W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2001

RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS

From: Jason Crawford <ccjason@us.ibm.com>
Date: Fri, 24 Aug 2001 13:30:26 -0400
To: Webdav WG <w3c-dist-auth@w3c.org>
Message-ID: <OFA5AC3F45.C8F453BF-ON85256AAF.0069DAC9@pok.ibm.com>


Just so it doesn't get overlooked....  do we agree with what Geoff has said
below?

J.

------------------------------------------
Phone: 914-784-7569,   ccjason@us.ibm.com


"Clemm, Geoff" <gclemm@Rational.Com>@w3.org on 08/21/2001 12:18:30 AM

Sent by:  w3c-dist-auth-request@w3.org


To:   Webdav WG <w3c-dist-auth@w3c.org>
cc:
Subject:  RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS


Well, that's a really easy change, i.e. all you have to do is
absolutely nothing (:-).  Currently, section 11 in 2518 places
no constraints on who can do an UNLOCK operation (i.e. if you
can discover the lock token, you can request an UNLOCK).  The ACL spec
introduces ways to constrain who can do an operation.  So we're done (:-).

Cheers,
Geoff

-----Original Message-----
From: Jason Crawford [mailto:ccjason@us.ibm.com]
Sent: Monday, August 20, 2001 11:57 PM
To: Webdav WG
Subject: RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS





It sounds like we might have consensus opinion that the power to unlock
someone else's locked resource should be under ACL control.   Could someone
that feels strongly about this propose a wording and placement in 2518 that
makes this proposal concrete?

Thanks,

J.

------------------------------------------
Phone: 914-784-7569,   ccjason@us.ibm.com
Received on Friday, 24 August 2001 13:45:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:56 GMT