message exchanges in this
       specification could be subject to man-in-the-middle attacks so care
-      should be taken to reduce possibilities here such as establishing a
+      SHOULD be taken to reduce possibilities here such as establishing a
       secure channel and verifying that the security tokens user
       represent identities authorized to speak for, or on behalf of, the
       desired resource reference.
@@ -2185,7 +2185,7 @@
       <emph>Message alteration</emph> 
       - Alteration is prevented by
       including signatures of the message information using WS-Security.
-      Care should be taken to review message part references
+      Care SHOULD be taken to review message part references
       to ensure they haven't been forged (e.g. ID duplication).
      </p>
     </item>
@@ -2236,10 +2236,10 @@
       - All reliable
       messaging services are subject to a variety of availability
       attacks. Replay detection is a common attack and it is
-      recommended that this be addressed by the mechanisms described in
+      RECOMMENDED that this be addressed by the mechanisms described in
       WS-Security. Other attacks, such as network-level
       denial of service attacks are harder to avoid and are outside the
-      scope of this specification. That said, care should be
+      scope of this specification. That said, care SHOULD be
       taken to ensure that minimal state is saved prior to any
       authenticating sequences.
      </p>
@@ -2401,7 +2401,7 @@
 
    <p>
     A normative copy of the XML Schema <bibref ref='XMLSchema1'/>,
-    <bibref ref='XMLSchema2'/> description for this specification may be
+    <bibref ref='XMLSchema2'/> description for this specification can be
     retrieved from the following address:
    </p>
 
@@ -2665,7 +2665,7 @@
 
    <p>
     A normative copy of the WSDL <bibref ref="WSDL11"/>
-    description for this specification may be retrieved from the
+    description for this specification can be retrieved from the
     following address:
    </p>
 
@@ -2953,6 +2953,13 @@
        <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7206">7206</loc>
       </td>
      </tr>
+     <tr>
+      <td> 2009/08/18 </td>
+      <td> DD </td>
+      <td> Added resolution of issue 
+       <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=7193">7193</loc>
+      </td>
+     </tr>
     </tbody>
    </table>
   </div1>

Received on Tuesday, 18 August 2009 21:25:16 UTC