- From: Yaron Goland <yarong@microsoft.com>
- Date: Thu, 29 Jan 1998 14:17:20 -0800
- To: "'Dylan Barrell'" <dbarrell@opentext.ch>, "'Jim Davis'" <jdavis@parc.xerox.com>, w3c-dist-auth@w3.org
- Cc: "Saveen Reddy (Exchange)" <saveenr@exchange.microsoft.com>
Please refer to section 5.7 of the 05 draft for an entire section dedicated to explaining the very principal you mention and section 5.6 for a particular example. I will change the order of these two sections in the next version of the draft because of the reverse dependency. Yaron > -----Original Message----- > From: Dylan Barrell [SMTP:dbarrell@opentext.ch] > Sent: Thursday, January 29, 1998 12:54 PM > To: Yaron Goland; 'Jim Davis'; w3c-dist-auth@w3.org > Cc: Saveen Reddy (Exchange) > Subject: RE: v6: 12.9 lockdiscovery > > This might seem obvious but I think it should be stated that the locktoken > MUST be returned if the requesting principle is the owner of the lock > (seeing as we don't go into permissions in any further detail, we must > guarantee that the owner of a lock can always retrieve the token). > > Cheers > Dylan > > > -----Original Message----- > From: Yaron Goland [SMTP:yarong@microsoft.com] > Sent: Sunday, January 25, 1998 1:49 AM > To: 'Jim Davis'; w3c-dist-auth@w3.org > Cc: Saveen Reddy (Exchange) > Subject: RE: v6: 12.9 lockdiscovery > > An excellent point. My guys brought up the exact same issue only > yesterday. > > I would like to propose some language to deal with this issue: > > 1. All locks outstanding on a resource MUST be listed. To do otherwise > would > confuse the hell out of a client who is getting locked errors on PUTs but > doesn't see any write locks listed in lockdiscovery. > > 2. Owner, timeout, and locktoken are to be made optional. > > One of the problems we have run into is that sometimes a resource gets > locked through a mechanism other than DAV, for example a program directly > manipulating the underlying operating system. While the DAV server will > know > about the lock, it will not have the ability to do anything with it. As > such > it doesn't have a "lock token" for the lock. We could, of course, just > issue > a fake lock token. But the problem is that we expect, eventually, that > administrative tools will be written to work with DAV. An administrator > who > tries to force an unlock using a fake lock token is in for a very > confusing > time. Additionally I also think that timeout should be optional because > the > information may not always be available. Finally, I don't think depth > should > be optional. I hate "default values" (in this case if Depth is not present > its value is taken to be 0). They always lead to trouble. > > Currently the production for activelock is: > > <!ELEMENT activelock (locktype, lockscope, depth?, owner, timeout, > locktoken) > > > Under the proposed changed it would become: > > <!ELEMENT activelock (locktype, lockscope, depth, owner?, timeout?, > locktoken?) > > > Is this acceptable to everyone? > > Yaron > > PS Jim, as always, you're the man. > > > -----Original Message----- > > From: Jim Davis [SMTP:jdavis@parc.xerox.com] > > Sent: Saturday, January 24, 1998 2:04 PM > > To: w3c-dist-auth@w3.org > > Subject: v6: 12.9 lockdiscovery > > > > 12.9 says "The server is free to withhold any or all of this information > > if > > the requesting principal does not have sufficient access rights to see > the > > requested data." > > > > If the server does not wish to inform caller of, say, the owner, then > > should it generate an empty owner or should it leave it out of the > > activelock altogether? The latter would violate the syntax of > activelock, > > as only depth is optional. I am not sure whether all the other elements > > of > > activelock are defined to allow them to be empty. If any of them are, > > then > > we have an inconsistency. If all of them allow empty, then the spec > > should > > add language telling what to do. >
Received on Thursday, 29 January 1998 17:17:41 UTC