W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2001

Last Call: Access Control Protocol

From: Jim Whitehead <ejw@cse.ucsc.edu>
Date: Fri, 9 Nov 2001 17:08:32 -0800
To: "WebDAV" <w3c-dist-auth@w3.org>
Message-ID: <AMEPKEBLDJJCCDEJHAMICEEPDLAA.ejw@cse.ucsc.edu>
** WORKING GROUP LAST CALL FOR COMMENTS ***

From June 21 to August 3, 2001, the WebDAV Working Group held a last call
for comments period on the -06 version of the WebDAV Access Control
Protocol. During the last call period, several working group members
performed detailed reviews of the document. Their feedback has now been
incorporated into the -07 version of the Access Control Protocol.

Additionally, since the submission of the -06 version of the protocol
specification, some early implementation experience indicated the need for a
simple query mechanism to locate principals, since the use of hierarchy to
organize principals was insufficient for large numbers of principals. Hence,
the -07 version contains additional functionality not found in the -06
version that went through last call. Due to this, an additional, shorter
last call period is being held to solicit review of the -07 specification.

From the abstract of the -07 specification:

   This document specifies a set of methods, headers, and
   message bodies that define Access Control extensions to
   the WebDAV Distributed Authoring Protocol. This protocol
   permits a client to read and modify access control lists
   that instruct a server whether to allow or deny operations
   upon a resource (such as HTTP method invocations) by a
   given principal.

I fully expect this to be the absolutely final call for comments from the
WebDAV working group on the WebDAV Access Control Protocol,
draft-ietf-webdav-acl-07, prior to sending it along to the IESG for
approval.  This last call
for comments period begins immediately, and ends December 3, 2001, at
midnight,
US Pacific time.  This allows over three weeks for review of the
specification.

The latest revision of the WebDAV Access Control Protocol was submitted as
an Internet-Draft today, and should appear in the Internet-Drafts directory
in the next few days. In the meanwhile, it can be accessed at:

Text (this is the normative version)
http://www.webdav.org/acl/protocol/draft-ietf-webdav-acl-07.txt

HTML:
http://www.webdav.org/acl/protocol/draft-ietf-webdav-acl-07.htm

PDF:
http://www.webdav.org/acl/protocol/draft-ietf-webdav-acl-07.pdf

Word (with change tracking active):
http://www.webdav.org/acl/protocol/draft-ietf-webdav-acl-07-tracked.doc


At the end of the last call review period, a new draft may be issued.
Depending on the scope of changes introduced between the -07 and -08
versions, there will either be an immediate call for rough consensus (very
few changes), or a second last call review period (significant changes).
Once the document represents the rough consensus of the working group, I
will submit this document to the Internet Engineering Steering Group (IESG)
for their approval.  IESG review involves a (minimum) two week public last
call for comments period.  This IESG-initiated last call period is in
addition to the working group last call period.

This document is intended to be a "Proposed Standard".  Quoting from RFC
2026, "The Internet Standards Process -- Revision 3":

   The entry-level maturity for the standards track is
   "Proposed Standard". A specific action by the IESG
   is required to move a specification onto the standards
   track at the "Proposed Standard" level.

   A Proposed Standard specification is generally stable,
   has resolved known design choices, is believed to be
   well-understood, has received significant community
   review, and appears to enjoy enough community interest
   to be considered valuable.  However, further experience
   might result in a change or even retraction of the
   specification before it advances.

   Usually, neither implementation nor operational experience
   is required for the designation of a specification as a Proposed
   Standard.  However, such experience is highly desirable, and
   will usually represent a strong argument in favor of a
   Proposed Standard designation.

Many details on the procedures used to develop an IETF standard can be
found in RFC 2026, available at: http://www.ietf.org/rfc/rfc2026.txt

If there are any procedural questions or concerns, please do not hesitate
to contact me, or raise an issue on the list.

Notes:

1) Issues raised during the last call period will be resolved individually,
rather than lumped together and dealt with as a whole.

2) If you've been waiting for a "stable" version of the specification before
performing a review, wait no longer.  This is it.  Please review the
specification NOW in order to ensure your input gets included.

- Jim Whitehead
Received on Friday, 9 November 2001 20:08:43 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:59 GMT