Hi Eric, folks,
[renamed for this specific point, and CC list trimmed]
I am puzzled by this point in your review.
I suspect that other potential authors will be too.
To me, the last sentence is exactly right:
the SHOULD means "do this unless...",
and the last phrase covers the "unless".
I had read 2119 to mean that a MUST was unconditional
- do this or be non-complaint.
Do you believe that MUST can have an "unless" clause?
Doesn't this mean that any SHOULD with an explicit "unless" will
need to be changed into a MUST - could you expand on this, please?
all the best,
On 20 Jun 2008, at 20:59, Eric Rescorla wrote:
The LIS MUST implement the server
authentication method described in [RFC2818]. When TLS is used,
the Device SHOULD fail a request if server authentication fails,
except in the event of an emergency.
Does that address your concerns?
Why did this become a SHOULD when it was a MUST?
IETF mailing list