On Mon, Feb 16, 2009 at 10:02 AM, Damien Katz <[email protected]> wrote: > > Therefore the answer is to not distinguish between replicated updates and > direct updates. Instead enforce same security rules either way. This user > can update this document with these values, or he can't. Doesn't matter if > it's replicated or direct. >
This pretty much describes the way I understand it as well. This makes the constraints on validation functions interesting. Under what circumstances should they ensure that the documents author-id matches the saving user? Will the previous_rev always be available at replication, as it is in the function signature? Validation functions make me want a distinction between document creation, and subsequent updates. > > Timeouts suck, but so does everything else. > classic Damien. I'm glad we're talking about this. Distributed identity is a tough problem, and validation / security plays a central role in that. Chris -- Chris Anderson http://jchris.mfdz.com
