The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

NEWS
Cover Stories
Articles & Papers
Press Releases

CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG

TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps

EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Created: July 24, 2001.
News: Cover StoriesPrevious News ItemNext News Item

Webdav Access Control Protocol Group Publishes Last-Call Specification.

The Webdav Access Control Protocol Group, chartered to develop a remote access control protocol, has released a final last-call specification for public review. Version 06 of the WebDAV Access Control Protocol defines "a set of methods, headers, and message bodies that define Access Control extensions to the WebDAV Distributed Authoring Protocol. This protocol permits a client to remotely read and modify access control lists that instruct a server whether to grant or deny operations upon a resource (such as HTTP method invocations) by a given principal." The relevant XML Document Type Definition is presented in an Appendix. The goal of the WebDAV access control extensions "is to provide an interoperable mechanism for handling discretionary access control for content in WebDAV servers... The underlying principle of access control is that who you are determines how you can access a resource. The 'who you are' is defined by a 'principal' identifier; users, client software, servers, and groups of the previous have principal identifiers. The 'how' is determined by a single 'access control list' (ACL) associated with a resource. An ACL contains a set of 'access control entries' (ACEs), where each ACE specifies a principal and a set of privileges that are either granted or denied to that principal."

Bibliographic information: "WebDAV Access Control Protocol." IETF Internet Draft. draft-ietf-webdav-acl-06. By Geoffrey Clemm (Rational Software), Anne Hopkins (Microsoft Corporation), Eric Sedlar (Oracle Corporation), and Jim Whitehead (U.C. Santa Cruz). June 21, 2001. Expires December 21, 2001. Also available in HTML and PDF formats.

From the version 06 draft: "This specification is organized as follows. Section 1.1 defines key concepts used throughout the specification, and is followed by more in-depth discussion of principals (Section 2), and privileges (Section 3). Properties defined on principals are specified in Section 4, and access control properties for content resources are specified in Section 5. The semantics of access control lists are described in Section 6, including sections on ACE combination (Section 6.1), ACE ordering (Section 6.2), and principals required to be present in an ACE (Section 6.4). Client discovery of access control capability using OPTIONS is described in Section 7.1, and the access control setting method, ACL, is specified in Section 8. Internationalization considerations (Section 11) and security considerations (Section 12) round out the specification. An appendix (Section 19.1) provides an XML Document Type Definition (DTD) for the XML elements defined in the specification..."


Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Bottom Globe Image

Document URI: http://xml.coverpages.org/ni2001-07-24-a.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org