Re: Access Control Draft

To: Jim Whitehead <ejw@ics.uci.edu>, w3c-dist-auth@w3.org
Subject: Re: Access Control Draft
From: Stephen Martin <smartin@mks.com>
Date: Tue, 27 May 1997 16:47:35 -0400
From w3c-dist-auth-request@www10.w3.org Tue May 27 16: 47:58 1997
Message-ID: <338B4867.39B213D3@mks.com>
Organization: Mortice Kern Systems
References: <5lidd5$srh$1@news.mks.com>
Sender: smartin@mks.com
X-List-URL: http://www.w3.org/pub/WWW/Archives/Public/w3c-dist-auth/
X-Mailer: Mozilla 4.0b3C (X11; I; Linux 2.0.18 i586)
X-Priority: 3 (Normal)
X-See-Also: http://www.ics.uci.edu/~ejw/authoring

Jim Whitehead wrote:
> 
> I'd like to throw out for discussion a "minimalist" view of access control.
> My hypothesis is the only access control necessary in the client-server
> WebDAV protocol is a method which temporarily changes the access rights of
> a resource such that only (write) lock holders may read the resource, and
> another message which reverts the access rights back to their original form
> once editing is complete (or perhaps this happens automatically once all
> locks are released).  This limited access control provides document privacy
> during editing, so authors are assured that others will not be reading
> their preliminary work.
> 

I agree. WEBDAV should only be concerned with security on these two
fronts. 

1) Authentication.
   Some operations must require that the user identify themself to the
   server. This may be configured on the server to cover all access, or
   possibly only editing functions. What ever it is, the server should
   use HTTP 1.1 style Authentication requests to indicate a requirment
   for authentication and the client should identify itself using HTTP
   1.1 style responses. The choice of using HTTP methods to implement
   webdav functions works well as most servers allow authentication to
   be configured based on the method (Well GET and PUT anyway).

2) Access Control.
   WEBDAV is largely about access control. The whole idea of locks is as
   a mechanism to restrict access to a resource while something is being
   done to it. There seems to me to be two main ways to do this. Either
   via identification, Is the person attempting to access the document
   allowed to under the restrictions of the lock?, or via the presentation
   of a credential ie. a lock token. If someone has the proper token to
   operate on a document, let them. I'm sure there are pro's an con's
   of either mechanism, we should weight them and pick a method. The
   main task here is to define the semantics of how the locks work.

Steve
-- 
                                     __
Stephen Martin         _   _   |    /_ \ MORTICE KERN SYSTEMS INC.
smartin@mks.com      ,/ \ / \  | / |(  |  185 Columbia Street West
(519)883-3215        |   |   | |/  | \ /   Waterloo, Ontario
Fax: (519)884-8861   |   |   | | \ | _)     Canada   N2L 5Z5
                                    \__/

References:

From:

Prev: Access Control: What's On The Wire
Next: Re: E-mail access
Index: Message index of w3c-dist-auth@w3.org mailing list
Thread: Thread index of w3c-dist-auth@w3.org mailing list