RE: ACTION-295: Should v. Must

Has there ever been a court case anywhere in the world over the merits of the implementation of a voluntary technical standard (outside of IP/patent issues)?  Of course we have many, many examples on the policy side where the decision of enforcement spins on a single/few word(s) in a privacy policy.  This is why, in purely the POLICY context, we need to feel comfortable with exactly how SHOULD and MUST 'should/must' be interpreted.  A challenge - do we need SHOULD at all in the document?  Example provisions?

- Shane

-----Original Message-----
From: David Wainberg [] 
Sent: Friday, October 19, 2012 7:22 AM
To: Walter van Holst
Subject: Re: ACTION-295: Should v. Must

Hi Walter,

You are a lawyer, yes? I have not had the opportunity to try to interpret the definitions of RFC2119 in a legal context. Can you explain how you have counseled clients when implementing a SHOULD provision of a standard where there is legal liability attached? Do have any examples of bases under which you have felt comfortable counseling a client that they can ignore a SHOULD requirement?



On 10/19/12 4:08 AM, Walter van Holst wrote:
> On 10/19/12 12:47 AM, Roy T. Fielding wrote:
>> That is why, when Berin cautioned that a group of regulators or 
>> legislators or a judicial process would interpret these words more 
>> forcefully, our response was that they are INTENDED to be interpreted 
>> forcefully -- they are requirements of the protocol.
>> That is why we have a normative reference to RFC2119.
> I agree wholeheartedly and also have to confess I was rather puzzled 
> by the ease with which terminology that has been around for a long 
> time and formalised in 1997 in a period in which a great deal of 
> internet standards came to fruition all of a sudden was dismissed as too vague.
> Regards,
>   Walter

Received on Friday, 19 October 2012 14:37:15 UTC