- From: Henry Sanders (Exchange) <henrysa@EXCHANGE.MICROSOFT.com>
- Date: Thu, 17 Apr 1997 11:13:39 -0700
- To: "'Larry Masinter'" <masinter@parc.xerox.com>
- Cc: Yaron Goland <yarong@microsoft.com>, "'Steve Carter'" <SRCarter@novell.com>, w3c-dist-auth@w3.org, slein@wrc.xerox.com
Larry Masinter writes: > Well, just to calibrate: > > I think from a user point of view, being able to say > "this is public" or "this is private" for a new document > the user has stored is far more important for DAV than > being able to do "MOVE" or "COPY". > > Do you agree? > > A good question. At the risk of sounding evasive, I'd have to say "It depends". There are several scenarios I'm concerned about where the user will probably never want explicitly to alter access permissions on a document. For example, there are small departmental web servers where everything is always public to people in the department. Or there are situations where you have a private directory on a server, accessible only to you, where you author documents. When the document is finished you COPY it to a public area. In these scenarios MOVE and COPY are more important than the ability to specify public/private. On the other hand, I agree that there are scenarios where the ability to specify public/private is really important. There are also scenarios where the ability to specify cache-control information is more important than either security or MOVE/COPY. And there are also situations where it's crucial that the user be able to say "Return this document if the requester supports frames, return this document if it doesn't." To me all of these situations are just variants on managing and administering a web server. That's why I'm reluctant to address security - I'm afraid it's the first step down a slippery slope. Henry
Received on Thursday, 17 April 1997 14:13:57 UTC