Balazs Lengyel wrote:
Hello,The draft is careful and only says: for example read rights. What it really says is: you must have some rights. As you have pointed out, we do not know what the access control model is, but we can assume that there is some kind of access model in place.
I think the requirement should be removed because this document is supposed to be a standard. I don't see how "assume some rights in some sort of access control model" is supposed to be inter-operable.
Balazs
Andy
Andy Bierman wrote:Hi, I do not not understand why the session requesting a partial lock must have "at least read access" to the data indicated by the request. Since locks in NETCONF have no affect whatsoever on reading data, I do not see the purpose of this requirement. I could see the increased security achieved by requiring write access to all the data that a partial-lock covers, but I don't see the point of checking read access, in order to grant a partial lock. Andy -- to unsubscribe send a message to netconf-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/netconf/>
-- to unsubscribe send a message to netconf-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/netconf/>