W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2001

lock-token

From: Schlee Stefan <ssch@ticon.at>
Date: Mon, 15 Jan 2001 16:03:44 +0100
Message-ID: <CA7A32457BB1D311918500105ABD1A4E81CD@mis.zen.mbau.at>
To: "'w3c-dist-auth@w3.org'" <w3c-dist-auth@w3.org>
Hello,

I hope this question is not too basic for this discussion group. I have read
the DAV spec and browsed through the mail 
archive of this mail list but did not find an answer to the following
question:

Why has the lock-token to be universaly unique?
 
Because it is a property that can be queried by any person, beeing in the
state of posessing a universaly unique token 
does not provide me with a special privileges per se. If I understood the
spec thats why you have to authenticate yourself to make use of a
lock-token.
But than, why use a token at all. Woulde'nt it suffice that the server
registers who has taken a lock on the locked ressource (for example with the
public key of the lock-owner) and require anybody who wants to perform
"critical" operations on the locked ressource to verify his/her identity.

Thanks in advance for helping me, regards

> Stefan Schlee / TI[con]
> 
> 
Received on Monday, 15 January 2001 09:59:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:55 GMT