Re: URL critical extensions (Was: draft-ietf-ldapbis-url-04.txt comments)

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 11:23 AM 12/16/2003, Mark Smith wrote:
>Kurt D. Zeilenga wrote:
>>
>>I would prefer to use language like to that of governing
>>criticality of controls:
>>    If the extension is recognized it implementation MUST make
>>    use of it.  Otherwise (the extension is not recognized),
>>    the implementation MUST error if critical and MUST ignore if
>>    if not critical.
>
>I am OK with this suggestion.  Note that the current text we are replacing uses SHOULD in some places, e.g., "The client SHOULD obey supported extensions that are non-critical."  I am not sure if the interoperability concerns are high enough to warrant the use of MUST... but the same rationale that was applied to the protocol document probably applies here as well.

And security considerations.

Say someone adds an URL extension "starttls" which means
to Start TLS.  I would think it unwise to ignore "!starttls".
Given that ! means critical, I think MUST is quite appropriate.

Kurt