Hey Spdx-tech@,

I created a small issue [1] that describes a hypothetical extension,
which in my mind does not behave well, if a downstream consumer does not
understand the semantics.

I still think that extensions should to be in their own optional profile
(see [2]) and potentially also excluded from the integrity checking via
canonicalization.

Best
Max

[1] https://github.com/spdx/canonical-serialisation/issues/10
[2] https://github.com/spdx/spdx-3-model/issues/47

--
TNG Technology Consulting GmbH, Beta-Str. 13a, 85774 Unterföhring
Geschäftsführer: Henrik Klagges, Dr. Robert Dahlke, Thomas Endres
Aufsichtsratsvorsitzender: Christoph Stock
Sitz: Unterföhring * Amtsgericht München * HRB 135082