[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication Level

To: d.w.chadwick@salford.ac.uk, ietf-ldapext-acm@OpenLDAP.org, ietf-ldapext@netscape.com
Subject: Re: Authentication Level
From: Ellen Stokes <stokes@austin.ibm.com>
Date: Tue, 18 Jul 2000 01:13:00 -0500
In-reply-to: <39738FDB.24155.3146330@localhost>

David,

I agree that I need to include your point in section 4.2.4.
This is a good case for how 'any' works.

Thanks.
Ellen

At 10:59 PM 7/17/00 +0100, David Chadwick wrote:

Ellen]

An important point about the authentication level (which I could not
find in the draft) is that for the permission to be granted the subject
must have been authenticated to at least the level specified, but that
if the right is a deny, then EVERYONE is denied access unless they
have been authenticated to at least the level specified in authnLevel.

David

***************************************************

David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351  Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page  http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500  http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J

***************************************************

Prev by Date: New Virus Alert!
Next by Date: I-D ACTION:draft-ietf-ldapext-ldap-java-api-11.txt
Index(es):
- Chronological
- Thread