RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS

OK, by me.  If we do, we probably should have separate "lock" and "unlock"
privileges.
But I'd be happy to add this in later, if it is at all contentious.

Cheers,
Geoff

-----Original Message-----
From: Eric Sedlar [mailto:Eric.Sedlar@oracle.com]
Sent: Tuesday, August 21, 2001 11:35 AM
To: Webdav WG
Subject: RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS


Should we define an UNLOCK privilege as a part of the ACL spec?

> -----Original Message-----
> From: w3c-dist-auth-request@w3.org
> [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Clemm, Geoff
> Sent: Monday, August 20, 2001 9:19 PM
> To: Webdav WG
> Subject: RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS
>
>
> Well, that's a really easy change, i.e. all you have to do is
> absolutely nothing (:-).  Currently, section 11 in 2518 places
> no constraints on who can do an UNLOCK operation (i.e. if you
> can discover the lock token, you can request an UNLOCK).  The ACL spec
> introduces ways to constrain who can do an operation.  So we're done (:-).
>
> Cheers,
> Geoff
>
> -----Original Message-----
> From: Jason Crawford [mailto:ccjason@us.ibm.com]
> Sent: Monday, August 20, 2001 11:57 PM
> To: Webdav WG
> Subject: RE: Webdav issue: UNLOCK_BY_NON_LOCK_OWNERS
>
>
>
>
>
> It sounds like we might have consensus opinion that the power to unlock
> someone else's locked resource should be under ACL control.
> Could someone
> that feels strongly about this propose a wording and placement in
> 2518 that
> makes this proposal concrete?
>
> Thanks,
>
> J.
>
> ------------------------------------------
> Phone: 914-784-7569,   ccjason@us.ibm.com
>
>

Received on Tuesday, 21 August 2001 12:41:02 UTC