Re: Other comments on draft-ietf-secsh-publickey-subsystem

[Jon Bright <jon%siliconcircus.com@localhost>]

Sam Hartman wrote:
> > > > > > "Jon" == Jon Bright <jon%siliconcircus.com@localhost> writes:
>     >> - I'd rather the "mandatory" attribute of attributes be named
>     >> "critical"...
>
>     Jon> This would change a sentence like "If the server does not
>     Jon> implement a mandatory attribute, it MUST fail the add.." to
>     Jon> "If the server does not implement a critical attribute, it
>     Jon> MUST fail the add..".  The first seems preferable to me.
>
> My personal opinion is that critical is far preferable to mandatory in
> a security protocol.  The usage you seem to be objecting to is quite
> common in PKIX documents and is becoming more common in Kerberos
> documents and other things throughout the security area.
>
> I didn't make the common as an AD because I thought it a bit late, but
> I support this change as an individual.

OK, since everyone seems to want this, I'll change the wording to 
"critical".  I'm still confused about why this is an improvement, though.

In normal English usage, "critical" has several meanings.  One of these 
is "indispensible, essential" (and having looked at several 
dictionaries, that's usually the meaning right before the definitions 
involving nuclear physics begin).  "Mandatory" seems to have only the 
meaning wanted in this document.

Far be it from me to be (ahem) critical of the security area's 
documents, but doesn't "mandatory" express the required meaning in a way 
more easily understood by the uninitiated reader?  Maybe I'm missing 
something...

--
Jon Bright
Silicon Circus Ltd.
http://www.siliconcircus.com