Errata for draft-ietf-nfsv4-acl-mapping-03.txt:
1. In section 4, ACE4_READ_NAMED_ATTRIBUTES and ACE4_WRITE_NAMED_ATTRIBUTES
   were left out of the list of bits not to be cleared when inverting the
   bitmask.

 ACE after each ALLOW ACE for OWNER@, EVERYONE@, or any named user.  The DENY
 ACE should have the same entity and flags as the corresponding ALLOW ACE.
 The bitmask on the DENY ACE should be the bitwise NOT of the bitmask on the
-ALLOW ACE, except that the ACE4_WRITE_OWNER and ACE4_DELETE bits should be
-cleared, and the ACE4_DELETE_CHILD bit should be cleared on non-directories.
+ALLOW ACE, except that the ACE4_WRITE_OWNER, ACE4_DELETE,
+ACE4_READ_NAMED_ATTRIBUTES, ACE4_WRITE_NAMED_ATTRIBUTES, and
+ACE4_DELETE_CHILD bits should be cleared on non-directories.
 (Also, in the xdr-encoded ACL that is transmitted, all bits not defined in the
 protocol should be cleared.)
 .IP 3)