W3C home > Mailing lists > Public > public-ldp-wg@w3.org > November 2012

Re: LDP with Access Control, or future LDPS(ecure)?

From: Andy Seaborne <andy.seaborne@epimorphics.com>
Date: Wed, 14 Nov 2012 11:04:27 +0000
Message-ID: <50A37ABB.2090404@epimorphics.com>
To: public-ldp-wg@w3.org


On 12/11/12 20:48, Henry Story wrote:
> Luckily Access Control is orthogonal to LDP

I hope that's true but I don't see why it must be so.

The LDP spec covers operations on resources and containers and does not 
mention access control.

Use case: I create bugReportSecurity57 about a security issue.  I want 
it restricted because the information contained allows an attacker to 
exploit the security hole.  Bug reports are normally publicly readable.

What is the operation flow to create a secure bug report if normally bug 
reports are publicly readable?  (if they are not by default publicly 
readable, what operation on them makes them so?)

Or concretely: what triples are PUT where?

	Andy
Received on Wednesday, 14 November 2012 11:05:11 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:11:42 UTC