I would suggest looking at Bill's long email / design spec - there is a lot of "meat" about pools there based on Bill's various conversations with David. @Darren do you want to start working on a more technical design spec or build on Bill's spec? D.
________________________________ From: Darren Hague [mailto:[email protected]] Sent: Fri 13.03.2009 12:26 To: [email protected] Subject: Re: ESME Groups >A message may only be in one pool. There is no way for a message to escape >the pool (eg. resend cannot change the pool) and any replies (or comments in >FB parlance) are in the pool of the original message (this is for >performance and security purposes.) Cool - this means that each Access Control List (ACL) can exist as an object. Multiple messages in the same thread will reference the same ACL object. The SecurityManager can use a cached map of "(User, ACL) -> Permission", e.g. "(dhague, ACL_1b3cd5e) -> Read" which will improve performance over evaluating the ACL fresh each time. - Darren
