W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2006

Re: Bindings and permissions

From: Julian Reschke <julian.reschke@gmx.de>
Date: Mon, 23 Jan 2006 18:46:14 +0100
Message-ID: <43D51666.2080507@gmx.de>
To: Lisa Dusseault <lisa@osafoundation.org>
CC: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>, webdav <w3c-dist-auth@w3.org>

Lisa Dusseault wrote:
> I guess our mis-alignment is partly based on whether ACL supports 
> dynamic ACL inheritance.  Since I know of more than one server 
> supporting ACL that does dynamic inheritance, I figure that whether or 
> not ACL theoretically supports dynamic inheritance, in practice it does.

Then that server has chosen an ACL model that is undefined under RFC3744.

> Still, I would argue that's irrelevant.  Doesn't a client have an 
> expectation that when it does a BIND request
>  - that the resource being bound doesn't become less accessible, or more 
> accessible, as a result of the request; in other words that the BIND 
> request has reasonably predictable side effects
>     - regardless of whether the server supports ACL spec
>     - regardless of whether the server supports dynamic inheritance, 
> which as you say isn't really discoverable?

All of these are good questions, but I don't see how BIND can possibly 
answer that, when even the behavior for single bindings is not defined 
within any IETF spec.

Best regards, Julian
Received on Monday, 23 January 2006 17:48:35 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:35 UTC