5.1 Basic use ----------------------------------
When modifying an organisation object the update should pass authorisation checks specified by one of the mntners listed in "mnt-by:" attributes of the organisation object.
s/should/must/ It would not just be convenient, it is a requirement.
When adding an "org:" attribute to an object, the update of the object should pass the following authorisation checks:
- from one of the mntners of the referenced organisation object - from one of the mntner objects that protect the referencing object
Again, s/should/must/. Secondly, it should be made explicit whether there is supposed to be an "and" or an "or" between the two items in the list (I assume there's an "and"). (Incidently, basically the same comment can be made about e.g. the document defining the IRT object, and I would not be surprised if the same comment applies to other documents -- this section seems like an instantiated boilerplate...) I have another comment too, and I wonder if the extension of the semantics of the "mnt-by" attribute to also cover creating a reference to the organization object is wise. I think (I may be wrong) that up until now, the "mnt-by" attribute has had the clear cross-object-type semantics of only protecting updates to the object where that particular mnt-by attribute is located. I wonder if it would not be a good idea to separate out the authorization information about who can reference the org object from the authorization information for who can update the object itself? There is precedent for splitting out this authorization information, ref. the IRT object. Thirdly, would it be a good idea to include "country" as a separate attribute, and not just have it "assumed to be part of the free-text address attribute"? Regards, - HÃ¥vard