- From: Lisa Lippert (Dusseault) (Exchange) <lisadu@exchange.microsoft.com>
- Date: Wed, 19 Aug 1998 11:29:44 -0700
- To: "'Jim Davis'" <jdavis@parc.xerox.com>, w3c-dist-auth@w3.org
Thanks for your feedback Jim. On your points 1) to 4): 1) Okay -- i've changed that. 2) There isn't always a one-to-one mapping between what action a user might want to allow/prevent, and what HTTP/DAV method is used to do that action. Sometimes there's more than one way to do something like list the contents of a collection. Sometimes there's more than one way to use a single method -- PUT can be seen as "changing a resource" or "adding a resource to a collection", both of which may be dealt with separately in assigning rights. However, I agree that clarity would be improved, so how about this: 6.3. Rights It MUST be possible to grant or deny the following rights to any principal - to alter the body of a resource - PUT or POST - to alter the properties of a resource - PROPPATCH - to delete a resource - DELETE - to add a child to a collection - PUT or POST - to read the ACL on a resource - undefined method(s) - to change the ACL on a resource - undefined method(s) - to delete a child from a collection - DELETE - to list the contents of a collection - SEARCH or PROPFIND - to read the properties of a resource - PROPFIND - to read the body of a resource - GET 3) Thanks for the catch :) 4) The latter meaning was intended. Perhaps the term "rewrite" would be more informative: "It is recommended that users be able to add access control information to an object without having to rewrite all access control settings." See you in Chicago next week! Lisa L -----Original Message----- From: Jim Davis [mailto:jdavis@parc.xerox.com] Sent: Tuesday, August 18, 1998 2:31 PM To: w3c-dist-auth@w3.org Subject: ID webdav acl reqts Mainly it's terrific. Good decisions about what's in and out of scope. A few comments: 1) In several places the ID uses the phrase "a resource or collection". I suggest just using the term "resource", since a collection is a kind of resource. The existing language implies that the two are disjoint, and might leave some doubt as to the status of (potentially future) sub types of resource, e.g. referential resources, versioning portals, etc. 2) Would 6.3 be clearer if it were defined in terms of the actual HTTP and WebDAV method names (GET, PUT, DELETE) instead of generic actions ('alter the body of a resource', 'add a child to a collection', etc)? 3) Shouldn't 6.3 also say something about - retrieving the body of a resource (e.g. GET) - retrieving the value of a property (e.g. PROPFIND) 4) In 7.1, it is not clear whether the term 'reset' means "clear" or "set all again". I assume the latter is intended from the justification, but could be wrong. best regards Jim ------------------------------------ http://www.parc.xerox.com/jdavis/ 650-812-4301
Received on Wednesday, 19 August 1998 14:29:27 UTC