Re: AW: DAV:principal-URL

If we believe that it is reasonable to require that the DAV:principal-URL 
be an HTTP URL, then I'm fine with just requiring this in RFC3774bis.
If we don't require that, then I don't think we can require that there be 
a way to "find" that principal, since as you say, if you can find it using 
the information in the DAV:principal-URL, you should have been able to 
format that information as an HTTP URL.

Cheers,
Geoff

w3c-dist-auth-request@w3.org wrote on 05/14/2008 03:16:01 PM:

> 
> Geoffrey M Clemm wrote:
> > 
> > So here's the problem:  The primary purpose of the DAV:principal-URL 
is 
> > to specify the "identity" of a principal (so you can use it to check 
for 
> > equality).  But you might not have an HTTP URI that can be used as the 

> > "identity" (you might need to use some URN URI, for example).  So you 
> > might be forced to use a non-HTTP URL in the DAV:principal-URL 
property.
> 
> Not totally convinced. If you can make a URN work, you can probably make 

> an HTTP URI work as well. Maybe not a pretty one, though. But anyway...
> 
> > So the spec says that there must be an HTTP URL for a principal, but 
it 
> > does not require that the HTTP URL be the one that appears in the 
> > DAV:principal-URL property.
> > 
> > At least that's how I remember it ... I could of course be wrong (it's 

> > been a while :-).
> 
> OK, let's start with the assumption that you are right, usually a safe 
> position :-).
> 
> The spec say that the principal-URL must be used in ACL requests. Does 
> this also mean it will be the one that will be used in the Access 
> Control Properties, such as DAV:acl? I would think so, otherwise 
> roundtripping will be messy...
> 
> If this is the case, the only way to actually get to the HTTP principal 
> URL the spec requires in to use one of the reports, such as 
> DAV:principal-property-search? If yes, I'd argue we probably write down 
> an example showing how to do that, and add that to RFC3744bis...
> 
> BR, Julian
> 
> 
> 
>