| Working Group: | FAPI | |
| Authors: | Nat Sakimura (NAT.Consulting) | Edmund Jay (Illumila) |
| Date: | 2023-06-22 |
Guidelines for drafting OIDF specifications
This document is not an OIDF International Standard. It is distributed for review and comment. It is subject to change without notice and may not be referred to as an International Standard.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to provide supporting documentation.
The OpenID Foundation (OIDF) promotes, protects and nurtures the OpenID community and technologies. As a non-profit international standardizing body, it is comprised by over 160 participating entities (workgroup participant). The work of preparing implementer drafts and final international standards is carried out through OIDF workgroups in accordance with the OpenID Process. Participants interested in a subject for which a workgroup has been established have the right to be represented in that workgroup. International organizations, governmental and non-governmental, in liaison with OIDF, also take part in the work. OIDF collaborates closely with other standardizing bodies in the related fields.
Final drafts adopted by the Workgroup through consensus are circulated publicly for the public review for 60 days and for the OIDF members for voting. Publication as an OIDF Standard requires approval by at least 50% of the members casting a vote. There is a possibility that some of the elements of this document may be subject to patent rights. OIDF shall not be held responsible for identifying any or all such patent rights.
The keywords "shall", "shall not", "should", "should not", "may", and "can" in this document are to be interpreted as described in ISO Directive Part 2 [ISODIR2]. These keywords are not used as dictionary terms such that any occurrence of them shall be interpreted as keywords and are not to be interpreted with their natural language meanings. They are all in lower case to rule out the dictionary meaning use of these words so that they can be translated easily. Following is a summary of the keywords.
| Kind | Keywords |
|---|---|
| Requirement | shall, shall not |
| Recommendation | should, should not |
| Permission | may |
| Possibility | can, cannot |
Writing clearly and unambiguously is essential for the drafting of specifications. This document takes a best practice that we have learnt in the past few decades and codifies them. Part 1 mainly aligns with the ISO Directive part 2, which takes particular care of the translatability of the document.
The scope of this document is
The targeted audience of this document is the people who will be an author of OIDF documents.
This document uses the following terms as the shortcut for complete wording provided as the definition. When the term appears within this document, it should be read as being replaced by the term.
The format of this clause is as follows.
| HTML | – hypertext markup language |
| OIDF | – OpenID Foundation |
| ISO | – International Standard Organization |
The documents following this directive shall use the following keywords to express requirement, recommendation, permission, and possibility.
| Kind | Keywords |
|---|---|
| Requirement | shall, shall not |
| Recommendation | should, should not |
| Permission | may |
| Possibility | can, cannot |
Do not use “may” instead of “can”. “May” signifies permission expressed by the document, whereas “can” refers to the ability of a user of the document or to a possibility open to them.
In the cases where these keywords cannot be used for linguistic reasons, documents can use the equivalent phrases presented in Tables 3 to 7 of ISODIR2.
Unlike in the case of IETF, all keywords appear in small caps. This is because mixing SHALL, Shall, and shall make it extremely difficult to translate them into a language that does not have the notion of capital and small cases.
This means these keywords cannot be used in dictionary senses, which makes it possible to write more precisely.
NOTE: Alternatively, you may use RFC2119 keywords if you are drafting in IETF style. Just be mindful not to use small case versions of these keywords as it will make it difficult to translate.
Title is a mandatory element.
Title shall have “draft” or “implementer’s draft” when it is not final.
Title should have its version number.
While the document is still not final, the title shall not have “OpenID” in it except when it is an extension/profile/binding of existing OpenID final specifications.
Example: An entirely new (hypothetical) protocol draft “Avian carriers” is not allowed to use “OpenID Avian carriers” as its title, while “Avian carriers binding for OpenID Connect” is allowed.
This entry is not numbered.
Abstract is an element that explains the content briefly. It is an optional element.
This entry is not numbered.
This is a mandatory element while the document is still a draft or implementer’s draft.
This entry is not numbered. When the correct template is used with pandoc, it will be automatically inserted.
This is a mandatory element for all drafts, implementer’s drafts, and final specifications.
When the correct template is used with pandoc, it will be automatically inserted.
Clause 1 shall always be “1. Scope”. This clause explains what is in this document concisely and the targeted audience.
The scope clause gives the readers a compact description of what this document provides. Typically, it is drafted as a sentence split into several bullet points.
See clause 1 of this document to see an example.
This clause is mandatory.
Clause 2 shall always be “2. Normative references”. This clause lists all the documents that are essential to implement the requirements in this document. All other references shall be recorded in the Informative reference section at the end of this document.
Normative references section provides the list of documents that are essential to fulfil the requirements in this document. In other words, all the documents that are referred to with a “shall” shall be listed in this section.
