- From: Dave Hollander <dmh@hpsgml.fc.hp.com>
- Date: Fri, 02 May 1997 09:25:41 -0600
- To: w3c-dist-auth@w3.org
I think the API based specification will work, but will leave the issue to this group and the industry. I was responding to the specific chain proposing ACLs as the appropriate mechanics for access control. While in today's systems ACLs provide the most common and secure access controls, they are difficult to maintain and manage. I would like to be able to encourage directory based access control techniques within the DAV environment. Regards Dave Hollander ---------------------- Jack writes: > I believe the API approach will allow for such modularity, or > is that of concern to you? ... Dave writes: > > > but would focus on developing specifications for protocol extensions, > > > ACLs and the like. > > > > > > > I believe that DAV should touch on security, but please do not insist > > on ACLs. The exact binding of security attributes to system > > implementation must be left to the application to allow alternatives > > to ACLs to grow. > > > > Regards, > > Dave Hollander > --------------------------------------- >
Received on Friday, 2 May 1997 11:34:27 UTC