[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Clarification of "[all]" and "[entry]"
David,
Responses embedded below...
Ellen
At 10:59 PM 7/17/00 +0100, David Chadwick wrote:
Ellen
could you clarify the meaning of the keywords "[all]" and
"[entry"]
please for attributes. The ID states:
"[all]" means the permission set apply to all attributes
of
the entry.
What is the meaning of the above if the scope is
subtree?
(EJS) The permission
set associated with "[all]"
applies to all attributes of each entry in the
subtree.
What if the permission set comprises
n,b and t only?
(EJS) These
permissions apply only to entries, not
attributes. So specification of them in this
context is invalid (we need to update the BNF to
reflect this.
[entry] means the permissions apply to
the entire object.
What is the meaning if the scope is subtree?
(EJS) The specified
permissions apply to each entry
in the subtree. Recall that only certain permissions
can be applied to the entire entry (we need to update
the BNF to reflect this).
What if the permission set comprises r,
w and o only?
(EJS) These
permissions apply only to attributes, so
can only be used with "[all]" or specifically listed
attribute(s). (we need to update the BNF to reflect
this).
If fact is there any purpose of the
keyword [entry] at all given that
we have entry level permissions?
(EJS) It helps focus
the permissions to either entry or
attribute quickly and and for clarification and ease of
parsing.
David
***************************************************
David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351 Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page
http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500
http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars
http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J
***************************************************