[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: forced VCAR (was: revised security section)
When the scope of CAP was being worked on there seemed to be general
consensus that CAP would not be a protocol that supported CS administration.
Obviously there has to be some CS administration support. To date the
method used to decide what goes in and what gets punted has been the
question, "Will customers expect that typical individual users need to
perform this task?"
IMHO setting an enforceable CS policy fails the test that we have been
using, therefore CAP should not address this topic.
> No that I think about it even more, is this subject appropriate for the
> draft at all? It would never appear as a part of the protocol on the wire,
It might, if the protocol provides a way for an admin to set it. (Of course,
then you have to have access control on who gets to be an admin...)