>up in the Requirements draft. If you have other issues that you >think should be discussed, please send them to me. Two major issues for access control in authoring situations is a) the partitioning of users and the type of operations that these users can perform, and b) State of the objects and the transactions being performed on these objects > >1. Should an access control specification attempt to encompass any > of the following: > > a) Potential extensions to HTTP; > b) A server-based API approach; > c) A file-oriented specification (e.g., an Access Control List > specification for the Web). All of this should fall out from a better understanding of the requirements. In any case, APIs have not been traditionally successful in IETF like settings. Also, in the context of proxies, gateways, etc. dealing with the protocol implicatin is lot more important. So perhaps we can focus there first. File oriented specification is a start but web objects are not just files. Sankar Virdhagriswaran p. no: 508 371 0404Received on Tuesday, 13 May 1997 08:38:48 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 12 October 2007 17:53:07 GMT