W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 1997

RE: ACL Draft

From: Paul Leach <paulle@microsoft.com>
Date: Wed, 22 Oct 1997 15:12:13 -0700
Message-ID: <771E1FEEEE41D111A95900805FFE658712AD3D@RED-MSG-51.dns.microsoft.com>
To: "'hep@netscape.com'" <hep@netscape.com>
Cc: "'Larry Masinter'" <masinter@parc.xerox.com>, Yaron Goland <yarong@microsoft.com>, "W3c-Dist-Auth (E-mail)" <w3c-dist-auth@w3.org>
To stop a possibly long debate -- yes, we need to agree on what
principal names are. I didn't mean to imply differently.  I just said
that we shouldn't do so in the ACL draft, but rather in an
authentication draft. It is an issue of separation of concerns. The form
of principal names and how a user or server proves that they are
identified by a particular principal name is just totally orthogonal to
the question of the ACL draft (as long as principal  name can be encoded
as a string).

Futhermore, I don't want to be inventing authentication protocols in
this WG -- there are other WGs for that purpose, and I want to rely on
them. So, I'd be happy to say in the draft that (e.g.) Kerberos
principal names (RFC 1510) are one way to specify principals -- and in
the ACL draft, or some other DAV draft, we can say what the "mandatory
to implement" authentication protocols are in order to insure DAV
interoperability at all layers of the stack.

Received on Wednesday, 22 October 1997 18:12:37 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:12 UTC