I am OK for alst call with the whole document except one
security related point.
section 4.
I think that MUSTs should be replaced by SHOULDs.
This section 4 lists requirments for a
"SMTP Adaptation with Open Pluggable Edge Services (OPES)"
document.
There are four MUST requirements.
The first two are the MUST of an OPES system for OPES/SMTP to
add trace info.
This is in compliance with the application agnostic requirement
of RFC 3897 that OPES systems must add trace information.
RFC 4236 (OPES/HTTP) defines the same MUST.
I don't think we have an option to make this a SHOULD now.
The other two requirements define that the SMTP adaptation draft
must define these two bypass techniques.
It does not require that an OPES system must support these
techniques.
I can make this more obvious by writing:
o The OPES/SMTP specifications MUST define a bypass request option
that can be included in mail messages
o The OPES/SMTP specifications MUST define a bypass request option
as an extension for SMTP dialogs
section 5.
We should mention that there is a security problem of these
SHOULDs are not enforced.
The reason why is to permit OPES applications where there is
no trace on mails. In particular for reverse security reasons
(I do not want to disclose my protection strategy to protect it).
jfc
Martin