Sections 6.1, 6.2, 6.3 and 6.4 of http://tools.ietf.org/html/draft-ietf-oauth-assertions-01 are all similar in that they have a paragraph at the top that ends with, "The following format and processing rules SHOULD be applied:" followed by a bullet list of specific rules. However some of the individual bullets themselves have normative language including several that have a MUST. On rereading the draft today, I found this to be a little confusing. I mean, what does it mean to say that you SHOULD MUST do something? At a minimum, it seems like kind of bad form. I'm thinking that the lead in text before each list should just say something like "The following format and processing rules are to be applied:" to avoid any potential logical conflict between the normative terms. But depending on how the previous text was interpreted, that could be considered a breaking change? That might be okay though as this is just an abstract specification. Any thoughts?
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth