The Webdav Access Control Protocol Group, chartered to develop a remote access control protocol, has released a final last-call specification for public review. Version 06 of the WebDAV Access Control Protocol defines "a set of methods, headers, and message bodies that define Access Control extensions to the WebDAV Distributed Authoring Protocol. This protocol permits a client to remotely read and modify access control lists that instruct a server whether to grant or deny operations upon a resource (such as HTTP method invocations) by a given principal." The relevant XML Document Type Definition is presented in an Appendix. The goal of the WebDAV access control extensions "is to provide an interoperable mechanism for handling discretionary access control for content in WebDAV servers... The underlying principle of access control is that who you are determines how you can access a resource. The 'who you are' is defined by a 'principal' identifier; users, client software, servers, and groups of the previous have principal identifiers. The 'how' is determined by a single 'access control list' (ACL) associated with a resource. An ACL contains a set of 'access control entries' (ACEs), where each ACE specifies a principal and a set of privileges that are either granted or denied to that principal."
Bibliographic information: "WebDAV Access Control Protocol." IETF Internet Draft. draft-ietf-webdav-acl-06. By Geoffrey Clemm (Rational Software), Anne Hopkins (Microsoft Corporation), Eric Sedlar (Oracle Corporation), and Jim Whitehead (U.C. Santa Cruz). June 21, 2001. Expires December 21, 2001. Also available in HTML and PDF formats.
From the version 06 draft: "This specification is organized as follows. Section 1.1 defines key concepts used throughout the specification, and is followed by more in-depth discussion of principals (Section 2), and privileges (Section 3). Properties defined on principals are specified in Section 4, and access control properties for content resources are specified in Section 5. The semantics of access control lists are described in Section 6, including sections on ACE combination (Section 6.1), ACE ordering (Section 6.2), and principals required to be present in an ACE (Section 6.4). Client discovery of access control capability using OPTIONS is described in Section 7.1, and the access control setting method, ACL, is specified in Section 8. Internationalization considerations (Section 11) and security considerations (Section 12) round out the specification. An appendix (Section 19.1) provides an XML Document Type Definition (DTD) for the XML elements defined in the specification..."
Principal references:
- "WebDAV Access Control Protocol." IETF Internet Draft. 'draft-ietf-webdav-acl-06'.
- WebDAV Access Control Protocol XML DTD
- WebDAV Access Control Protocol Home Page
- WebDAV ACL mailing list discussions
- Webdav.Org
- Contact/comments: acl@webdav.org
- WebDAV working groups
- "WEBDAV (Extensions for Distributed Authoring and Versioning on the World Wide Web" - Main reference page.