Dear Colleagues,

Unfortunately, I've been having some personal problems recently that
distracted me from my work tasks. This affected especially the long
ago promised AA best practices development guide. I'm sorry to say
that I've not been yet able to complete it beyond very crude
pre-drafts. I'm trying however to catch up with this.

Actually, there is a problem that needs to be discussed, which Andreas
Maunz raised some time ago (but I couldn't react then). In short, it
concerns the protection of, let's call them "multi-component"
resourced: most importantly the datasets, which could consist of many
and many of compounds. We have to settle on some decision at which
level will we protect such resources: at the root (e.g., the dataset),
or at each individual component (e.g. compound).

Obviously, protecting at component level is going to provide better
flexibility. However, as Andreas and Micha have found out, having too
much rules (URIs) in a policy is putting abortive pressure on the AA
system, rendering it unusable. Without doubt, even if the AA system
were able to handle the load, the increased complexity and
cumbersomeness could lead to other problems. So, it's really a matter
of balance.

Therefore, I'd like to ask for your opinion: is there a need to place
the protection at component level such that would outweigh the
additional technical burden. In fact, there's extra burden if we
protect at the root as well, because we need to have a mechanism to
"reroute" queries for specific components to the root policy.

Cheers,
Luchesar