[tahoe-dev] [tahoe-lafs] #958: LAFS 301 Moved Permanently
James A. Donald
jamesd at echeque.com
Thu Aug 5 02:04:25 UTC 2010
On 2010-08-04 4:06 AM, tahoe-lafs wrote:
> Hm, would it be okay to allow people to set an HTTP 301 to a different cap
> of a different ''type'', such as a read-write cap instead of a read-only
> cap or a read-only cap instead of a read-write cap?
>
> Our tradition of transitive attenuation of authority suggests that we
> should forbid this, which means that a client which is ''following'' an
> HTTP 301 redirect should remember whatever the attenuation of the original
> cap was (i.e. if it was read-only or ''???'' if it was a verify-only cap)
> and refuse to use the new cap with authority outside of that.
Obviously the person who sets up a 301 to greater authority *has* that
authority - so he should be able to share that authority with who he
chooses.
More information about the tahoe-dev
mailing list