ldp.html
changeset 428 fff13d6627df
parent 427 9680ab51d5fa
child 433 1c2de1976d6a
--- a/ldp.html	Wed Nov 27 15:04:53 2013 -0500
+++ b/ldp.html	Wed Nov 27 15:23:56 2013 -0500
@@ -2149,6 +2149,18 @@
 </div>
 </section> <!-- Base specs -->
 
+<section class='informative' id='security'>
+<h1>Security Considerations</h1>
+As with any protocol that is implemented leveraging HTTP, implementations should take advantage of the many 
+security-related facilities associated with it and are not required to carry out LDP operations 
+that may be in contradistinction to a particular security policy in place. For example, when faced with an 
+unauthenticated request to replace system critical RDF statements in a graph through the PUT method, applications may
+consider responding with the 401 status code (Unauthorized), indicating that the appropriate authorization 
+is required. In cases where authentication is provided fails to meet the requirements of a particular access control 
+policy, the 403 status code (Forbidden) can be sent back to the client to indicate this failure to meet the
+access control policy.
+</section>
+
 
 <section class='appendix informative'>
 <h2>Acknowledgements</h2>
@@ -2174,6 +2186,7 @@
 
 <!-- <blockquote><em><a href="http://www.w3.org/TR/2013/WD-ldp-20130930/">Candidate Recommendation Draft</a></em></blockquote> wah -->
 <ul>
+	<li>2013-11-27 - ACTION-101 Added informative <a href="#security"></a> section (SS)</li>
 	<li>2013-11-27 - ACTION-100 Added informative note to Ordering section that containers can be nested (SS)</li>
 	<li>2013-11-18 - Various editorial and validation fixes (SS)</li>
     <li>2013-11-12 - Clean up some remnants of inlining (JA)</li>