- From: Eric Sedlar <eric.sedlar@oracle.com>
- Date: Tue, 26 Apr 2005 15:01:50 -0700
- To: Elias Sinderson <elias@cse.ucsc.edu>
- CC: Julian Reschke <julian.reschke@gmx.de>, "'webdav'" <w3c-dist-auth@w3.org>
I think that BINDing's across security domains will in practice only occur across multiple instances of a product from a single vendor. In those cases, I don't see why a BINDing across across security domain will necessarily behave any differently. --Eric Elias Sinderson wrote: > > Julian Reschke wrote: > >> [...] most of the open Bugzilla issues should have been closed [...] > > > 71, Clarify what servers may and may not do with privileges when BIND > is used > As ACLs are defined on resources, not bindings, I don't see how the > spec can say much that hasn't already been said. There are, however, > potential issues with bindings across different security domains. If > anything, I would advocate a restrictive approach to permissions. That > is, permissions on bindings SHOULD default to those of the resource > where possible, but MAY be restricted when bindings are made across > namespaces with different permissions. Permissions MUST NOT be granted > or extended in the above scenario. As I see it, this is the prudent > thing to do in this situation. The only other option would be to > forbid bindings across security domains that cannot maintain the > existing permissions exactly as they are on the resource (if, for > example, a given principledid not exist and could not be created). > > Comments? > > > Best, > Elias >
Received on Tuesday, 26 April 2005 22:02:19 UTC