Re: Issue with non-aggregate abstract privileges and DAV:current-user-privilege-set from Julian Reschke on 2009-05-21 (w3c-dist-auth@w3.org from April to June 2009)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Thu, 21 May 2009 13:55:15 +0200
To: Bernard Desruisseaux <bernard.desruisseaux@oracle.com>
CC: acl@webdav.org, w3c-dist-auth@w3.org
Message-ID: <4A154123.60909@gmx.de>

Bernard Desruisseaux wrote:
> In section 3 Privileges of RFC3744 
> <http://tools.ietf.org/html/rfc3744#section-3> it says:
> 
>     Aggregate and non-aggregate privileges are both capable of being
>     abstract.
> 
> but in section 5.4 DAV:current-user-privilege-set of RFC3744 
> <http://tools.ietf.org/html/rfc3744#section-5.4> it says:
> 
>     Therefore, each element in the DAV:current-user-privilege-set
>     property MUST identify a non-abstract privilege from the
>     DAV:supported-privilege-set property.
> 
> In a discussion amongst CalDAV implementors, it was brought up that the 
> above requirement would be problematic for implementations that supports 
> non-aggregate "abstract" privileges.
> 
> That is, an implementation that allows such a privilege to be set 
> individually on a resource (either by default or through a proprietary 
> mechanism) would not be allowed to report this privilege in the 
> DAV:current-user-privilege-set property.
> ...

Recorded as 
<http://greenbytes.de/tech/webdav/draft-reschke-rfc3744bis-latest.html#rfc.issue.5.4-current-user-privilege-set-vs-abstract>.

BTW: the server running the  ACL mailing list has been down for quite 
some time (*), so I recommend to move all ACL relations over here.

BR, Julian

(*) Hopefully it will be possible to resurrect the archives...

Received on Thursday, 21 May 2009 11:56:09 UTC