Also, if the document includes the definition of another document, the document cannot be read without the included document. Therefore, such documents go into the normative reference.
This clause is mandatory.
This document uses the following terms as the abbreviation for complete wording provided as the definition. When the term appears within this document, it should be read as being replaced by the term.
Figure 1 — The first paragraph in clause 3
NOTE: it will be automatically inserted if draft-template.html is used as the template for pandoc processing.
What this means is that if a term “finibus” was defined as “De Finibus Bonorum et Malorum”, then if “finibus” appeared in the text, it will be replaced with “De Finibus Bonorum et Malorum”. For example, when the text was:
Lorem ipsum is typically a corrupted version of Cicero’s “finibus”, with words altered, added, and removed to make it nonsensical, improper Latin.
a reader will read it as:
Lorem ipsum is typically a corrupted version of Cicero’s “De Finibus Bonorum et Malorum”, with words altered, added, and removed to make it nonsensical, improper Latin.
When there is ambiguity in the dictionary meaning of a term, it would be necessary to specify which definition is to be used in the document. For this, the editors should create an entry into clause 3.
EXAMPLE:
When a term is defined, then any occurrence of the term should be able to be replaced by the definition. Because of this, there are several requirements on how terms and definitions are to be drafted.
A term
A definition
It is advisable not to define a single word as it will make it not possible to use the word in a dictionary sense.
Editors are advised to replace all the defined terms in the document with the respective definitions and see if it reads well.
This clause is optional.
The main content of the text appears in clause 5 and after. It can span multiple clauses and subclauses.
When concepts are needed to be explained, do it here and after. Do not explain concepts in terms and definitions.
Security considerations is a mandatory clause.
Privacy considerations are a mandatory clause.
When appropriate, authors should write a clause on equity considerations. Considerations on accessibility, possible biases, etc. usually goes in here.
Appendixes are used to collect and present data, examples, etc. It is customary to list contributors in one of the appendices, so a document usually has at least one appendix.
During the drafting period, change history is also collected in the appendix.
When drafting the document, the editor should make sure that the language is simple and clear. This is particularly important as it will be a second language for many readers. In many cases, they have to rely on translations, and translations become harder as the sentence complexity rises.
To achieve the above goal, editors
When showing compliance to a specification, one needs to be able to point to the provision exactly.
To achieve it, labelling them with a unique identifier is useful. Therefore,
Readers can refer to these provisions as 7.2-1 and 7.2-2.
It is possible to insert a paragraph, and then continue the numbers.
Footnotes are possible. For example, RFC67491 can have the footnote as in this example.
Automatic numbering of clauses and subclauses are possible. To do so, use ‘-N’ commandline option for pandoc.
When using automatic numbering, make sure to put {.unnumbered} or {-} selector for the “Introduction”.
To create an HTML version of the document, use the following pandoc command.
% pandoc --toc -c site.css --template=draft-template.html -f markdown -t html -s --embed-resources -o outputfile.html inputfile.md where
Make sure that you are using the correct pandoc installation to convert the markdown file to HTML. If a compromised pandoc installation is used, it is possible that a malware code is to be included in the generated HTML file.
This document contains the authors’ and contributors’ names and contact.
This document was developed by OpenID Foundation.
Without the contribution of the following people, this document would not have been created.
Authors/Editors
Contributors
RFC6749 - Hardt, D.:OAuth Authorization Framework 2.0↩︎
Copyright (c) 2023 The OpenID Foundation.
The OpenID Foundation (OIDF) grants to any Contributor, developer, implementer, or other interested party a non-exclusive, royalty free, worldwide copyright license to reproduce, prepare derivative works from, distribute, perform and display, this Implementers Draft or Final Specification solely for the purposes of (i) developing specifications, and (ii) implementing Implementers Drafts and Final Specifications based on such documents, provided that attribution be made to the OIDF as the source of the material, but that such attribution does not indicate an endorsement by the OIDF.
The technology described in this specification was made available from contributions from various sources, including members of the OpenID Foundation and others. Although the OpenID Foundation has taken steps to help ensure that the technology is available for distribution, it takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this specification or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any independent effort to identify any such rights. The OpenID Foundation and the contributors to this specification make no (and hereby expressly disclaim any) warranties (express, implied, or otherwise), including implied warranties of merchantability, non-infringement, fitness for a particular purpose, or title, related to this specification, and the entire risk as to implementing this specification is assumed by the implementer. The OpenID Intellectual Property Rights policy requires contributors to offer a patent promise not to assert certain patent claims against other contributors and against implementers. The OpenID Foundation invites any interested party to bring to its attention any copyrights, patents, patent applications, or other proprietary rights that may cover technology that may be required to practice this specification.