In trying to formalize a policy for the RD testing, I ended up with something that I think needs to be noted in this section. There is a difference between the following statements:
Access is granted to resources created by the client. Access is granted to resources that could have been created by the client. The first is what the text seems to cover. This make sense in for the coffeepot where only the person who created the order should be able to cancel it. (Well maybe an administrator might need to as well.) However it does not cover the case where an installer created a number of entries in the RD. A QA person then comes through to make sure the installation was done correctly. When he finds a problem, the first statement requires that the original installer come out to fix it while the second statement allows the QA person to make the fix. Jim _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
