[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: delete permission
Yes it should; in fact I believe it does. If someone thinks there's an
undefined case we should discuss it.
--bob
Bob Blakley
Chief Scientist
Tivoli SecureWay Business Unit
"David Chadwick" <d.w.chadwick@salford.ac.uk> on 07/25/2000 01:46:59 PM
Please respond to d.w.chadwick@salford.ac.uk
To: Ellen Stokes <stokes@austin.ibm.com>, ietf-ldapext@netscape.com, Bruce
Greenblatt <bgreenblatt@directory-applications.com>
cc: (bcc: George Robert Blakley III/Tivoli Systems)
Subject: Re: delete permission
> A seperate but related issue to how the delete permission overrides
> the delete subtree permission, is the more general problems of how to
> treat overlapping permissions. I don't know that there needs to be a
> general treatment, but when a new permission that is defined overlaps
> with a previously defined permission, there should be some discussion
> of the relationship. Any thoughts?
The document is already starting to do this by giving precedence to
the different elements such as subject. Therefore I think that if
everthing can be given a pecking order/precedence, and this can be
described fully in the model doc, then everything should fall out in
the wash, shouldn't it?
David
***************************************************
David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351 Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500 http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J
***************************************************