W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2002


From: Clemm, Geoff <gclemm@rational.com>
Date: Tue, 15 Jan 2002 10:43:40 -0500
Message-ID: <3906C56A7BD1F54593344C05BD1374B1056E1A55@SUS-MA1IT01>
To: w3c-dist-auth@w3c.org
Developing a standard format for the DAV:owner field would
be fine with me.  This addresses the client/client interoperability
problem without introducing the overhead and security hole
that capturing and displaying a "principal" introduces.
The ability to submit "bogus" information is a security feature,
not a bug.


-----Original Message-----
From: Julian Reschke [mailto:julian.reschke@gmx.de]

> From: w3c-dist-auth-request@w3.org
> [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Lisa Dusseault
> Sent: Monday, January 14, 2002 8:26 PM
> To: Clemm, Geoff; w3c-dist-auth@w3c.org
> ...
> No, this info is not necessarily available in the DAV:owner
> field.  Because
> the client can submit this field, the client can submit bogus information,
> and it's not necessarily possible for the server to decide if the
> information is bogus.

Furthermore, there is no standard format for this information, but this
would be needed for a interoperability.
Received on Tuesday, 15 January 2002 10:44:44 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:24 UTC