diff --git a/Makefile b/Makefile
index 9d5937ec2..215bfd5af 100644
--- a/Makefile
+++ b/Makefile
@@ -4,6 +4,7 @@ DOC_FILES := \
 	README.md \
 	code-of-conduct.md \
 	principles.md \
+	policy.md \
 	ROADMAP.md \
 	implementations.md \
 	bundle.md \
diff --git a/README.md b/README.md
index e838b0188..1c0dd3d58 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,7 @@
 Table of Contents
 
 - [Container Principles](principles.md)
+- [Specification Policies](policy.md)
 - [Filesystem Bundle](bundle.md)
 - Configuration
   - [Container Configuration](config.md)
diff --git a/policy.md b/policy.md
new file mode 100644
index 000000000..85f5d55cc
--- /dev/null
+++ b/policy.md
@@ -0,0 +1,19 @@
+# Policies and conventions
+
+## Traditionally hex settings should use JSON integers, not JSON strings
+
+The config JSON isn't enough of a UI to be worth jumping through string ↔ integer hoops to support an 0x… form ([source][integer-over-hex]).
+
+## Constant names should keep redundant prefixes
+
+For example, `CAP_KILL` instead of `KILL` in [**`linux.capabilities`**][capabilities]).
+The redundancy reduction from removing the namespacing prefix is not useful enough to be worth trimming the upstream identifier ([source][keep-prefix]).
+
+## Optional settings should have pointer Go types
+
+So we have a consistent way to identify unset values ([source][optional-pointer]).
+
+[capabilities]: config-linux.md#capabilities
+[integer-over-hex]: https://github.com/opencontainers/specs/pull/267#discussion_r48360013
+[keep-prefix]: https://github.com/opencontainers/specs/pull/159#issuecomment-138728337
+[optional-pointer]: https://github.com/opencontainers/specs/pull/233#discussion_r47829711