4. Free Busy Access Control

These may be “system” or “solution” requirements, and not necessarily “protocol” requirements. Authentication is handled at the HTTP level and is outside the scope of the protocol. The protocol deals with an authorization “principal” which is then compared to various properties to determine privileges. The client will have to present the user with various options to support this, as described below.