W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 1997

Re: WEBDAV Security

From: -=jack=- <jack@twaxx.twaxx.com>
Date: Thu, 1 May 1997 10:59:15 -0700 (PDT)
To: Jon Radoff <jradoff@novalink.com>
cc: "Ron Daniel, Jr." <rdaniel@lanl.gov>, w3c-dist-auth@w3.org
Message-ID: <Pine.SGI.3.95.970501105611.26909F-100000@twaxx.twaxx.com>
> as a "subcomponent."  This is a component of the overall technology
> that should stand on its own.
------------------
True...



> An approach that could be taken would be to specify an
> interface standard that would pass authentication data (user, realm,
> etc.) to a component that would be responsible for obtaining
> authorization information, e.g.:
> 
>   1.  Application-layer:  "Is 'user' allowed to do 'x'?"
> 
>   2.  Interface communicates with seperate component, which could
>       be a module which would respond appropriately yet pull its
>       information from whatever means of access control are in
>       place (native OS, Web-server control lists, passwd files, etc.)
>  
>   3.  Underlying component does its thing, reports back to the
>       interface, and the application is told by the interface whether
>       the user is authorized or not.
------------------
This is nice.


> If interoperability is the goal, then the focus should be specifying
> an _interface_ rather than yet another ACL methodology.
---------------------------
Agreed



> If this sort of direction seems to be of interest, I've written
some
> experimental API's that implement such a concept which could serve as
> as a starting point.  I had previously planned to probe for interest
> in discussing this as its own subject but if the momentum is here,
> I am happy to go with it :)
---------------

No reason not to have a look, the API is of primary concern.

-=jack=-

(This text composed by voice)
Received on Thursday, 1 May 1997 13:57:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:42 GMT