Right now I'm just getting text down that describes the basic points without worrying too much about 100% correct spec text. Take the actual wording that's there with a grain of salt and wording suggestions are greatly appreciated.
- James Bjoern Hoehrmann wrote: > * James M Snell wrote: >> PaceSecurityConsiderations has been updated for Draft-09. The various >> MUSTs have been removed. >> >> http://www.intertwingly.net/wiki/pie/PaceSecurityConsiderations > > I am not sure you make proper use of upper- and lower-case RFC 2119 > keywords, e.g. in the second paragraph you have "strongly recommended", > why is that not RECOMMENDED? The "MUST" in that paragraph seems in- > correct, it's a statement of fact, not a conformance requirement of > the Atom protocol specification. > > In the next paragraph wording like "strongly encouraged" is rather > misleading; if you don't want it to be RECOMMENDED, this should use > something like "recommended but not required". > > In 14.2 " multiple pipelined requests on multiple connections" seems > a HTTP security concern, not a Atom protocol one (you don't restate > all HTTP security considerations, so why this one). > > You lack some references, e.g. to explain what "XML Digital Signature" > is (assuming this is not provided in the current protocol draft). > > Has this been reviewed against RFC 3552 and RFC 2828?
