W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 1997

Re: ACL Draft

From: Larry Masinter <masinter@parc.xerox.com>
Date: Thu, 23 Oct 1997 00:55:10 PDT
Message-ID: <344F02DE.F2E1D52C@parc.xerox.com>
To: Paul Leach <paulle@microsoft.com>
CC: hep@netscape.com, "'Sukanta Ganguly'" <sganguly@novell.com>, Yaron Goland <yarong@microsoft.com>, w3c-dist-auth@w3.org
The classical protection models are more difficult for users
to reason with than booleans, since you're saying "who", but
"who" is just one of many dimensions that go into determining
the access policy.

Access policies are a kind of dynamic content that a client
sends to the server in order to determine the server's future
behavior in granting access. We're just trying to settle on
what the minimum library is that every implementation of
the dyanmic-access-policy feature must support. Classical
protection model isn't good enough, but probably extending
it to at least have predicates for source host & IP address
would satisfy current web users. Servers that allowed more
flexible policies could also be supported.

Larry
-- 
http://www.parc.xerox.com/masinter
Received on Thursday, 23 October 1997 04:05:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:44 GMT