- From: Henry Story <henry.story@bblfish.net>
- Date: Wed, 14 Nov 2012 12:27:02 +0100
- To: Andy Seaborne <andy.seaborne@epimorphics.com>
- Cc: public-ldp-wg@w3.org
Received on Wednesday, 14 November 2012 11:27:41 UTC
On 14 Nov 2012, at 12:04, Andy Seaborne <andy.seaborne@epimorphics.com> wrote: > > > On 12/11/12 20:48, Henry Story wrote: >> Luckily Access Control is orthogonal to LDP > > I hope that's true but I don't see why it must be so. > > The LDP spec covers operations on resources and containers and does not mention access control. > > Use case: I create bugReportSecurity57 about a security issue. I want it restricted because the information contained allows an attacker to exploit the security hole. Bug reports are normally publicly readable. Good use case. I added it here: http://www.w3.org/2012/ldp/wiki/AccessControl#Creating_a_new_resource_with_ACL_restrictions > > What is the operation flow to create a secure bug report if normally bug reports are publicly readable? (if they are not by default publicly readable, what operation on them makes them so?) I have a feeling that in the POST HTTP header one may need to add an ACL header, which could point to some ACL restrictions for the resource to be created. > > Or concretely: what triples are PUT where? > > Andy > > Social Web Architect http://bblfish.net/
Received on Wednesday, 14 November 2012 11:27:41 UTC