- From: -=jack=- <jack@twaxx.twaxx.com>
- Date: Fri, 2 May 1997 08:22:10 -0700 (PDT)
- To: Dave Hollander <dmh@hpsgml.fc.hp.com>
- cc: w3c-dist-auth@w3.org
> > but would focus on developing specifications for protocol extensions, > > ACLs and the like. > > > > I believe that DAV should touch on security, but please do not insist > on ACLs. The exact binding of security attributes to system > implementation must be left to the application to allow alternatives > to ACLs to grow. > > Regards, > Dave Hollander --------------------------------------- I believe the API approach will allow for such modularity, or is that of concern to you? Are there problems with the API based approach described in the last couple days, and if so, would you describe the inadequacies so they may be addressed? It's nearly possible to allow distributed authoring without access control and related issues; what it seems we're trying to do is establish a framework within which these issues can be addressed, and it was my feeling that the API based approach setting a minimum level of necessary functionality tended to allow the freedom to have things like (what was previously called) 'authentication data', for ex., conform to certain specifications, but be able to go above and beyond that to provide more. Is this approach insufficient for your needs? If so, how? Thanks ... ;-) -=jack=- (This text composed by voice)
Received on Friday, 2 May 1997 11:22:41 UTC