W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2001

ACL proposal comments

From: Alan Kent <ajk@mds.rmit.edu.au>
Date: Wed, 4 Jul 2001 19:10:18 +1000
To: WebDAV <w3c-dist-auth@w3.org>
Message-ID: <20010704191018.A11885@io.mds.rmit.edu.au>
Not being bamboozeled enough by DeltaV, I thought I would read the ACL spec
reported recently. The good news (to me), is it made sense and seemed
quite clear etc. Otherwise I am so far gone I cannot tell the difference! ;^)

One comment - it says that XML namespace semantics are the same as those
of WebDAV. Talking to people locally seems to indicate that the WebDAV
interpretation of XML namespaces is not conformant to the XML namespace
recommendation. Should ACL base the namespace interpretation on WebDAV,
or on the XML namespaces specification? The ACL spec explicitly references
the WebDAV RFC by number, so if a new WebDAV spec came along supporting
the "official" XML namespace interpretation, then the spec would be out
of date already. (Not a big deal - and probably no solution.)

The difference is WebDAV says you concatenate the namespace URI to the
element name to form a single string. What I have been told of the official
XML namespace recommendation is that the two values must be kept separate
during comparisons. It is not valid to concatenate them. One syntax that
has been used to help represent this is {DAV:}owner to represent the
element 'owner' in the 'DAV:' namespace.

Other minor points - some places use principle URLs of /_acl/users/foo
and others use /users/foo. Both are probably correct. I am wondering if
it might avoid confusion if the same format is used throughout the document.
I saw it and wondered if they were the same sort of URL or something

5.6.1 had a *very* minor typo (/_acl/users and /_acl_groups). The last '_'
should be a slash. (Ok, just prooving I read it all 8-)

General comment - its seems reasonably complex. This may be necessary,
but there is a fair bit to implement. Some more motivation may be nice.
For example, I was not sure why inheritance was useful. Also the
description of principles and collection principles was pretty confusing
until the example called some of the collection principles GRPA and
GRPB. Some more examples of how it may be used helps clear things up.

Yes, and I noticed the slightly contraversial inclusion of something
else in <D:resourcetype> other than just <D:collection/>.

Received on Wednesday, 4 July 2001 05:10:56 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:23 UTC