Hi Marc,
thanks for your feedback!
On 14.05.2011 01:41, Marc Petit-Huguenin wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
My problem is with the 4th paragraph of section 3:
"Access Control Policy: To ensure write access to Shared Resource by
Authorized Peers, each Usage MUST permit the USER-CHAIN-ACL access
policy (see Section 5.4) in addition to its regular access
policies (USER-MATCH, USER-NODE-MATCH, etc.)."
I do not see in -base how two (or more) Access Control Policies can be used for
one Kind.
I also see this conflict in the XML overlay config. document that only
allows a single access control policy per Kind. If it would support
multiple access policies, something like this:
kind-parameter&= element access-control { access-control-type }*<-- note the
asterisk, compare with base -13 p.122
the receiver of a store request could iterate over the those policies,
trying if any of them is true.
We have the same thing in draft-knauf-p2psip-disco:
"Access Control Policy: Authorized focus peers are allowed to write
the DisCo-Registration using the USER-CHAIN-ACL access policy.
The conference creator (and resource owner) is the only exception:
he is allowed to write based on the USER-MATCH or USER-PATTERN-
MATCH policy."
How a kind (DisCo-Registration in this case) can use two different access
control policy?
same as above
(Note that the configuration schema clearly states that a kind element contains
one data-model element and one access-control element).
If the base document keeps this rule, we have to think about an
alternative in ShaRe/DisCo..
regards,
Alexander
Thanks.
- --
Marc Petit-Huguenin
Personal email: [email protected]
Professional email: [email protected]
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk3NwaAACgkQ9RoMZyVa61dlZwCeNlDcg0W7NiYYF7AuiXCmvWkS
6V4AniHrLWAEQjTYb3M3JqQ8jvO5BOD3
=U1x+
-----END PGP SIGNATURE-----
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
--
/*************************************************
* Alexander Knauf B.Sc.
* AG INET
* Dept. Informatik
* HAW Hamburg
* Berliner Tor 7
* D-20099 Hamburg, Germany
* Room: 580
* Net: http://inet.cpt.haw-hamburg.de/members/knauf
* Phone: +49 40 42875 - 8067
* Fax: +49 40 42875 - 8409
*************************************************/
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
