[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Access Control
Hi,
><P>QUESTION 1: Do you believe LDAPEXT should be trying to define
><BR>requirements, framework, and/or a model for access control in
><BR>LDAP directories?
Yes, yes and yes.
>
><P>QUESTION 2: Do you basically support the access control
><BR>requirements draft (draft-ietf-ldapext-acl-reqts-00.txt)?
Yes.
><P>QUESTION 3: Do you basically support the access control model
><BR>draft (draft-ietf-ldapext-acl-model-00.txt)?
I think it needs something like PrescriptiveACI but otherwize
it might be fine. This is a big if though, without it IMHO the X.500
would be a better starting point.
><P>QUESTION 4: Do you think we should adopt the X.500(1993)
><BR>basic access control model as the starting point for the LDAP
><BR>access control model?
See, above.
><P>QUESTION 5: Do you think we should specify only a framework
><BR>for identifying access control models, and not define a
><BR>single standards-track model for LDAP at this time?
No. I think that would pull the plug on ldup.
Best Regards
Leif Johansson
Leif Johansson Phone: +46 8 164541
Department of Mathematics Fax : +46 8 6126717
Stockholm University email: leifj@matematik.su.se
<This space is left blank for quotational and disclamatory purposes.>