Solving the identity crisis draft-ietf-geopriv-common-policy-05

Slides:



Advertisements
Similar presentations
SIMPLE Open Issues Jonathan Rosenberg dynamicsoft IETF 52.
Advertisements

XCAP Tutorial Jonathan Rosenberg.
Ecrit-unauthenticated-access IETF 75, Stockholm July 29, 2009 Hannes Tschofenig (attending virtually) Dirk Kroeselberg.
HTTP Dereference (draft-winterbottom-geopriv-deref-protocol-00) IETF-71 Philadelphia, March 2008 James Winterbottom Hannes Tschofenig Henning Schulzrinne.
March 2008IETF 71 (Philadelphia) - ECRIT1 Unauthenticated emergency communications Henning Schulzrinne Gabor Bajko S. McCann Hannes Tschofenig draft-schulzrinne-ecrit-unauthenticated-access-02.
Service URN Classification and Update Policy (for non-emergency services) Henning Schulzrinne Andrea Forte Columbia University IETF 77 - Anaheim, California.
LoST draft-ietf-ecrit-lost-02 ECRIT Working Group IETF 67 7 November 2006 Andrew Newton Henning Schulzrinne Hannes Tschofenig Ted Hardie.
RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-
1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004
Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.
Requirements for Resource Priority Mechanisms for the Session Initiation Protocol draft-ietf-ieprep-sip-reqs-01 Henning Schulzrinne Columbia University.
Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.
Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA.
ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Emergency calls related work done in IETF Gabor Bajko May 22, 2006.
RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.
Slide 1 Conferencing with MSRP draft-niemi-simple-chat-02.txt Miguel Garcia, Aki Niemi IETF March-2005.
A Document Format for Expressing Privacy Preferences H. Schulzrinne, J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg.
Presence Data Model Jonathan Rosenberg. Changes in -02 Split out data and processing models Allow multiple devices, services, person with same URI/device.
August 2005IETF63 - SIPPING1 Recommended Relationships between Different Types of Identifiers draft-schulzrinne-sipping-id-relationships-00 Henning Schulzrinne.
November 2005IETF64 - ECRIT1 Emergency Service Identifiers draft-ietf-sipping-sos-01 draft-schulzrinne-sipping-service-01 Henning Schulzrinne Columbia.
Peering Considerations for Directory Assistance and Operator Services - John Haluska Telcordia SPEERMINT, IETF 68 Prague, Czech Republic 20 March 2007.
IETF63 - enum WG1 ENUM validation architecture & friends Alex Mayrhofer enum.at / 3.4.e164.arpa Bernie Höneisen SWITCH.
XCAP Jonathan Rosenberg dynamicsoft. Changes in Main Spec Removed POST usage Clarified the meaning of PUT for inserts vs. modifies Added AUID grammar.
A Modest Proposal Jonathan Rosenberg Cisco. Problem Statement Increasing gap between our specs and the SIP industry –Proxies vs. B2BUA –Open Internet.
SIP PUBLISH draft-ietf-simple-publish-01 Aki Niemi
IETF 67 – SIMPLE WG SIMPLE Problem Statement Draft-rang-simple-problem-statement-01 Tim Rang - Microsoft Avshalom Houri – IBM Edwin Aoki – AOL.
Implications of Trust Relationships for NSIS Signaling (draft-tschofenig-nsis-casp-midcom.txt) Authors: Hannes Tschofenig Henning Schulzrinne.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential Conveying Policy URI in Call-info purpose Hisham Khartabil Aki Niemi SIP WG.
March 2004GEOPRIV - IETF 59 (Seoul)1 GEOPRIV Policy draft-ietf-geopriv-policy draft-ietf-geopriv-common-policy Henning Schulzrinne Columbia University.
Policy Rules for Disclosure and Modification of Geographic Information ( draft-ietf-geopriv-policy-00.txt ) Authors: H. Schulzrinne J. Morris H. Tschofenig.
Public Safety Answering Point (PSAP) Callbacks draft-ietf-ecrit-psap-callback-02.txt H. Schulzrinne, H. Tschofenig, M. Patel.
Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.
SIP PUBLISH Method Jonathan Rosenberg dynamicsoft.
Presence Authorization Rules Jonathan Rosenberg Cisco Systems.
GRUU Jonathan Rosenberg Cisco Systems. Changes in -06 Editorial as a result of RFC-ED early copy experiment.
August 2005IETF63 - SIMPLE1 Solving the identity crisis draft-ietf-geopriv-common-policy-05 Henning Schulzrinne Aki Niemi Hannes Tschofennig Jonathan Rosenberg.
W3C Workshop on Languages for Privacy Policy Negotiation and Semantics- Driven Enforcement Report Hannes Tschofenig IETF 67, San Diego, November 2006.
November 2005IETF64 - SIPPING1 Service Identifiers draft-schulzrinne-sipping-service-01 Henning Schulzrinne Columbia University
IETF61 (November 2004) SIMPLE1 Data model and RPID Henning Schulzrinne Columbia University.
Jonathan Rosenberg dynamicsoft
IP-NNI Joint Task Force Status Update
IETF 61 Hisham Khartabil Robert Sparks
SIP Configuration Issues: IETF 57, SIPPING
Presence Composition draft-schulzrinne-simple-composition-00
Request-URI Param Delivery
Henning Schulzrinne Stephen McCann Gabor Bajko Hannes Tschofenig
draft-ietf-geopriv-lbyr-requirements-02 status update
IETF 61 Hisham Khartabil Robert Sparks
Emergency Service Identifiers draft-ietf-ecrit-service-urn-01
IP-NNI Joint Task Force Status Update
Verstat Related Best Practices
Hannes Tschofenig Henning Schulzrinne M. Shanmugam
Recommended Relationships between Different Types of Identifiers draft-schulzrinne-sipping-id-relationships-00 Henning Schulzrinne (Columbia U.) Eunsoo.
Service URN draft-schulzrinne-sipping-service-00
Post WG LC NMDA datastore architecture draft
Emergency Calling Services (Calls for police, fire, ambulance, etc.)
Conferencing with MSRP
Reproducibility: A problem of economics, not science
Ted Hardie Andrew Newton Henning Schulzrinne Hannes Tschofenig
LbyR discussion Henning Schulzrinne Hannes Tschofenig Richard Barnes
Non-Fiction Text Structure
draft-schulzrinne-geopriv-presence-lo-00
RPIDS and tuple issues Henning Schulzrinne with help from Paul Kyzivat
Henning Schulzrinne Columbia University
RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.
Presence Composition draft-schulzrinne-simple-composition-00
Resource priority Henning Schulzrinne 19-Aug-19 52nd IETF - SLC.
SHAKEN for Presented to: Ericsson Contact:
BINDing URIs to SIP AORs
Presentation transcript:

