1. August 2005IETF63 - SIMPLE1 Solving the identity crisis draft-ietf-geopriv-common-policy-05 Henning Schulzrinne Aki Niemi Hannes Tschofennig Jonathan Rosenberg

2. August 2005IETF63 - SIMPLE2 Current solution different identities –authenticated –unauthenticated –asserted –anonymous asserted mapped to authenticated identity authorization based on anonymous identity not provided too vague description in some cases

3. August 2005IETF63 - SIMPLE3 Basic proposal only authenticated identities unauthenticated identities = omit identity one person :>= 1 person

4. August 2005IETF63 - SIMPLE4 Asserted vs. authenticated Do not make distinction in common-policy Currently, have text on distinction, but hard to understand without reference to particular use case (SIP, etc.) Suggestion: point to detailed discussion elsewhere

5. August 2005IETF63 - SIMPLE5 Background: processing logic All conditions are AND C1 AND C2 … –each condition can be OR within If omitted, obviously not checked –for identity: any identity, authenticated or not Only one of each kind of condition … AND

6. August 2005IETF63 - SIMPLE6 Within each kind of condition Allow OR conditions within,,, …? currently, defined for only –matches any of a list of identities may want for others? –e.g, for sphere –reason: combinatorial explosion!

7. August 2005IETF63 - SIMPLE7 Identity: Single individual/user/person/… May contain tel: URIs OR: OR

8. August 2005IETF63 - SIMPLE8 >= 1 (groups) can be combined with -- OR  any authenticated [OR]  all but enumerated domains [OR]  all but enumerated individuals in domain

9. August 2005IETF63 - SIMPLE9 tel URIs –other URIs that don’t have domains = “non-domain identifiers” –e.g., URN that uses passport numbers Proposal 1: only allow non-domain identifiers in id=“tel:123” –doesn’t work: Proposal 2: only allow domain identifiers in (non-domain in only)