- From: Ellis Cohen <ellis@crystaliz.com>
- Date: Wed, 17 Dec 1997 16:13:27 -0500
- To: w3c-dist-auth@w3.org
At the IETF meeting, I raised the possibility of adopting a really simple access control model -- for example 1. No principal hierarchy (i.e. user/group) 2. Principals identified only by digital certificates 3. Small fixed set of rights 4. No ACL inheritance (either static or dynamic) 5. Only creator of resource can set its ACL As I understood it, a number of people seemed to assert, that independent of the exact details, there were inherent unresolvable problems in adopting something simple. Would someone be kind enough to elucidate those reasons? -- Ellis
Received on Wednesday, 17 December 1997 16:07:55 UTC