W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 1997

Simple Access Control

From: Ellis Cohen <ellis@crystaliz.com>
Date: Wed, 17 Dec 1997 16:13:27 -0500
Message-ID: <34984077.785A@crystaliz.com>
To: w3c-dist-auth@w3.org
At the IETF meeting, I raised the possibility of adopting
a really simple access control model -- for example

1. No principal hierarchy (i.e. user/group)
2. Principals identified only by digital certificates
3. Small fixed set of rights
4. No ACL inheritance (either static or dynamic)
5. Only creator of resource can set its ACL

As I understood it, a number of people seemed to assert,
that independent of the exact details, there were inherent
unresolvable problems in adopting something simple.

Would someone be kind enough to elucidate those
reasons?

  -- Ellis
Received on Wednesday, 17 December 1997 16:07:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:44 GMT