[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CAP comment, section 4.5.1, lookup
> From: "Paul B. Hill" <firstname.lastname@example.org>
> Subject: CAP comment, section 4.5.1, lookup
> 4.5.1 Lookup
> CAP MUST specify, subject to access control:
> - How the CUA can list calendars in a single CS, by fetching all
> the top level CSIDs of the CS.
> I know of several higher-ed sites that do not require authentication or
> authorization to query their directory services, however they do not permit
> fetching all of their identifieres. This is sometimes done by limiting the
> number of queries from a single host, or by limiting the number of
> responses generated by a wildcard search.
> This is because they wish to allow external users to locate and contact
> people within their domain, but they try to prevent people from creating
> additional directories, databases, or mass mailing lists.
> I think that a similar requirement exists for the CSIDs on a single CS.
> Does the group feel that "subject to access control" covers a throttling
> mechanism or does the requirement need further elaboration?
I think the conversations assumed the user had already authenticated.