August 2005 IETF63 - SIMPLE"> August 2005 IETF63 - SIMPLE">

Presentation is loading. Please wait.

Presentation is loading. Please wait.

Solving the identity crisis draft-ietf-geopriv-common-policy-05

Published byゆりか やまがた Modified over 5 years ago

Similar presentations

Presentation on theme: "Solving the identity crisis draft-ietf-geopriv-common-policy-05"— Presentation transcript:

1 Solving the identity crisis draft-ietf-geopriv-common-policy-05
Henning Schulzrinne Aki Niemi Hannes Tschofennig Jonathan Rosenberg August 2005 IETF63 - SIMPLE

2 Current solution different identities
authenticated unauthenticated asserted anonymous asserted mapped to authenticated identity authorization based on anonymous identity not provided too vague description in some cases <identity> <id <id </identity> <identity> <domain domain="example.com"/> <except domain=“foo.com"/> </identity> <any-identity> <domain domain=“bar.com”> <except-domain domain="example.com"/> <except-domaindomain="foo.com"/> </any-identity> August 2005 IETF63 - SIMPLE

3 Basic proposal only authenticated identities
unauthenticated identities = omit <identity> one person identity :>= 1 person August 2005 IETF63 - SIMPLE

4 Asserted vs. authenticated
Do not make distinction in common-policy Currently, have text on distinction, but hard to understand without reference to particular use case (SIP, etc.) Suggestion: point to detailed discussion elsewhere August 2005 IETF63 - SIMPLE

5 Background: processing logic
All conditions are AND C1 AND C2 … each condition can be OR within If omitted, obviously not checked for identity: any identity, authenticated or not Only one of each kind of condition <conditions> <identity>…</identity> <sphere>…</sphere> <validity>…</validity> </conditions> AND August 2005 IETF63 - SIMPLE

6 Within each kind of condition
Allow OR conditions within <identity>, <validity>, <sphere>, …? currently, defined for <identity> only matches any of a list of identities may want for others? e.g, for sphere reason: combinatorial explosion! August 2005 IETF63 - SIMPLE

7 Identity: Single individual/user/person/…
<one May contain tel: URIs OR: <one <one OR August 2005 IETF63 - SIMPLE

8 >= 1 (groups) can be combined with <one> -- OR
<many/>  any authenticated <many> <except domain=“example.com”/> [OR] <except domain=“foobar.com”/> </many>  all but enumerated domains <many domain=“example.com”> <except id=“alice”/> [OR] <except id=“bob”/>  all but enumerated individuals in domain August 2005 IETF63 - SIMPLE

9 tel URIs tel URIs other URIs that don’t have domains = “non-domain identifiers” e.g., URN that uses passport numbers Proposal 1: only allow non-domain identifiers in id=“tel:123” doesn’t work: <many domain=“example.com”> <except id=“tel:123”/> </many> Proposal 2: only allow domain identifiers in <many/> (non-domain in <one> only) August 2005 IETF63 - SIMPLE

Download ppt "Solving the identity crisis draft-ietf-geopriv-common-policy-05"

Similar presentations

SIMPLE Open Issues Jonathan Rosenberg dynamicsoft IETF 52.

SIMPLE Open Issues Jonathan Rosenberg dynamicsoft IETF 52.
XCAP Tutorial Jonathan Rosenberg.

XCAP Tutorial Jonathan Rosenberg.
Ecrit-unauthenticated-access IETF 75, Stockholm July 29, 2009 Hannes Tschofenig (attending virtually) Dirk Kroeselberg.

Ecrit-unauthenticated-access IETF 75, Stockholm July 29, 2009 Hannes Tschofenig (attending virtually) Dirk Kroeselberg.
HTTP Dereference (draft-winterbottom-geopriv-deref-protocol-00) IETF-71 Philadelphia, March 2008 James Winterbottom Hannes Tschofenig Henning Schulzrinne.

HTTP Dereference (draft-winterbottom-geopriv-deref-protocol-00) IETF-71 Philadelphia, March 2008 James Winterbottom Hannes Tschofenig Henning Schulzrinne.
March 2008IETF 71 (Philadelphia) - ECRIT1 Unauthenticated emergency communications Henning Schulzrinne Gabor Bajko S. McCann Hannes Tschofenig draft-schulzrinne-ecrit-unauthenticated-access-02.

March 2008IETF 71 (Philadelphia) - ECRIT1 Unauthenticated emergency communications Henning Schulzrinne Gabor Bajko S. McCann Hannes Tschofenig draft-schulzrinne-ecrit-unauthenticated-access-02.
Service URN Classification and Update Policy (for non-emergency services) Henning Schulzrinne Andrea Forte Columbia University IETF 77 - Anaheim, California.

Service URN Classification and Update Policy (for non-emergency services) Henning Schulzrinne Andrea Forte Columbia University IETF 77 - Anaheim, California.
LoST draft-ietf-ecrit-lost-02 ECRIT Working Group IETF 67 7 November 2006 Andrew Newton Henning Schulzrinne Hannes Tschofenig Ted Hardie.

LoST draft-ietf-ecrit-lost-02 ECRIT Working Group IETF 67 7 November 2006 Andrew Newton Henning Schulzrinne Hannes Tschofenig Ted Hardie.
RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-

RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-
1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004

1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004
Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.

Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.
Requirements for Resource Priority Mechanisms for the Session Initiation Protocol draft-ietf-ieprep-sip-reqs-01 Henning Schulzrinne Columbia University.

Requirements for Resource Priority Mechanisms for the Session Initiation Protocol draft-ietf-ieprep-sip-reqs-01 Henning Schulzrinne Columbia University.
Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.
Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA.

Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA.
ECRIT interim meeting - May 2005 1 Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Emergency calls related work done in IETF Gabor Bajko May 22, 2006.

1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Emergency calls related work done in IETF Gabor Bajko May 22, 2006.
RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.

RPIDS - Rich Presence Information Data Format for Presence Based on the Session Initiation Protocol (SIP) Henning Schulzrinne (ed.) Vijay Gurbani Krisztian.
Slide 1 Conferencing with MSRP draft-niemi-simple-chat-02.txt Miguel Garcia, Aki Niemi IETF-62 08-March-2005.

Slide 1 Conferencing with MSRP draft-niemi-simple-chat-02.txt Miguel Garcia, Aki Niemi IETF March-2005.
A Document Format for Expressing Privacy Preferences H. Schulzrinne, J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg.

A Document Format for Expressing Privacy Preferences H. Schulzrinne, J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg.
Presence Data Model Jonathan Rosenberg. Changes in -02 Split out data and processing models Allow multiple devices, services, person with same URI/device.

Presence Data Model Jonathan Rosenberg. Changes in -02 Split out data and processing models Allow multiple devices, services, person with same URI/device.
August 2005IETF63 - SIPPING1 Recommended Relationships between Different Types of Identifiers draft-schulzrinne-sipping-id-relationships-00 Henning Schulzrinne.

August 2005IETF63 - SIPPING1 Recommended Relationships between Different Types of Identifiers draft-schulzrinne-sipping-id-relationships-00 Henning Schulzrinne.

Similar presentations

Ads by Google