Andre Beck wrote:
We are currently working on a new IRML version to address the two issues
you mentioned. I agree with you and ohers that having one rule module
per user is not desirable, especially in light of the fact that most
users probably won't write their own rules anyway. Instead they will
authorize their ISP to set up rules on their behalf. So we were thinking
about introducing a new rule module class "delegate" for rules that are
authored by an authorized entity on behalf of the actual rule owner.
Not sure whether we need or want to have a new rule module class. The
"owner" section of a IRML rule serves two purposes - the "name" and
"id" elements identify the rule author, and the "class" attribute
indicates whether the rule has been specified on behalf of a content
provider or a client (and, therefore, whether the associated service
is executed on behalf of a content provider or client). A rule is
never specified for or on behalf of an access provider.
In Lily's example, the 100 subscribers to the filtering service
delegate authority for service execution and rule authoring to the
service provider (e.g. by signing up to the service), and the service
provider authors the corresponding rule(s) on behalf of the clients.
Therefore, the rule module class still is "client" (as the service is
executed on behalf of and authorized by clients), but the rule author
is the service provider (on behalf of its subscribers). This allows
the service provider to specify a single rule for multiple users.