hi julian
4a) Note that this assumes that we "walk" the tree (for some value of "walk") without being stopped by access control.
not totally sure if i understand what that means. we definitely can't rely on the ability to walk the tree. similarly i plan to enforce access control on the oak-layer. in other words: authorization will not be built on top of the jcr-layer as we have it currently in jackrabbit-core. instead i will enforce it underneath the oak-api. kind regards angela
