RE: Is this topic dead?

Rich Salz <rsalz@osf.org> Wed, 13 July 1994 14:32 UTC

Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Rich Salz <rsalz@osf.org>
Date: Wed, 13 Jul 1994 09:58:20 -0400
Message-Id: <9407131358.AA02466@sulphur.osf.org>
To: P.V.McMahon@rea0803.wins.icl.co.uk, Pope@secstan.demon.co.uk
Subject: RE: Is this topic dead?
Cc: ietf-aac@isi.edu

> DCE 1.0 currently provides an example authorisation facility which 
> is intended to be supplanted in DCE 1.1 by a standard DCE ACL 
> library which includes backing store.

I'll be more then happy to answer any questions about DCE ACL's.
(I designed the ACL and backing store libraries; you can call the ACL
evaluation routines without using the storage model).  I can probably
also make specs available if there is interest.

The most interesting thing that will be in DCE 1.1 is a delegation facility.
You send your credentials to the printer along with a "you can add yourself"
indication.  The printer adds itself, and then asks the filesystem for a file
so it can print it.

> Unlike POSIX.6 (which defines ACLs for POSIX.1 files), DCE defines a 
> set of ACL types for use within DCE, and enables applications to 
> invent their own types (and the different associated "ACL 
> Managers").  However, this means that applications must maintain the 
> link between application objects and ACLs.

It's a little more strong then this:  DCE says "if you have these kinds
of permissions -- read, write, modify-acl, etc then you *should* use
these specific bits to indicate said permissions."

I continue to be very disappointed in this mailing list; this note here
will be about the fifth message in six months.
	/r$

Is this topic dead? Nick Pope
Is this topic dead? Clifford Neuman
RE: Is this topic dead? P.V.McMahon
RE: Is this topic dead? Rich Salz