ISO/IEC JTC 1/SC 22/WG 23 N 0284
Revised format for language-specific annexes

Date: 2010-09-17
Contributed by: Jim Moore
Original file name:
Notes: Replaces N 0271 per Action Item #15-01

 

Each language-specific annex should have the following heading information and initial sections:

 Annex <language>

(Informative)

Vulnerability descriptions for language <language>

<language>.1 Identification of standards

[This sub-clause should list the relevant language standards and other documents that describe the language treated in the annex. It need not be simply a list of standards. It should do whatever is required to describe the language that is the baseline.]

<language>.2 General terminology and concepts

[This sub-clause should provide an overview of general terminology and concepts that are utilized throughout the annex.]

Every vulnerability description of Clause 6 of the main document should be addressed in the annex in the same order even if there is simply a notation that it is not relevant to the language in question. Each vulnerability description should have the following format:

<language>.<x> <Vulnerability Name> [<3 letter tag>]

<language>.<x>.0 Status, history, and bibliography

[Revision history. This clause will eventually be removed.]

<language>.<x>.1 Applicability to language

[This section describes what the language does or does not do in order to deal with the vulnerability.]

<language>.<x>.2 Guidance to language users

[This section describes what the programmer or user should do regarding the vulnerability.]

In those cases where a vulnerability is simply not applicable to the language, the following format should be used instead:

<language>.<x> <Vulnerability Name> [<3 letter tag>]

This vulnerability is not applicable to <language>.

Following the final vulnerability description, there should be a single sub-clause as follows:

<language>.<x> Implications for standardization

[This section provides the opportunity to discuss changes anticipated for future versions of the language specification.]