ISSUE-10 (client-server): Client and Server model [Access Control]

ISSUE-10 (client-server): Client and Server model [Access Control]

http://www.w3.org/2008/webapps/track/issues/

Raised by: Arthur Barstow
On product: Access Control

[[ This issue was created on 2008-01-04 as Issue #20 in the Web Applications Formats (WAF) WG and is copied in totality to the Web Applications WG's Issues database:
<http://www.w3.org/2005/06/tracker/waf/issues/20> ]]

Issues have been raised regarding client (i.e. browser) versus server aspects of the model. For example, would it better and simple for the policy enforcement point to be the server rather than the client, etc.

On 20 December 2007, Tyler Close raised this issue via:

 <http://lists.w3.org/Archives/Public/public-appformats/2007Dec/0054.html>

There were several relevant follow-ups, including but not limited to:

 <http://lists.w3.org/Archives/Public/public-appformats/2007Dec/0068.html>
 <http://lists.w3.org/Archives/Public/public-appformats/2007Dec/0071.html>
 <http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0000.html>
 <http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0004.html>
 <http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0010.html>
 <http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0018.html>
 <http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0032.html>

Related issues were also raised on 5 November 2007 during WG's f2f meeting that included members of the Web Security Context WG and the XML Security Spec Maintenance WG:

 <http://www.w3.org/2007/11/05-waf-minutes.html#item09>

Received on Monday, 23 June 2008 19:35:40 UTC