RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS

Should we define an UNLOCK privilege as a part of the ACL spec?

> -----Original Message-----
> From: w3c-dist-auth-request@w3.org
> [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Clemm, Geoff
> Sent: Monday, August 20, 2001 9:19 PM
> To: Webdav WG
> Subject: RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS
>
>
> Well, that's a really easy change, i.e. all you have to do is
> absolutely nothing (:-).  Currently, section 11 in 2518 places
> no constraints on who can do an UNLOCK operation (i.e. if you
> can discover the lock token, you can request an UNLOCK).  The ACL spec
> introduces ways to constrain who can do an operation.  So we're done (:-).
>
> Cheers,
> Geoff
>
> -----Original Message-----
> From: Jason Crawford [mailto:ccjason@us.ibm.com]
> Sent: Monday, August 20, 2001 11:57 PM
> To: Webdav WG
> Subject: RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS
>
>
>
>
>
> It sounds like we might have consensus opinion that the power to unlock
> someone else's locked resource should be under ACL control.
> Could someone
> that feels strongly about this propose a wording and placement in
> 2518 that
> makes this proposal concrete?
>
> Thanks,
>
> J.
>
> ------------------------------------------
> Phone: 914-784-7569,   ccjason@us.ibm.com
>
>

Received on Tuesday, 21 August 2001 11:29:21 UTC