[Ietf-not43] Suggestions of changes to the requirements document

[Andrew Newton]

Vittorio,

> I hope I understood correctly the "must not prohibit" statement in
> 3.1.4.1 - basically you can't mandate support for access privileges
> here, because it's a matter of the provisioning side, but you have to
> be certain that the retrieval protocol will not have any
> characteristic that prevents the operator from implementing such
> support. Perhaps the only slight change I'd do is "types of access to
> each piece of data" in the second line, to make sure that we are
> talking of privileges that are customizable at a granular level. Don't
> know if "piece of data" is English, though :-)

Would it be ok just to say: ...MUST NOT prohibit an operator from 
assigning multiple types of access to granular data...

Otherwise, the other works.

> Also, I'm wondering whether in 3.2.11.1 you should say "at least in
> one of the following ways", rather than "in one of three ways"; you
> would then allow for additional types of reasons to be specified by
> the protocol. (Perhaps you would allow also for non-standard
> extensions done by the operator/implementor, unless you rule them out
> by adding another sentence there.)

Good point.  We just want to point out the minimum set, but there 
doesn't seem to be a reason to limit it to just three.

> Anyway, it seems great (obviously much better than mine). Thanks.

Thanks.

-andy