Solving the identity crisis draft-ietf-geopriv-common-policy-05 Henning Schulzrinne Aki Niemi Hannes Tschofennig Jonathan Rosenberg August 2005 IETF63 - SIMPLE

Current solution different identities authenticated unauthenticated asserted anonymous asserted mapped to authenticated identity authorization based on anonymous identity not provided too vague description in some cases <identity> <id entity="alice@example.com"/> <id entity="bob@example.com"/> </identity> <identity> <domain domain="example.com"/> <except domain=“foo.com"/> </identity> <any-identity> <domain domain=“bar.com”> <except-domain domain="example.com"/> <except-domaindomain="foo.com"/> </any-identity> August 2005 IETF63 - SIMPLE

Basic proposal only authenticated identities unauthenticated identities = omit <identity> one person identity :>= 1 person August 2005 IETF63 - SIMPLE

Asserted vs. authenticated Do not make distinction in common-policy Currently, have text on distinction, but hard to understand without reference to particular use case (SIP, etc.) Suggestion: point to detailed discussion elsewhere August 2005 IETF63 - SIMPLE

Background: processing logic All conditions are AND C1 AND C2 … each condition can be OR within If omitted, obviously not checked for identity: any identity, authenticated or not Only one of each kind of condition <conditions> <identity>…</identity> <sphere>…</sphere> <validity>…</validity> </conditions> AND August 2005 IETF63 - SIMPLE

Within each kind of condition Allow OR conditions within <identity>, <validity>, <sphere>, …? currently, defined for <identity> only matches any of a list of identities may want for others? e.g, for sphere reason: combinatorial explosion! August 2005 IETF63 - SIMPLE

Identity: Single individual/user/person/… <one id=“alice@example.com”> May contain tel: URIs OR: <one id=“alice@example.com”/> <one id=“bob@example.com”/> OR August 2005 IETF63 - SIMPLE

>= 1 (groups) can be combined with <one> -- OR <many/>  any authenticated <many> <except domain=“example.com”/> [OR] <except domain=“foobar.com”/> </many>  all but enumerated domains <many domain=“example.com”> <except id=“alice”/> [OR] <except id=“bob”/>  all but enumerated individuals in domain August 2005 IETF63 - SIMPLE

tel URIs tel URIs other URIs that don’t have domains = “non-domain identifiers” e.g., URN that uses passport numbers Proposal 1: only allow non-domain identifiers in id=“tel:123” doesn’t work: <many domain=“example.com”> <except id=“tel:123”/> </many> Proposal 2: only allow domain identifiers in <many/> (non-domain in <one> only) August 2005 IETF63 - SIMPLE

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.