- From: John Turner <johnt@cgocable.net>
- Date: Thu, 18 Dec 1997 10:33:26 +0500
- To: w3c-dist-auth@w3.org
At 04:13 PM 12/17/97 -0500, you wrote: >At the IETF meeting, I raised the possibility of adopting >a really simple access control model -- for example > >1. No principal hierarchy (i.e. user/group) >2. Principals identified only by digital certificates >3. Small fixed set of rights >4. No ACL inheritance (either static or dynamic) >5. Only creator of resource can set its ACL > >As I understood it, a number of people seemed to assert, >that independent of the exact details, there were inherent >unresolvable problems in adopting something simple. > >Would someone be kind enough to elucidate those >reasons? > > -- Ellis For any serious document management application of WebDAV there is a need for the documents to be well protected. In addition, it is important to be able bring forward the security models from existing or underlying products. A simplistic security scheme would not meet these needs and would force us to ignore or go outside those specified by WebDAV. This would obviously hurt the goal of interoperable WebDAV applications. John Turner johnt@cgocable.net
Received on Thursday, 18 December 1997 10:33:47 UTC