On Tue, 13 Feb 2007, Ted Lemon wrote: > This is a DNSOP draft, so I don't think we *can* use MUST NOT.
I asked this before and got no answer. RFC2119 itself gives some guidance: "6. Guidance in the use of these Imperatives "Imperatives of the type defined in this memo must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions) For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability. "7. Security Considerations "These terms are frequently used to specify behavior with security implications. The effects on security of not implementing a MUST or SHOULD, or doing something the specification says MUST NOT or SHOULD NOT be done may be very subtle. Document authors should take the time to elaborate the security implications of not following recommendations or requirements as most implementors will not have had the benefit of the experience and discussion that produced the specification." My purpose in using these terms is to limit behavior which has the potential for causing harm. Further, this text relates to security issues. In the draft I'm writing, these three paragraphs are in the "Security Considerations" section. > My main problem with this whole conversation is that I think the > draft already says this - it just doesn't say "MUST NOT" because it > *can't*. I think your are not looking hard enough for ambiguous language, and considering how that language might be used in the future. I'd ask that you review our offline conversation between 3/28/2005 and 4/2/2005, if you have it. Similar issues apply here as I drew your attention to then. > If you feel the wording is too weak, and the editor is willing to > incorporate your wording, minus the MUST NOTs, I have no objection to > that. And do you agre with the present wording if it is permissible to include the RFC2119 terms? I do feel the wording is way too weak. Basically, everyone should consider that if this document is approved as is, and Administrator A blocks your email because, e.g., it has the word "dialup" in the reverse mapping entry, then Administrator A will refer to this document as proof of the reasonableness of his actions. Likewise, if the reverse mapping doesn't exist, or doesn't "match" the forward mapping, etc, they will also point to this document as justification for their behavior. One will be left trying to prove that the ambiguous statements don't mean what Administrator A asserts they mean, a position that is very difficult. Consider the recent exchange between Robert Story and Ted Lemon, supposing after this draft is approved. As an exercise, try to show that Administrator A, acting as Story described, has acted unreasonably (as Lemon asserted) when Administrator A can quote the text of this draft in his defense. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop