A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Methods of Specifying Restrictions on AFS3 ACLs
Author(s) : A. Deason, et al.
Filename : draft-deason-afs3-acl-restrictions-00.txt
Pages : 11
Date : 2010-01-12
The AFS-3 ACL 'a' bit gives users unfettered power to grant, or
revoke, privileges, with no provision for enforcing site policy.
This memo provides several alternative mechanisms for creating
restrictions on what powers the 'a' bit denotes. Three alternative
mechanisms for restricting the power of the 'a' bit are proposed: a
method for overlaying the ACL with a site-controlled ACL; a method
for masking the ACL with a site-controlled privilege mask; and a
finely granular meta-acl mechanism for restricting to whom privileges
may be delegated, and which privileges may be given to different
classes of principals. This memo will serve as a basis for the ACL
restriction discussion with the AFS-3 protocol working group. The
intended goal of this discussion is to reach consensus on
standardization of one or more solutions, and then publish a BCP
status memo.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-deason-afs3-acl-restrictions-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-deason-afs3-acl-restrictions-00.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt