IETF Logo Mail Archive

[P2PSIP] draft-knauf-p2psip-share-00

Marc Petit-Huguenin <petithug@acm.org> Fri, 13 May 2011 23:41 UTC

Return-Path: <petithug@acm.org>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8F0AE08A4 for <p2psip@ietfa.amsl.com>; Fri, 13 May 2011 16:41:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.965
X-Spam-Level:
X-Spam-Status: No, score=-101.965 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w6IJXPwQCbMw for <p2psip@ietfa.amsl.com>; Fri, 13 May 2011 16:41:25 -0700 (PDT)
Received: from server.implementers.org (server.implementers.org [69.55.225.91]) by ietfa.amsl.com (Postfix) with ESMTP id 2EA69E081D for <p2psip@ietf.org>; Fri, 13 May 2011 16:41:25 -0700 (PDT)
Received: by server.implementers.org (Postfix, from userid 1001) id 6E12ADBE400C; Fri, 13 May 2011 23:41:24 +0000 (UTC)
Received: from [192.168.2.3] (server.implementers.org [127.0.0.1]) by server.implementers.org (Postfix) with ESMTPA id 3AE66DBE400A for <p2psip@ietf.org>; Fri, 13 May 2011 23:41:23 +0000 (UTC)
Message-ID: <4DCDC1A2.5030201@acm.org>
Date: Fri, 13 May 2011 16:41:22 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110402 Iceowl/1.0b2 Icedove/3.1.9
MIME-Version: 1.0
To: P2PSIP Mailing List <p2psip@ietf.org>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Subject: [P2PSIP] draft-knauf-p2psip-share-00
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 May 2011 23:41:26 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am trying to find out how to implement the USER-CHAIN-ACL access control
policy defined in this I-D as a script, and there is something I do not understand.

First of all, I assume that this draft is using the features defined in base-13
and that no modifications in the -base document is needed to develop this policy.

My problem is with the 4th paragraph of section 3:

"Access Control Policy:  To ensure write access to Shared Resource by
   Authorized Peers, each Usage MUST permit the USER-CHAIN-ACL access
   policy (see Section 5.4) in addition to its regular access
   policies (USER-MATCH, USER-NODE-MATCH, etc.)."

I do not see in -base how two (or more) Access Control Policies can be used for
one Kind.  We have the same thing in draft-knauf-p2psip-disco:

"Access Control Policy:  Authorized focus peers are allowed to write
   the DisCo-Registration using the USER-CHAIN-ACL access policy.
   The conference creator (and resource owner) is the only exception:
   he is allowed to write based on the USER-MATCH or USER-PATTERN-
   MATCH policy."

How a kind (DisCo-Registration in this case) can use two different access
control policy?

(Note that the configuration schema clearly states that a kind element contains
one data-model element and one access-control element).

Thanks.

- -- 
Marc Petit-Huguenin
Personal email: marc@petit-huguenin.org
Professional email: petithug@acm.org
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3NwaAACgkQ9RoMZyVa61dlZwCeNlDcg0W7NiYYF7AuiXCmvWkS
6V4AniHrLWAEQjTYb3M3JqQ8jvO5BOD3
=U1x+
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email