- From: (unknown charset) Greg Stein <gstein@lyra.org>
- Date: Mon, 3 Apr 2000 11:24:05 -0700 (PDT)
- To: (unknown charset) acl@webdav.org, w3c-dist-auth@w3.org
- cc: (unknown charset) jamsden@us.ibm.com
Simple solution: stop cross-posting, and have ACL discussions on the ACL mailing list. Not a big deal, but I think people just aren't used to the presence of a new list. Same issue probably happened with the deltav and dasl lists :-) Cheers, -g On Mon, 3 Apr 2000, Kevin Wiggen wrote: > > Don't think these are making it over..... (in case someone is on one and not > the other) > > Kevin > > -----Original Message----- > From: w3c-dist-auth-request@w3.org > [mailto:w3c-dist-auth-request@w3.org]On Behalf Of jamsden@us.ibm.com > Sent: Monday, April 03, 2000 10:50 AM > To: w3c-dist-auth@w3c.org > Subject: RE: [ACL] Conference call notes, Mar. 31 > > > > > All, upon further thought, I don't feel that authentication should ever > come into the realm of ACLs, since (I'd hope) any authentication is > performed at the HTTP/WebDAV level before any ACL is examinedand that the > ACL "engine" should trust the identity performing operations. In other > words, any principal information in the ACL should be compared against the > principal information for the request (which should already have been > authenticated as a valid principal or re-assigned as an invalid one) > without trying to communicate to an owning "domain server" of that > principal's domain. > <jra> > I agree with this. > </jra> > > > > _______________________________________________ > acl mailing list > acl@webdav.org > http://mailman.webdav.org/mailman/listinfo/acl > -- Greg Stein, http://www.lyra.org/
Received on Monday, 3 April 2000 14:18:49 UTC