- From: Paul Leach <paulle@microsoft.com>
- Date: Fri, 24 Oct 1997 11:15:57 -0700
- To: "'hep@netscape.com'" <hep@netscape.com>
- Cc: w3c-dist-auth@w3.org, "'Larry Masinter'" <masinter@parc.xerox.com>
I think that we've been mostly talking about 3 things, which are related but which it might be better to tease apart and try to consider separately, and which I'll try to summarize. 1. Principal IDs should be more than user ID; in particular, they should be able to include location from where the access came. 2. The specification of an "accessor" in an ACE should be opaque, system specific things (lets call them "OIDs" for short), and new functions are needed to convert between OIDs and principal IDs. 3. The specification of which principals an ACE grants rights to should be more flexible and powerful than just a single principal ID (or OID); lets call it a "principal specification" after Howard's suggestion. I.e, conceptually, there is a function bool IsMatchingPrincipal(principal-spec, principal-ID) which, given a principal ID and a principal specifier, tells whether the principal matches it. In order to enable us to flush out further issues, I would make the following proposal: 1. I will make the spec agnostic on the subject of issue #1. Actually, it already is, but I'll make it clear that it is. 2. I will make the spec 99% agnostic on the subject of issue #3. I.e., in the spec for an ACE, I'll make it refer to "principal specifier" instead of "principal ID"; but _for now_ the only form of principal specifier will be a simple principal ID. This will be isolated to one place, where we can upgrade it if/when we come to concensus on changing it. But at least it will be a separable discussion. 3. Table issue #2 until there is a requirements specification for it. Comments? Paul
Received on Friday, 24 October 1997 14:22:06 UTC