OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

Re: WebDAV ACL as usecase for XACML

  • 1.  Re: WebDAV ACL as usecase for XACML

    Posted 08-31-2001 11:26
    hmm... this looks like the latest incarnation of DAV. if so, my first
    read on this is that -- at least in part -- it is operating at a layer
    (HTTP) below what XACML is addressing. it definitely bears further
    consideration to make sure that we don't ignore a relevant standard, but
    i wonder what the affects of having newly defined HTTP header variables
    will have on our ability to support the spec?
    
    being this late in the process for generating use cases how does the
    group suggest that we proceed? is it an issue that can be addressed?
    
    Example - Using allprop to Retrieve All Properties
    
         >>Request 
    
         PROPFIND /container/ HTTP/1.1    <------ <yikes!>
         Host: www.foo.bar 
         Depth: 1 
         Content-Type: text/xml; charset="utf-8" 
         Content-Length: xxxx 
    
            <?xml version="1.0" encoding="utf-8" ?>
            <D:propfind xmlns:D="DAV:">
              <D:allprop/>
            </D:propfind>
    
    b
    
    > "DeSouza, Edwin" wrote:
    > 
    > Bill,
    > There is a big new IETF activity happening called WebDAV (Web
    > Distributed Authoring and Versioning):
    > http://www.webdav.org/
    > 
    > They understand that this will require a good Authorization model.
    > So, the IETF has also created WebDAV ACL.  This is out on last call:
    > 
    > http://www.webdav.org/acl/
    > http://mailman.webdav.org/pipermail/acl/
    > 
    > Here is the Spec:
    > http://www.webdav.org/acl/protocol/draft-ietf-webdav-acl-06.pdf
    > 
    > WebDAV will permeate on web based collaboration.  So, XACML cannot
    > afford to ignore WebDAV ACL. XACML should be able to model WebDAV ACL.
    > 
    > Thanks,
    > Edwin.