Re: Please review the Access Control page

Dear Ashok, all,
I have just few comments on the Note:

- "ACG: An Access Control Graph describes which agents can have some mode of access to a resource, or collection of resources.": I would
substitute this sentence with "ACG: An Access Control Graph describes which features an agents has to satisfy to have some mode of access 
to a resource, or collection of resources.". This is to avoid the misunderstanding that only specified lists of agents (or roles of the 
agents) are considered while it is also possible to list the attributes of the agents whose access is granted. I see that this point
is mentioned as possible future outcome of an AC WG: "The WG will need to decide whether it also wants to define fine-grained access 
control at an attribute level." To me attribute-level AC is more general than specifying AC lists of agents (as you do not always know the 
URIs of all the agents that will try to access the resource and maybe they are allowed to). However, I understand that this is a tricky point, and
it is fine with me to leave it as a future option (as it is just a single page :-) ) for a dedicated WG.

- "allowing friends of his to POST to a container, but not read the contents of the container": sounds a bit strange to me. Why the constraint that
he cannot read the contents of the container?

All the best,
Serena



----- Mail original -----
> De: "Ashok Malhotra" <ashok.malhotra@oracle.com>
> À: "Ted Thibodeau Jr" <tthibodeau@openlinksw.com>, "Serena Villata" <serena.villata@inria.fr>, public-ldp-wg@w3.org
> Envoyé: Lundi 19 Mai 2014 16:57:31
> Objet: Please review the Access Control page
> 
> Serena, Ted:
> The LDP WG is getting ready to publish the Access Control page as a WG note.
> Could you please take a look at
> https://www.w3.org/2012/ldp/wiki/AccessControl
> before we do that?  And it is what it says -- just a single page :-)
> --
> All the best, Ashok
>

Received on Monday, 19 May 2014 15:54:05 UTC