[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Standards and APIs (C LDAP API: security considerations)




> -----Original Message-----
> From: Graham Klyne [mailto:GK@Dial.pipex.com]
> Sent: Wednesday, November 17, 1999 5:12 AM

> Without this, 
> applications that
> wish to depend on some particular (policy-definied) behaviour 
> are left out
> in the cold;  or, they use an API subset for which full semantics are
> defined, which brings us back to Harald's position.

Applications shouldn't need to depend on certain policies being configured.
"Policy" is not the same as configuration "options". 
What applications will have to do is to be able to cope with being told an
action is denied by policy. Just like they have to cope with authentication
failures or "access denied".

Paul