W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2008

Re: AW: DAV:principal-URL

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 14 May 2008 21:16:01 +0200
Message-ID: <482B3A71.7000703@gmx.de>
To: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
CC: Konstantin Breu <Konstantin.Breu@gmx.net>, acl@webdav.org, 'WebDAV' <w3c-dist-auth@w3.org>, w3c-dist-auth-request@w3.org, 'Wilfredo Sánchez Vega' <wsanchez@wsanchez.net>

Geoffrey M Clemm wrote:
> 
> So here's the problem:  The primary purpose of the DAV:principal-URL is 
> to specify the "identity" of a principal (so you can use it to check for 
> equality).  But you might not have an HTTP URI that can be used as the 
> "identity" (you might need to use some URN URI, for example).  So you 
> might be forced to use a non-HTTP URL in the DAV:principal-URL property.

Not totally convinced. If you can make a URN work, you can probably make 
an HTTP URI work as well. Maybe not a pretty one, though. But anyway...

> So the spec says that there must be an HTTP URL for a principal, but it 
> does not require that the HTTP URL be the one that appears in the 
> DAV:principal-URL property.
> 
> At least that's how I remember it ... I could of course be wrong (it's 
> been a while :-).

OK, let's start with the assumption that you are right, usually a safe 
position :-).

The spec say that the principal-URL must be used in ACL requests. Does 
this also mean it will be the one that will be used in the Access 
Control Properties, such as DAV:acl? I would think so, otherwise 
roundtripping will be messy...

If this is the case, the only way to actually get to the HTTP principal 
URL the spec requires in to use one of the reports, such as 
DAV:principal-property-search? If yes, I'd argue we probably write down 
an example showing how to do that, and add that to RFC3744bis...

BR, Julian
Received on Wednesday, 14 May 2008 19:22:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:16 GMT