W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 1997

RE: Access Control Preliminary Draft

From: Dylan Barrell <dbarrell@opentext.ch>
Date: Mon, 16 Jun 1997 08:02:10 -0400
Message-ID: <01BC7A2B.991369E0@cassius.opentext.ch>
To: "'Jon Radoff'" <jradoff@novalink.com>, "w3c-dist-auth@w3.org" <w3c-dist-auth@w3.org>
>5.2 Access Inheritance
>
>It must be possible to assign an access attribute to a collection
>(such as a directory).  By default, resources contained in a collection
>must inherit access attributes from their parent resource.
>
>5.2.1 Rationale
>
>Inheritance of security information between directories and files
>within most file systems behave in this manner.  This promotes an
>orthagonal implementation on the Web.

I think that specifying that the access attributes must inherit from the parent resource will require us to specify too many details regarding the semantics of changing the permissions of the various resources (eg what happens to the children's access attributes when we change those of the parent). I think this should be restated as

"5.2 It must be possible to assign an access attribute to a collection (such as a directory).  The system must assign appropriate default access attributes to resources added to a collection."

5.5.3 and 5.5.4

I don't see the necessity for splitting between locked and unlocked resources when it comes to access control. It must be possible to access a resource for reading when it is locked I would argue in favour of the default action being to allow read access to locked resources.
Received on Monday, 16 June 1997 08:06:14 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:42 GMT