[Prev][Next][Index][Thread]
Re: Access Control Draft
H:Date: Mon, 19 May 1997 14:43:42 -0700 (PDT)
H:From: "Gregory J. Woodhouse" <gjw@wnetc.com>
H:To: Jim Whitehead <ejw@ics.uci.edu>
H:cc: howard.s.modell@boeing.com, w3c-dist-auth@w3.org
H:Subject: Re: Access Control Draft
H:
H:I agree that our approach to access control should not imply a set of
H:roles which are too specific to a particular application or document
H:management strategy. Instead, I think we should adopt a general scheme
H:such as UNIX-style groups, VMS style privileges and rights, or our system
H:of keys. Any one of these schemes would suit our needs without locking us
H:into a specific set of roles.
H:
H:---
H:Gregory Woodhouse
H:gjw@wnetc.com / http://www.wnetc.com/home.html
H:If you're going to reinvent the wheel, at least try to come
H:up with a better one.
H:
a silly question perhaps (excuse me if this has been discussed previously):
is there some reason why something vaguely like the "certificate"
systems being used in electronic commerce couldn't work in this
context? That is, the "document-set-owner" issues "tokens" to
authors who need to be allowed to access/modify documents in the
set. When one of those authors wants to "check in" a modified
document or document-part, he or she must be able to accompany his
work with the proper "token".
Note: I'm not saying anything about the complexity of the token, nor the
protocol for issuing or recognition nor any of the details.
I'm just sketching a model.
<signed>
Howard S. Modell
________________________________________________________________________
Adv.Computing Technologist/2 POBox 3707, m/s 4A-25, Boeing D&SG
howard.s.modell@boeing.com Seattle, WA 98124-2207
http://warlok.ds.boeing.com/~howie/ (206)662-0189[v] (206)662-4018[f]
Follow-Ups: