[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Policy in IETF APIs (was: Standards and APIs)




> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
> Sent: Thursday, November 18, 1999 4:13 PM

> 
> At 04:01 PM 11/18/99 -0800, Paul Leach (Exchange) wrote: 
> > The kind of admin I was talking about is one who has authority
> > over what the Directory User can do.
> 
> This may not be same admin who has authority over what information
> is published by the Directories to which the user has been authorized
> to obtain information from.  That is, one admin may have authority
> over what information is published to the user and another admin
> may have authority over how that information is used.  This
> policy scenerio is quite common.

So? The above observation, although correct, is not relevant to the proposal
I made.

It could even be a third admin who is worried about the security of their
site, and they're the one that gets to say that plaintext passwords are not
to be used by any user, Directory User or otherwise.

Paul