[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP Access Control

To: howes@netscape.com, Mark Wahl <m.wahl@critical-angle.com>
Subject: Re: LDAP Access Control
From: Ellen Stokes <stokes@austin.ibm.com>
Date: Fri, 12 Jun 1998 13:07:30 -0500
Cc: ietf-ldapext@netscape.com
Delivered-to: ldapext-archive@critical-angle.com
In-reply-to: <357DEAB7.696B6654@netscape.com>
Resent-date: Fri, 12 Jun 1998 11:05:29 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"CrsbR.0.jo4.etMWr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

>
>
> QUESTION 1: Do you believe LDAPEXT should be trying to define 
> requirements, framework, and/or a model for access control in 
> LDAP directories? 


Yes.  It is needed for interoperability and
the replication work.


>
> QUESTION 2: Do you basically support the access control 
> requirements draft (draft-ietf-ldapext-acl-reqts-00.txt)?


Yes.

>
>  
>
> QUESTION 3: Do you basically support the access control model 
> draft (draft-ietf-ldapext-acl-model-00.txt)? 


Yes, plus the additions that were requested at the last IETF 
meeting.


>
> QUESTION 4: Do you think we should adopt the X.500(1993) 
> basic access control model as the starting point for the LDAP 
> access control model? 


No.  The X.500 access control model does not meet requirements
as the acl model authors will show shortly.


>
> QUESTION 5: Do you think we should specify only a framework 
> for identifying access control models, and not define a 
> single standards-track model for LDAP at this time? 


No, a framework does not provide for interoperability - it
will only profilerate more acl models.  There must be a
single standard-track model for ldap.

References:
- LDAP Access Control
  - From: Tim Howes <howes@netscape.com>

Prev by Date: Re: LDAP Access Control
Next by Date: RE: LDAP Access Control
Index(es):
- Chronological
- Thread