[Date Prev][Date Next] [Chronological] [Thread] [Top]

summary of Apr 18 ldap access control model conference call



Short summary:

1.  Required Permissions per Operation (R. Byrne)

Discussion on filter evaluation with respect to permissions.
Rob's proposal relaxes filter checking; current model (05) does
not.  Rob will further articulate the options, potential holes, etc
and send out a revised copy.  The basic question is when to
apply access control when a filter is used - at filter time or
result time.  This item will be further discussed on the mailing
list and the May 2 conference call.

Error disclosure:  It was agreed that failure cannot necessarily
reflect 'access denied' returned.  There are cases that access
may fail, but the server needs to be allowed to return success
with no data so as not to compromise even the existence of
data.  It was agreed that we will not create an attribute in the
root DSE to set error disclosure on a server basis.  We will
state that the returning of error codes is outside the ACM doc.

2.  Proposal to replace access-id with authzID

Intent is to generalized and provide extensibility with respect to
access-id.  We think this is ok.  Jim S. to provide the BNF.  Will
review on mailing list and reach conclusion by May 2 conference
call.

3.  Authentication Mechanism/Strength (Helmut's proposal)

The observation was made that in this proposal there is no way to
say 'grant access if user is authenticated' (independent of how the
user was authenticated).  Helmut clarified this to say that simple
(user id and password) means more than simple here and could
really cover the grant access if use is authenticated case.  Helmut
to revise to reflect hierarchy (granting access to all authenticated
users via simple).  It was mentioned that there are really 2 items
here:  (1) strength of authentication (none, simple, strong), and
(2) authentication mechanism that could be used as qualifiers for
access control (list of authn mechanisms).  There are requirements
for each.  Ellen to send out BNF that could cover both cases.
Further discussion on mailing list and on May 2 conference call.

4.  Collection proposal (D. Byrne)

Postposed to mailing list and May 2 conference call (ran out of
time to discuss today).

Ellen