W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2002

RE: read/write privileges

From: Clemm, Geoff <gclemm@rational.com>
Date: Sat, 23 Feb 2002 18:53:37 -0500
Message-ID: <3906C56A7BD1F54593344C05BD1374B105E4DA6F@SUS-MA1IT01>
To: w3c-dist-auth@w3c.org
This definition is an attempt to provide some (minimal) common 
semantics to DAV:read and DAV:write.  Without this definition,
some servers would implement them as orthogonal privileges,
and others would (as you suggest) implement DAV:write as a
composite privilege that includes DAV:read.

There are some cases where
it is reasonable to give DAV:write but not DAV:read privilege to
a resource (e.g. a "closed-bid" resource that you can append to,
but not see what else has been written there).  If a resource is
both readable and writeable, then just return both DAV:read and
DAV:write as granted privileges.

Cheers,
Geoff

-----Original Message-----
From: Hermann, Eckehard [mailto:Eckehard.Hermann@softwareag.com]
Sent: Thursday, February 21, 2002 7:36 AM
To: w3c-dist-auth@w3c.org
Subject: read/write privileges


Hi all,

 the ACL Standard says under 3.7 that the DAV:write privileg MUST NOT
contain the DAV:read privileg. What sense does it make to give someone the
right for doing updates or delete a resource but not to allow to read the
resource? What is the reason that a DAV:write most not contain a DAV:read?

regards

Eckehard
Received on Saturday, 23 February 2002 18:54:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:59 GMT