- From: Mary Ellen Zurko <zurko@osf.org>
- Date: Fri, 9 Jun 95 15:45:51 EDT
- To: rg@server.net
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, Me <zurko@osf.org>
Hi Roger, > Summary: Need input on how to handle setting realm of new entity > and allowed methods within a realm. What you're doing is initializing the access control list (ACL) for a new document. There are alternatives to specifying it in the header. If you're managing a hierarchical space, you can inherity the ACL from the parent, or you can extend the parent to include an ACL that descends to any new children. Or, if the space is not hiearchical, you can define an ACL to apply to all new objects on a per-realm, or ever per-server, basis. No matter what approach you take (including your current one), you then have to deal with being able to change it later. Just as we're slowly moving to distributed authentication/identity management (with the MDA proposal), we'll need to go to distributed group/attribute management, then distributed ACL management. Mez
Received on Friday, 9 June 1995 12:47:28 UTC