W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2001

RE: RFC2518 issue with lockdiscovery/activelock/owner

From: Clemm, Geoff <gclemm@rational.com>
Date: Thu, 27 Sep 2001 10:12:34 -0400
Message-ID: <3906C56A7BD1F54593344C05BD1374B1046525E2@SUS-MA1IT01>
To: Webdav WG <w3c-dist-auth@w3c.org>
Having a server capture and make available principal information
of this kind is a privacy and security problem, which is why
it is defined to be client controlled.  If a server ignores what
the client has requested, and stores more information
(or even just a different format), this could violate the user's
privacy/security wishes.

Cheers,
Geoff

-----Original Message-----
From: Julian Reschke [mailto:julian.reschke@gmx.de]
Sent: Thursday, September 27, 2001 9:08 AM
To: Clemm, Geoff; Webdav WG
Subject: RE: RFC2518 issue with lockdiscovery/activelock/owner


a) The principal that requested the LOCK (if known).
b) It might provide a user with contact information.

> -----Original Message-----
> From: w3c-dist-auth-request@w3.org
> [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Clemm, Geoff
> Sent: Thursday, September 27, 2001 3:00 PM
> To: Webdav WG
> Subject: RE: RFC2518 issue with lockdiscovery/activelock/owner
> 
> 
> How do you define "the actual owner of a lock" in an interoperable way?
> What would a client do with that information?
> 
> Cheers,
> Geoff
> 
> -----Original Message-----
> From: Julian Reschke [mailto:julian.reschke@gmx.de]
> 
> I would be interested to work on this definition. I think it's essential
> that a server can provide enough information to a client to discover the
> actual owner of a lock, no matter whether and what *his* client has
> submitted as DAV:owner. First tests show that extending 
> DAV:activelock with
> new child elements didn't have any negative impact of MS Office and Adobe
> GoLive.
> 
Received on Thursday, 27 September 2001 10:13:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:56 GMT