- From: Jim Whitehead <ejw@cse.ucsc.edu>
- Date: Wed, 23 Oct 2002 11:13:26 -0700
- To: <acl@webdav.org>, "WebDAV" <w3c-dist-auth@w3.org>
As you witnessed on the mailing list yesterday, the WebDAV Access Control protocol has now been reviewed by the WebDAV WG's area director (now Ned Freed, see below), and has begun an IETF-wide last call for comments. This is a chance for people outside the WebDAV working group to submit comments on the specification. The IETF-wide last call goes for two weeks. At the end of this period, we'll issue a new ACL specification incorporating comments from the IETF last call, the Area Director (see below), as well as any issues brought up on the mailing list since the -09 specification was submitted. After the -10 specification is submitted, at a future meeting the IESG will consider the specification, and will (hopefully) approve it as a Proposed Standard. So, ideally, we'll have an RFC number for the ACL specification by year's end. - Jim -----Original Message----- From: ned.freed@mrochek.com [mailto:ned.freed@mrochek.com] Sent: Tuesday, October 22, 2002 5:55 PM To: Lisa Dusseault Cc: ned.freed@mrochek.com; paf@cisco.com; 'Jim Whitehead' Subject: Last call for ACL document, changes to WebDAV management Patrik and I have agreed that I will take over as Applications Area advisor for the WebDAV group. (In case you care, Patrik is taking over as advisor for GeoPriv). My first action as advisor has been to review and issue a last call for draft-ietf-webdav-acl-09.txt. I didn't find any substantive problems with the document when I reviewed it, although I must say it has one of the most, if not the most, complex ACL models I've ever seen, and I wonder if all the complexity is needed. I did find a couple of nits during my review: The DAV:all-grant-before-any-deny element defined in section 6.1.2. I think this element is misnamed or the text description is in error. Specifically, the text says (to me at least) that this element specifies a combinding rule where if any ACE denies access the request fails. Ordering therefore has nothing to do with it; the ACE that denies access can appear anywhere in the ACL. Assuming the description is correct, it seems that the use of the word "before" in the element name is a misnomer. I would suggest that the name be changed to something like any-deny-overrides-grant. There's also a bad line wrap on page 66. I'm sure other nits will be found so I figure holding the document until these two could be fixed was pointless. Ned
Received on Wednesday, 23 October 2002 14:16:48 UTC