Re: Aligning grouping of resources in POWDER and WAF Access Control.

>  From a POWDER perspective therefore, the default position is that 
> matches both and What this 
> discussion has made me realise is that we need to be explicit in our 
> documentation that it DOES NOT match - i.e. a different 
> domain altogether.
> Like WAF, we have an exclude method as well so we can say:
> <wdr:includeHosts></wdr:includeHosts>
> <wdr:excludeHosts></wdr:excludeHosts>
> (which means everything on and except resources 
> on The assumption being that someone describing a 
> load of content would know what they wanted to leave out.
> So the general approach has been, as ever, that simple things will be 
> simple (we own so that's the scope of this description) but 
> that complex situations can also be handled (you can write a Reg Ex if 
> you need to)

This sounds good to me. With that I would be more happy with saying that 
* should match only but not That would make 
it intuitive with rules like:

allow <> exclude <*>
allow <> exclude <>

I'm not sure I see much use for the '?' syntax suggested. What 
situations would that help, and are they very common?

> As for Jonas' other point - what else could/should we share. Well, 
> access control is clearly an application of what we're doing, whether 
> that's in terms of licensing or my own area of child protection. I guess 
> it's a question of use cases.

Not sure I follow you here. My question is, are there any concrete parts 
of respective specs that would make sense to share? Other than the URI 
syntax? Could access-control be implemented using POWDER even, and if 
so, what would the resulting syntax be for an author publishing 
shareable documents on his website?

Best Regards
/ Jonas Sicking

Received on Monday, 23 July 2007 08:44:41 UTC