[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication Level



David,

I agree that I need to include your point in section 4.2.4.
This is a good case for how 'any' works.

Thanks.
Ellen


At 10:59 PM 7/17/00 +0100, David Chadwick wrote:
Ellen]

An important point about the authentication level (which I could not
find in the draft) is that for the permission to be granted the subject
must have been authenticated to at least the level specified, but that
if the right is a deny, then EVERYONE is denied access unless they
have been authenticated to at least the level specified in authnLevel.

David

***************************************************

David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351  Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page  http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500  http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J

***************************************************