[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: IP Address in the ACM (Was: Comments on AccessControlModel- BNF)
"Kurt D. Zeilenga" wrote:
>
> At 05:30 PM 4/5/01 +0200, robert byrne wrote:
> >However, not specifying something as optional is
> >definitely within our control and will avoid the situation where one
> >server implements the ip subject and another server does not--simple as
> >that.
>
> All that is necessary for protocol interoperability is for
> implementations to recognize the complete syntax.
>
So, why don't we just specify the BNF and stop there ?
The reason is that the semantic content is important too--and we should
be defining this semantics as precisely as we can, in order to arrive
with implementations that, all else being equal, are interoperable.
> We've training our users not to expect insecure features
> in our software. We are slowly eliminating these features
> WITH the support of our user community. Progressing a
> Standard Track ACM which would require us to add back in
> features, or preclude us from eliminating them, is a Bad
> Thing.
Mmmm...will the next version of your product not allow the ability to
grant public access, becuase that's "insecure" ? I suspect not--because
in some situations that's a useful policy, explicitly set by the
administrator. It seems to me that the same is probably true of an
ip-address subject and simple authentication.
Rob.
>
> Kurt