[Ietf-not43] 3.2.3 & 3.2.5 requirements

[Ted Hardie]

Andy quoted, then went on to write:
> > I think SHOULD makes sense here, in its guise as "ought to, unless you
> > have a very good reason not to".  A good reason not to having hosting
> > nameservers, for example, is that activation status is "Deleted", "pending"
> > or some similar non-operational state.  Billing info for deleted entries
> > might also be inappropriate, even if a service continued to provide
> > an entry like "deleted".  As an example, NASA asked a service using
> > its name outside of the bound of the space act of 1952 to desist doing
> > so; I can see maintaining a listing of that domain as "deleted"
> > so that someone debugging knows that it is deliberately gone.
> 
> I don't disagree with what you are saying.  However the MUST really
> should be in terms of what the protocols (that make up the service)
> should support.  Which elements are or are not included will most likely
> depend on site policy.

I agree that the service MUST be able to provide the pieces listed.
I think we both agree that there are times when some elements won't
make sense.  It may be the correct thing to do isn't to omit
the elements, but to emit them with null values; this strategy
can be used when an authorization threshold isn't met, the state
doesn't usefully carry the resulting data, and so on.

I'm also not entirely sure that "site policy" is the right way to
describe the test for when something should and shouldn't be present.
The way I see it, the eventual service description should say
something like "when authorization is below the trusted level, the
service should do X".  Sites determine when authorization is below
the trusted level, but don't determine X when the condition is met.
If there are choices, those need to be spelled out or bounded (so
"return an error or re-present credential challenge" or
"notify service management" both work, even though how notifying
service management works isn't described).

Does this make sense?
			regards,
					Ted Hardie