At the IETF meeting, I raised the possibility of adopting a really simple access control model -- for example 1. No principal hierarchy (i.e. user/group) 2. Principals identified only by digital certificates 3. Small fixed set of rights 4. No ACL inheritance (either static or dynamic) 5. Only creator of resource can set its ACL As I understood it, a number of people seemed to assert, that independent of the exact details, there were inherent unresolvable problems in adopting something simple. Would someone be kind enough to elucidate those reasons? -- EllisReceived on Wednesday, 17 December 1997 16:07:55 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:44 GMT