Would you then remove the definitions of "fail", "softfail", etc. from
the auth-header I-D and instead reference back to the definitions
found in the method's spec?
My vote would be to NOT do that but to attempt somehow to define all likely
and practical results into a set of codes (like has been done already with
"fail", "pass", etc). If it's not possible to fit a certain mechanisms
result EXACTLY into one of these definitions then more specificity can be
given in the comment mechanism following the code (but this would
necessarily be non-standardized and thus probably insufficient for computer
programs in an "if" statement but at least it could be displayed to the end
user). Humm....
If not, what are you going to do about the conflicting semantics
of each term defined by the various specs?
It seems that generally one of the defined result codes will fit and any
nuances can be cleared up in the comments?
--
Arvel