W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: [secdir] RFC2119 vs "ought" etc, was: SECDIR review of draft-ietf-httpbis-p7-auth-24

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 30 Oct 2013 14:57:46 +0100
Message-ID: <5271105A.10105@gmx.de>
To: Richard Barnes <rlb@ipv.sx>
CC: Stephen Kent <kent@bbn.com>, secdir <secdir@ietf.org>, "fielding@gbiv.com" <fielding@gbiv.com>, "mnot@pobox.com" <mnot@pobox.com>, Barry Leiba <barryleiba@computer.org>, Pete Resnick <presnick@qti.qualcomm.com>, "Mankin, Allison" <amankin@verisign.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 2013-10-30 14:42, Richard Barnes wrote:
> ...
> Do you mean that your intent was ought==should and might==may?
> Why do you feel the need to avoid SHOULD and MAY here?  They don't place
> any more burden on implementors than "ought" and "might".
> --Richard
> ...

I believe in following the guidance in RFC 2119:

> 6. Guidance in the use of these Imperatives
>    Imperatives of the type defined in this memo must be used with care
>    and sparingly.  In particular, they MUST only be used where it is
>    actually required for interoperation or to limit behavior which has
>    potential for causing harm (e.g., limiting retransmisssions)  For
>    example, they must not be used to try to impose a particular method
>    on implementors where the method is not required for
>    interoperability.

I also note that there clearly is no community consensus about what the 
right degree of 2119 usage is. Until there is such thing, I recommend 
that we focus on 2119 keywords being used when they are needed, and not 
bike-shed over the other instances as long as the specification is 
consistent with respect to this.

Best regards, Julian
Received on Wednesday, 30 October 2013 13:58:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:19 UTC