Work on good practices for the use of capability URLs
Switch branches/tags
Nothing to show
Latest commit 01f2ffa Jan 7, 2015 @JeniT JeniT change MUST to must

Capability URLs

There are two broad methods of controlling access to information that is published on the web:

  1. the server can have access control measures that require people accessing the content to provide the correct token(s) (such as a password) before the content is accessible
  2. the information can be published at an obscure or unguessable URL, and links to it only provided to people who have permission to access it

The URLs used in the second method are known as "capability URLs": an agent who possesses the URL is given the capability to access the information.

The goal of this project is to create a document that describes

  • cases where capability URLs are used on the web today
  • advantages and disadvantages of using capability URLs to control access to content
  • design considerations when creating websites that use capability URLs
  • areas of technical development to support the use of capability URLs