RFC2119 vs "ought" etc, was: SECDIR review of draft-ietf-httpbis-p7-auth-24


thanks for the feedback.

On 2013-10-29 20:35, Stephen Kent wrote:
> ...
> I see that “ought” is used in two places on page 6, but not in uppercase
> as per RFC 6919. The authors should revisit the use of this term here.
> ...
> The end of Section 2.2 includes the word “might” but not uppercase, as
> per RFC 6919. I again suggest that the authors reconsider using this
> term in this context.
> ...
> Section 5.1.2 uses “ought” when discussing definitions for new
> authentication schemes. See comments above re use of this term.The same
> section also uses the phrase “need to” twice, where MUST seems appropriate.
> ...

We use "ought", "might" etc to disambiguate from RFC2119 keywords. As 
such it's intentional that they are not uppercased, and that we do not 
reference RFC 6919 (which, by the way, is dated April 1st).

Best regards, Julian

Received on Wednesday, 30 October 2013 13:10:27 UTC