- Change Group ACL definition spec to one based on
vcard:hasMemberinstead ofacl:agentClass. Move previousagentClassbased section toproposals/for archival purposes.
- Add a discussion of infinite loops in Group ACL resolution
- Expand the agentClass / Group acl definition, clarifying usage of
acl:agentClass, discussing Group Listing documents
- Add 'Access Control List Resources' sections, discuss individual vs inherited ACLs.
- Discuss the
acllink relation and ACL discovery - Add a section on the ACL Inheritance Algorithm
- Move the Vocabulary section into the 'Representation Format' section
- Add a section for
acl:defaultForNew('Default (Inherited) Authorizations') - Add a 'Not Supported by Design' section
- Added a side-note about how
acl:defaultForNewwill soon be renamed toacl:default
- Change the Referring to Resources section --
the recommended solution is simply to use
acl:Control, and not refer to the ACL resource itself in its own contents. - Remove the phrasing that WAC does not privilege the ACL resources.
- Clarify that
acl:Controlgives access even to read the ACL resource. Without that permission, a user cannot read the resource.
First draft of spec, as of Apr 2016.