IETF Logo Mail Archive

AW: [Simple] Authorization Rules for groups

"Tschofenig, Hannes" <hannes.tschofenig@siemens.com> Tue, 22 August 2006 14:55 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFXeo-0000Lf-Lw; Tue, 22 Aug 2006 10:55:10 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFXeo-0000JB-5G for simple@ietf.org; Tue, 22 Aug 2006 10:55:10 -0400
Received: from lizzard.sbs.de ([194.138.37.39]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GFXem-0000wh-JG for simple@ietf.org; Tue, 22 Aug 2006 10:55:10 -0400
Received: from mail1.sbs.de (localhost [127.0.0.1]) by lizzard.sbs.de (8.12.6/8.12.6) with ESMTP id k7MEt6O6019161; Tue, 22 Aug 2006 16:55:06 +0200
Received: from fthw9xpa.ww002.siemens.net (fthw9xpa.ww002.siemens.net [157.163.133.222]) by mail1.sbs.de (8.12.6/8.12.6) with ESMTP id k7MEt6p9015427; Tue, 22 Aug 2006 16:55:06 +0200
Received: from MCHP7IEA.ww002.siemens.net ([139.25.131.145]) by fthw9xpa.ww002.siemens.net with Microsoft SMTPSVC(6.0.3790.1830); Tue, 22 Aug 2006 16:55:06 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Subject: AW: [Simple] Authorization Rules for groups
Date: Tue, 22 Aug 2006 16:55:01 +0200
Message-ID: <A5D2BD54850CCA4AA3B93227205D8A30898C66@MCHP7IEA.ww002.siemens.net>
In-Reply-To: <44781c350608220537n1979e82bm56aab297742acf4@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Simple] Authorization Rules for groups
Thread-Index: AcbF8DTlHsTCQ+scQQSfImY7Dq00pwACGYSw
From: "Tschofenig, Hannes" <hannes.tschofenig@siemens.com>
To: Noga Tor <noga.tor@gmail.com>, simple@ietf.org
X-OriginalArrivalTime: 22 Aug 2006 14:55:06.0219 (UTC) FILETIME=[F48FABB0:01C6C5FA]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8
Cc:
X-BeenThere: simple@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SIP for Instant Messaging and Presence Leveraging Extensions <simple.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/simple>
List-Post: <mailto:simple@ietf.org>
List-Help: <mailto:simple-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=subscribe>
Errors-To: simple-bounces@ietf.org

Hi Noga, 
 
we discussed the aspect of groups some time back. 
 
I recall that the conclusion was the following: 
(without searching through my mails)
 
If you have a list of friends in your group then you would replace every
entity in the group with the specific instance of the group. 
 
Here is an example: You have a group sip:Alice-friends@example.com that
contains 
sip:Joe@example.com, sip:Tom@example.com and sip:Bob@example.com

The rule set would contain these three identities rather than some
identity for the entire group. 
 
You might argue about the performance improvement if you could just
convey a single rule instead of multiple onces. Given that you might not
update your rules every few seconds and that you might not have too many
groups with the same authorization right it might not be so dramatic at
the end.

Do you see a problem with this approach? 

Ciao
Hannes
 ________________________________

	Von: Noga Tor [mailto:noga.tor@gmail.com] 
	Gesendet: Dienstag, 22. August 2006 14:38
	An: simple@ietf.org
	Betreff: [Simple] Authorization Rules for groups
	
	
	Hi 
	 
	I was wondering if there is any way to define an authorization
rule that will apply to (RLS) contact list groups?
	 
	For example:
	Presentity Alice (sip:Alice@example.com) has defined an RLS
contact list called Alice-friends (sip:Alice-friends@example.com ). 
	Is it possible for Alice to define a policy sinlge rule that
will apply to all members of group "Alice-friends"? 
	 
	I have looked at the draft document detailing the presence
policy rules
(http://www.ietf.org/internet-drafts/draft-ietf-geopriv-common-policy-11
.txt
<http://www.ietf.org/internet-drafts/draft-ietf-geopriv-common-policy-11
.txt> ).
	I have found no evidence that such an action is possible. the
rule allows only the "one" or "many" options. Neither of these options,
(to my understanding) can be applied to such an RLS group and the only
option is to define each and every presentity in its own "one" tag. 
	 
	 
	I would appreciate your prompt respnose. 
	 
	 
	Thanks a lot
	Noga


_______________________________________________
Simple mailing list
Simple@ietf.org
https://www1.ietf.org/mailman/listinfo/simple

v2.23.0 | Report a Bug | By Email