[OAUTH-WG] double normative? (draft-ietf-oauth-assertions WGLC comment V)

Brian Campbell <bcampbell@pingidentity.com> Mon, 23 April 2012 21:27 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF08611E808A for <oauth@ietfa.amsl.com>; Mon, 23 Apr 2012 14:27:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.936
X-Spam-Level:
X-Spam-Status: No, score=-5.936 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEqrGixP+ARt for <oauth@ietfa.amsl.com>; Mon, 23 Apr 2012 14:27:13 -0700 (PDT)
Received: from na3sys009aog127.obsmtp.com (na3sys009aog127.obsmtp.com [74.125.149.107]) by ietfa.amsl.com (Postfix) with ESMTP id A2E7811E8072 for <oauth@ietf.org>; Mon, 23 Apr 2012 14:27:12 -0700 (PDT)
Received: from mail-vx0-f179.google.com ([209.85.220.179]) (using TLSv1) by na3sys009aob127.postini.com ([74.125.148.12]) with SMTP ID DSNKT5XJMHawxf+aJ8we8fG2yHmy+Z1yqVZj@postini.com; Mon, 23 Apr 2012 14:27:12 PDT
Received: by vcbf11 with SMTP id f11so8552976vcb.10 for <oauth@ietf.org>; Mon, 23 Apr 2012 14:27:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type :x-gm-message-state; bh=/R9wRMXhKCtmEOSK5IzH0gNaYxDI0f7fP8icoJoEmUE=; b=Rx8W04dG3decelJRIcCa+k30i/1N4TqWjLBokBlTDGZkt21RGY3Hb++I8k5gid1LYW oS1NUmZLqRPq2o6ryjMS0398ZOSIzBJwdO5dUfVjV54IyxXW6nzVGjiLzAaT5VQzINZP ly/UZDjSvbkOqQgPKDHQgzFIilF9cEl0NDOlGoazxf8Bw3XxBcz0cYej4YdpZywRs308 3U7/nUvp+/I3fhHszFCZWhB/q8Vjd/mV0dMiQ5qPqSd6QnTC0pgxlh7NYI7b3IqPXNN5 8KdxF8Rv0Z082B+GWZvMhn9HGas8OnKrlzcjy6hrDfIM+P6LsWx6h5xv/8u19DGgZcuc pfJA==
Received: by 10.220.38.138 with SMTP id b10mr17513383vce.23.1335216431294; Mon, 23 Apr 2012 14:27:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.38.104 with HTTP; Mon, 23 Apr 2012 14:26:41 -0700 (PDT)
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Mon, 23 Apr 2012 15:26:41 -0600
Message-ID: <CA+k3eCTRVQKuyLJ3Koo42ZEJcpeRioRPT6uWYPJ-jTOS5wuf_Q@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="bcaec54ee75615e94f04be5f4d4f"
X-Gm-Message-State: ALoCoQmeDosUDB2hLbykO7sr2PjBMs3PepVB0a9peGDFjz9bTH5UxqcJG/ivB+0cjsyk5IrI63Nz
Subject: [OAUTH-WG] double normative? (draft-ietf-oauth-assertions WGLC comment V)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Apr 2012 21:27:13 -0000

Sections 6.1, 6.2, 6.3 and 6.4 of
http://tools.ietf.org/html/draft-ietf-oauth-assertions-01 are all similar
in that they have a paragraph at the top that ends with, "The following
format and processing rules SHOULD be applied:" followed by a bullet list
of specific rules. However some of the individual bullets themselves have
normative language including several that have a MUST. On rereading the
draft today, I found this to be a little confusing. I mean, what does it
mean to say that you SHOULD MUST do something? At a minimum, it seems like
kind of bad form. I'm thinking that the lead in text before each list
should just say something like "The following format and processing rules
are to be applied:" to avoid any potential logical conflict between the
normative terms. But depending on how the previous text was interpreted,
that could be considered a breaking change? That might be okay though as
this is just an abstract specification. Any thoughts?