W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2007

Re: [ACL] RFC 3744: Modifying ACEs

From: Jake Baumgarten <jbaumgarten@apple.com>
Date: Sun, 6 May 2007 18:12:30 -0700
Message-Id: <C407DB4D-214C-483D-A2C6-7C1836F0BF71@apple.com>
To: WebDAV <w3c-dist-auth@w3.org>, acl@webdav.org

Apple's .Mac WebDAV server does something very similar.  However,  
protected ACEs are always protected and cannot be overridden by user  
ACEs.  We have a "third" class of ACEs that are inherited, but not  
protected.  While a client can see the effect due to ordering, there  
is no way to distinguish these ACEs without non-standard query  
extensions.

-Jake

JS "Jake" Baumgarten
Manager, iDisk Engineering
Apple, Inc.

On May 5, 2007, at 6:36 PM, Tim Olsen wrote:

> In the implementations we're working on here at Lime Wire, we always
> put the protected ACEs up front and the inherited ACEs last.  This way
> one cannot override a protected ACE - with the exception of protected
> ACEs that are inherited because they get grouped together with the
> inherited ACEs.
>
> -Tim
>
Received on Monday, 7 May 2007 12:08:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:15 GMT