Saturday, April 02, 2005

Control Freak

Drummond always loves it when I randomly decide to add another system word... well here I go again... (the title of this post is about the system words not about Drummond!!)

We have been going back and forth for a while about the behavior of the link contracts when the underlying permissions are changed. If I give you additional access to a new piece of data, should that invalidate the contract that you have already signed? What if I remove your access to piece of data?

If each change does invalidate the contract we are going to end up with a LOT of contract signing overhead. If it doesn't I might suddenly give you set rights to something and then accuse you of messing up my data... You never even knew that you had the set rights.

So we decided to support both options; If the instance of a $policy has a synonym “$RequireSignedRightsPaths” then the rights paths will be signed as part of the contract. Any changes to your permission set will therefore invalidate the contract. In the absence of this synonym you will only sign the policy itself and the permissions can change at the authorities will. This has been added to the primer.

Given that most policies should be standard and don’t actually care what the specific data that is being shared is this should work fine.

No comments: