- From: Howard Palmer <hep@netscape.com>
- Date: Fri, 03 Oct 1997 20:15:51 -0700
- To: "ejw@ics.uci.edu" <ejw@ics.uci.edu>
- CC: "'w3c-dist-auth@w3.org'" <w3c-dist-auth@w3.org>
- Message-ID: <3435B4E7.31CAA53@netscape.com>
Jim, > I'd like to introduce to you Howard Palmer <hep@netscape.com>, who has > volunteered to be the editor for the access control requirements and > protocol specification. He will be picking up Jon Radoff's last > requirements document and will move it forward. > > I am very pleased that Howard has volunteered for this task, and I think he > will do a great job! So I don't steal his thunder, I'll let Howard > introduce himself more... Thanks, Jim. I'm a developer in the core web server group at Netscape, involved mainly with access control and security issues. I've been here for about two years, and worked on the Enterprise 2.0 and 3.0 web servers. That has given me a fair amount of exposure to customer requirements for web-oriented access control, which I hope will be useful in my role as AC editor. However, I have not been following the deliberations of this group very closely, so please feel free to educate me if you find me lacking in knowledge of the broader DAV issues. I will do my best to come up to speed quickly. Prior to Netscape, I've had about 25 years of software development experience, beginning at NASA Ames Research Center, when the Internet was the ARPAnet. I've worked on the implementation of a number of protocols at various companies, including the obligatory year of doing OSI. What are my biases? Inter-operability is number one. I want to see clients and servers from different vendors actually talk sense to each other, not just claim their conformance to a standard. Toward that end, I have a strong leaning toward simpler, but still useful objectives for functionality. You will find me more interested in the specification of protocols than APIs in this forum, although I have nothing against the standardization of APIs. I'm in favor of protocol design which allows for future or vendor-specific extensions, as long as the standard provides a useful level of inter-operability without assuming these. I feel strongly that web-oriented access control has requirements that are not encountered with a traditional file system. Nevertheless, I'm quite willing to leave some of these requirements to a future revision of the protocol, in the cases where they actually impact the protocol design. However I do hope that we can reach consensus on a level of access control functionality that is at least comparable to that supported by traditional file systems. In the immediate future I'll be coming up to speed on the DAV protocol spec, and preparing to submit Jon Radoff's access control requirements document as an Internet Draft. Comments on this document: http://lists.w3.org/Archives/Public/w3c-dist-auth/1997JulSep/0017.html are welcome. Our target date for the submission of the draft is Oct. 15. Howard
Received on Friday, 3 October 1997 23:16:11 UTC