- From: Larry Masinter <masinter@parc.xerox.com>
- Date: Thu, 23 Oct 1997 00:55:10 PDT
- To: Paul Leach <paulle@microsoft.com>
- CC: hep@netscape.com, "'Sukanta Ganguly'" <sganguly@novell.com>, Yaron Goland <yarong@microsoft.com>, w3c-dist-auth@w3.org
The classical protection models are more difficult for users to reason with than booleans, since you're saying "who", but "who" is just one of many dimensions that go into determining the access policy. Access policies are a kind of dynamic content that a client sends to the server in order to determine the server's future behavior in granting access. We're just trying to settle on what the minimum library is that every implementation of the dyanmic-access-policy feature must support. Classical protection model isn't good enough, but probably extending it to at least have predicates for source host & IP address would satisfy current web users. Servers that allowed more flexible policies could also be supported. Larry -- http://www.parc.xerox.com/masinter
Received on Thursday, 23 October 1997 04:05:40 UTC