Provided the server-side implementation (T505, T506, T507) and the client-side implementation of a generic collaborative editing framework, questions arise about the functionality and behavior required/desired, that have more to do with the integration in to Kolab (or any other application suite) and the human experience of such integration.
For example, should a Kolab user log in to #manticore, then documents available for editing (those to which the user has write access) would be limited to documents residing in (IMAP) folders to which the Kolab user has access -- it may (or may not) be expected to provide a view on documents that cannot themselves be written to, but could be created a working copy of.
Similarly, provided restrictions to a "session" (the having opened a document for editing), the authorization to participate in the session could be assigned on the basis of an individual user or a group of users. The user that creates the session may alter the Access Control List, but would not necessarily expect that action to give out write access to the document as such -- the document is a single file in a folder, and access control is managed based on folders, not files.
The user would probably also not expect the entries available for Access Control to the session to be limited to those users or groups that already have access to write to the document being edited in the session.
A user might also be "invited" to participate in a session, meaning that the initial login (authentication) could need to lead the user to existing "sessions" in which the user is allowed to participate.
There's probably more questions and considerations to make, but I hope this spawns off a good thread on these subjects.