LDAP Access Control

[Tim Howes <howes@netscape.com>]

Hi all. It appears to Mark and me, your LDAPEXT co-chairs,
that the ACL discussions have broken down and are no longer
producing anything constructive. This message is our attempt
to put things back on track. To do this effectively, we need
your help and participation.  Please read this message
carefully and respond to the questions posed.

We are not taking a vote, we are simply trying to gauge the
consensus in the group. There have been several vocal views
expressed, and we need to determine which ones (if any!) have
the support of the group.  If this looks like rehashing of
old ground, please bear with us one more time.  Please note
that the reply-to on this message points to Mark and me. If
you would like to reply to the whole list, please feel free
to do so.

QUESTION 1: Do you believe LDAPEXT should be trying to define
requirements, framework, and/or a model for access control in
LDAP directories?

QUESTION 2: Do you basically support the access control
requirements draft (draft-ietf-ldapext-acl-reqts-00.txt)?

QUESTION 3: Do you basically support the access control model
draft (draft-ietf-ldapext-acl-model-00.txt)?

QUESTION 4: Do you think we should adopt the X.500(1993)
basic access control model as the starting point for the LDAP
access control model?

QUESTION 5: Do you think we should specify only a framework
for identifying access control models, and not define a
single standards-track model for LDAP at this time?

Please let us know what you think.  If nobody responds to
these questions, we'll assume that you support the direction
stated in the charter and worked on in the group so far,
which is to define an LDAP access control model, and to
support the requirements and proposed model drafts.

Tim Howes and Mark Wahl