- From: Lisa Dusseault <lisa@xythos.com>
- Date: Tue, 15 Jan 2002 14:23:20 -0800
- To: "Clemm, Geoff" <gclemm@Rational.Com>, <w3c-dist-auth@w3c.org>
As you point out, the DAV:owner field affects client/client interoperability. There exist shipping clients that have established interoperability based on specific syntax and information in the DAV:owner field. Therefore, we cannot now develop a standard format for that field without breaking those clients. Since DAV:owner was standardized as free text, we can't restrict it further. We can however create a new field that when supported uses a standard syntax. Lisa > -----Original Message----- > From: w3c-dist-auth-request@w3.org > [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Clemm, Geoff > Sent: Tuesday, January 15, 2002 7:44 AM > To: w3c-dist-auth@w3c.org > Subject: RE: HOW_TO_IDENTIFY_LOCK_OWNER > > > Developing a standard format for the DAV:owner field would > be fine with me. This addresses the client/client interoperability > problem without introducing the overhead and security hole > that capturing and displaying a "principal" introduces. > The ability to submit "bogus" information is a security feature, > not a bug. > > Cheers, > Geoff > > -----Original Message----- > From: Julian Reschke [mailto:julian.reschke@gmx.de] > > > From: w3c-dist-auth-request@w3.org > > [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Lisa Dusseault > > Sent: Monday, January 14, 2002 8:26 PM > > To: Clemm, Geoff; w3c-dist-auth@w3c.org > > Subject: RE: HOW_TO_IDENTIFY_LOCK_OWNER > > > > ... > > > > No, this info is not necessarily available in the DAV:owner > > field. Because > > the client can submit this field, the client can submit bogus > information, > > and it's not necessarily possible for the server to decide if the > > information is bogus. > > Furthermore, there is no standard format for this information, but this > would be needed for a interoperability.
Received on Tuesday, 15 January 2002 17:25:38 UTC