Section 2.3 Resources
"Each section defines with operations are supported... " typo. with => which
It would be helpful if there were non-normative examples urls for illustration. I realize that since the REST responses are supposed to be self-documenting for discovery, specifying the URL patterns should not be part of the normative text. Including examples in the normative sections 2.3.* might be confusing to keep normative separate from nonnormative, but perhaps a new examples section that follows the normative 2.3.* text?
For example, what is the REST entry point referred to in 2.3.1? For a PDP at http://pdp.example.com/v1/, is the REST entry point described in 2.3.1 http:/pdp.example.com/, which will list the v1 url as one of the interfaces provided by that server and only that server? Or is the REST entry point an entirely separate service entity (http://discover.example.com) which lists available PDP (and other) interfaces on all servers?
Section 2.3.1 REST Entry Point uses HTTP GET to obtain information about what services / interfaces are available. Isn't that the job of the HTTP OPTIONS method?
Should section 2.3.1 mention anything about best-practices such as filtering results to only return links to services that the client credentials are authorized to use? If an organization has multiple PDPs running, and some of them are domain specific and only accessible to certain clients, it could be considered a breach of disclosure if the REST Entry Point returned all the PDP services links, including links to services that the client can't access.