I think it's time to declare my interest. The CouchDB-backed application I've been working on is now available here: http://www.deploy2.net/
It's basically an IP address database / network asset inventory. CouchDB has been a great match for this, especially some funky map-reduce logic for indexing IPv4 and IPv6 addresses, and having separate database instances for logical separation. At the moment, CouchDB sits entirely behind a Rails app, which handles the user authentication and authorization - that is, enforcing which databases you can use, and whether you have read/update/admin rights to them. If I can push enough of this logic down into CouchDB, then that would let me expose CouchDB itself to the Internet. That would give people a fast JSON-over-HTTP API for extending the service externally. It would also let me move more of the UI logic up into the browser, and the option of moving towards a CouchApp model. So that's my particular reason for having an interest in how the ACL features end up in 0.11. I'd be happy to describe how my current security model works and how it might be mapped down to CouchDB, if anyone's interested. (And if anyone's interested in the app itself, please feel free to try it out and send your comments to me off-list) Regards, Brian.
