W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2008

Re: I-D Action:draft-reschke-webdav-post-00.txt

From: Cyrus Daboo <cyrus@daboo.name>
Date: Tue, 23 Sep 2008 12:04:47 -0400
To: Julian Reschke <julian.reschke@gmx.de>
cc: WebDAV <w3c-dist-auth@w3.org>
Message-ID: <2B6F8082F373FB7970C74E05@caldav.corp.apple.com>

Hi Julian,

--On September 23, 2008 5:46:12 PM +0200 Julian Reschke 
<julian.reschke@gmx.de> wrote:

>> "When a server supports WebDAV ACL [RFC3744], the DAV:bind privilege is
>> required to be granted on the collection resource in which the new
>> member resource is being created. If this privilege is denied or not
>> present, the POST request MUST fail."
>
> Yes, although I'd move that into a "Relation to WebDAV ACL" section.
>
>> Another question: there is no restriction on what p:add-member URI can
>> be? e.g. if I have the collection "/a/b/" can the p:add-member be
>> another resource entirely, e.g. "/a/use-c-to-create-in-b/"? If this is
>
> I thought that was already clear; maybe I should have chosen a different
> URI :-)

A couple of different examples would help make it clear.

>> possible it should be called out, as the behavior might be somewhat
>> unexpected for clients. It might even be the case that the p:add-member
>> URI is on a different server (e.g. new member items in a collection need
>> "approval" from some other service). The interaction with WebDAV ACL in
>
> It seems that that kind of redirection would need a different mechanism.
> Let's not make things more complicated than they need to be.

OK, then let's explicitly state that the add-member URI must not be on a 
different server.

>> this case would need to be clear - i.e. what privileges are required on
>> the p:add-member URI?
>
> I think it would be sufficient to state the ACL requirements in terms of
> DAV:bind on the "real" collection. The add-member URI in general could me
> a non-WebDAV resource, so talking about WebDAV ACLs really doesn't make
> sense here.

OK, makes sense.

-- 
Cyrus Daboo
Received on Tuesday, 23 September 2008 16:05:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:16 GMT