[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: WebDAV ACL as usecase for XACML
hmm... this looks like the latest incarnation of DAV. if so, my first read on this is that -- at least in part -- it is operating at a layer (HTTP) below what XACML is addressing. it definitely bears further consideration to make sure that we don't ignore a relevant standard, but i wonder what the affects of having newly defined HTTP header variables will have on our ability to support the spec? being this late in the process for generating use cases how does the group suggest that we proceed? is it an issue that can be addressed? Example - Using allprop to Retrieve All Properties >>Request PROPFIND /container/ HTTP/1.1 <------ <yikes!> Host: www.foo.bar Depth: 1 Content-Type: text/xml; charset="utf-8" Content-Length: xxxx <?xml version="1.0" encoding="utf-8" ?> <D:propfind xmlns:D="DAV:"> <D:allprop/> </D:propfind> b > "DeSouza, Edwin" wrote: > > Bill, > There is a big new IETF activity happening called WebDAV (Web > Distributed Authoring and Versioning): > http://www.webdav.org/ > > They understand that this will require a good Authorization model. > So, the IETF has also created WebDAV ACL. This is out on last call: > > http://www.webdav.org/acl/ > http://mailman.webdav.org/pipermail/acl/ > > Here is the Spec: > http://www.webdav.org/acl/protocol/draft-ietf-webdav-acl-06.pdf > > WebDAV will permeate on web based collaboration. So, XACML cannot > afford to ignore WebDAV ACL. XACML should be able to model WebDAV ACL. > > Thanks, > Edwin.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC