- From: Michiel de Jong <michiel@unhosted.org>
- Date: Tue, 13 Nov 2012 19:05:15 +0800
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: public-rww@w3.org
On Tue, Nov 13, 2012 at 6:50 PM, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > Also dont forget > - Cookies > - Unguessable URIs (security by obscurity) > - Trusted shared spaces good point! an interesting feature of unguessable URIs, is that they actually have nothing to do with identity/authentication. Just like bank notes, they act as bearer tokens so you can grant access to a certain action to "whoever has this token", and then distribute the tokens along with the links, as "caps". Tahoe-lafs works that way. i guess the confusion is to what 'Access Control' means. To me, it means the whole system, so both *representing* the policy, and *enforcing* it. It seems the LDP wiki page is mostly about the representing part, and leaves the actual enforcement pretty much out of scope.
Received on Tuesday, 13 November 2012 11:05:42 UTC