Re: [Geopriv] draft-ietf-geopriv-lbyr-requirements-02 comments

From: James M. Polk ^lt;>
Date: Wed Jul 09 2008 - 23:06:51 EDT

At 08:12 PM 7/9/2008, Thomson, Martin wrote:
> {S} Next paragraph: Justification for expiry needs to include
> security. This is the primary use, particularly where references
> use the "possession" model. Expiry limits the time that accidental
> leaking of a URI causes. (from a requirements perspective I tend
> towards a MUST use, but would be happy with SHOULD use and MUST
> implement - c.f. HELD design). I have another comment on Section 4
> on this topic.

I have an issue with this statement about the draft.

SHOULD or MUST "use" is not up to a requirements document, I don't
believe. Protocol documents talk about the hazards of not enabling a
function or capability, Requirements documents need to MUST virtually
everything, otherwise the document is ambiguous. Requirements
documents are specifically for protocol designers, not for
education. The comment about "SHOULD use" is pointless unless it
MUST be implemented, which is towards the coming standards track RFC authors.

I think that is confusing the point of a requirements document (i.e.
it's for protocol authors). Protocol documents have MUSTs and
SHOULDs, which are towards implementors. SHOULD need to always have
a legitimate reason to ignore why a SHOULD is not created within a
protocol and implemented by coders.

Therefore, I believe the "SHOULD use" point trying to be made here
needs to be moved into the Intro section, to give another use-case or
to give further justification for this protocol (to-be) to be designed.

my 1.75 cents

Geopriv mailing list
Received on Wed, 09 Jul 2008 22:06:51 -0500

This archive was generated by hypermail 2.1.8 : Wed Jul 09 2008 - 23:06:57 EDT