[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: grant / deny precedence indraft-ietf-ldapext-acl-model-04.txt

To: Ellen Stokes <stokes@austin.ibm.com>, prasanta@netscape.com, ietf-ldapext@netscape.com
Subject: Re: grant / deny precedence indraft-ietf-ldapext-acl-model-04.txt
From: David Chadwick <d.w.chadwick@salford.ac.uk>
Date: Fri, 22 Oct 1999 18:28:55 +0100
In-reply-to: <9910220247.AA72284@dceperf.austin.ibm.com>
Organization: University of Salford
References: <E11eQY2-0000ds-00@neodymium.btinternet.com>
Resent-date: Fri, 22 Oct 1999 10:33:35 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"VUi3R.A.sNF.r-JE4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> David (and others),
> Here's the question:  Do we want to include subjects other
> than access-id, role, and group?
> Ellen

Like Jim, I do not recognise a difference from the access control 
perspective between the currently defined role and group. Therefore 
I would suggest delete role.
I do also suggest that subtree is added, as this is clearly different to 
group (and role).


David

***************************************************

David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351  Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page  http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500  http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J

***************************************************

References:
- Re: grant / deny precedence indraft-ietf-ldapext-acl-model-04.txt
  - From: David Chadwick <d.w.chadwick@salford.ac.uk>
- Re: grant / deny precedence indraft-ietf-ldapext-acl-model-04.txt
  - From: Ellen Stokes <stokes@austin.ibm.com>

Prev by Date: Re: Examples (differing privileges, DNs) for aci-model-04
Next by Date: ldap password policy approach
Index(es):
- Chronological
- Thread