- From: Howard Palmer <hep@netscape.com>
- Date: Thu, 23 Oct 1997 20:18:44 -0700
- To: Paul Leach <paulle@microsoft.com>
- CC: w3c-dist-auth@w3.org, "'Larry Masinter'" <masinter@parc.xerox.com>
Paul, > > As for user perception of the complexity of booleans: we're talking > > about the PROTOCOL here. Whether you let the user's see the booleans > > directly or have some kind of check-box interactive display is an > > interface issue. > > > If you can show me at least one UI design that hides this complexity, > I'll buy it. Until then, it will be true that I've never seen a UI that > can make anything simpler than the underlying intrinsic complexity -- > it's the law of conservation of complexity. I'll bet you've already bought it. Do you use Windows NT? Have you looked at its API for access control (or did you design it)? It seems quite complex to me, although I believe I understand the need for the complexity. The UI for setting access control on files seems reasonably intuitive, however, at least to me. It appears that your UI designer chose not to expose all of the underlying functionality, and got a pretty good result. Another interesting thing about that API is the fact that it exposes security identifiers (SIDs) for users and groups. Not entirely, but it provides quite a few functions for doing useful things with them. When I login to NT, I enter my username as "hep". I do not enter my SID. Why is that? And why don't the ACLs refer to me by my username when I retrieve them through the API? What I'm looking for in the access control protocol is something like the SID as a user id or group id. It can be opaque, but it needs to have certain properties (as the SID does), and it would sure be nice if the protocol supported analogs of a lot of those nice functions that the NT API provides for SIDs. I imagine, although I don't know, that NT-to-NT authentication uses SIDs in the authentication credentials. If so, that's swell for you and your proprietary authentication protocol, but those of us who have to support authentication protocols such as HTTP basic authentication don't always get to choose what form the authentication credentials take. That shouldn't mean that we have to do without something like SIDs in the access control protocol, since we can map the authentication credentials to whatever we like. By the way, where can read more about the "law of conservation of complexity"? Howard
Received on Thursday, 23 October 1997 23:20:07 UTC