W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 1997

Re: Introducing Howard Palmer

From: Howard Palmer <hep@netscape.com>
Date: Fri, 03 Oct 1997 20:15:51 -0700
Message-ID: <3435B4E7.31CAA53@netscape.com>
To: "ejw@ics.uci.edu" <ejw@ics.uci.edu>
CC: "'w3c-dist-auth@w3.org'" <w3c-dist-auth@w3.org>

> I'd like to introduce to you Howard Palmer <hep@netscape.com>, who has
> volunteered to be the editor for the access control requirements and
> protocol specification.  He will be picking up Jon Radoff's last
> requirements document and will move it forward.
> I am very pleased that Howard has volunteered for this task, and I think he
> will do a great job!  So I don't steal his thunder, I'll let Howard
> introduce himself more...

Thanks, Jim.

I'm a developer in the core web server group at Netscape, involved mainly with
access control and security issues.  I've been here for about two years, and
worked on the Enterprise 2.0 and 3.0 web servers.  That has given me a fair
amount of exposure to customer requirements for web-oriented access control,
which I hope will be useful in my role as AC editor.  However, I have not been
following the deliberations of this group very closely, so please feel free to
educate me if you find me lacking in knowledge of the broader DAV issues.  I
will do my best to come up to speed quickly.

Prior to Netscape, I've had about 25 years of software development experience,
beginning at NASA Ames Research Center, when the Internet was the ARPAnet.
I've worked on the implementation of a number of protocols at various
companies, including the obligatory year of doing OSI.

What are my biases?  Inter-operability is number one.  I want to see clients
and servers from different vendors actually talk sense to each other, not just
claim their conformance to a standard.  Toward that end, I have a strong
leaning toward simpler, but still useful objectives for functionality.  You
will find me more interested in the specification of protocols than APIs in
this forum, although I have nothing against the standardization of APIs.  I'm
in favor of protocol design which allows for future or vendor-specific
extensions, as long as the standard provides a useful level of
inter-operability without assuming these.

I feel strongly that web-oriented access control has requirements that are not
encountered with a traditional file system.  Nevertheless, I'm quite willing to
leave some of these requirements to a future revision of the protocol, in the
cases where they actually impact the protocol design.  However I do hope that
we can reach consensus on a level of access control functionality that is at
least comparable to that supported by traditional file systems.

In the immediate future I'll be coming up to speed on the DAV protocol spec,
and preparing to submit Jon Radoff's access control requirements document as an
Internet Draft.  Comments on this document:


are welcome.  Our target date for the submission of the draft is Oct. 15.


Received on Friday, 3 October 1997 23:16:11 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:12 UTC