[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[BLISS] draft-ietf-bliss-shared-appearances: Provisioning considerations

To: "Alan Johnston" <alan at sipstation.com>
Subject: [BLISS] draft-ietf-bliss-shared-appearances: Provisioning considerations
From: "Francois Audet" <audet at nortel.com>
Date: Tue, 14 Jul 2009 17:29:30 -0500
Cc: bliss at ietf.org
Delivered-to: bliss at core3.amsl.com
In-reply-to: <4A5C9E6E.6030001 at sipstation.com>
List-archive: <http://www.ietf.org/mail-archive/web/bliss>
List-help: <mailto:bliss-request@ietf.org?subject=help>
List-id: "Basic Level of Interoperability for SIP Services \(BLISS\) BoF" <bliss.ietf.org>
List-post: <mailto:bliss@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/bliss>, <mailto:bliss-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/bliss>, <mailto:bliss-request@ietf.org?subject=unsubscribe>
References: <A8A0646B-A517-43D2-8EDE-C0882BF8C25F at agnada.com> <1ECE0EB50388174790F9694F77522CCF1E2F8C9B at zrc2hxm0.corp.nortel.com> <DF0E644F-0450-471C-B5DF-5C977519502B at agnada.com> <1ECE0EB50388174790F9694F77522CCF1E8D43C8 at zrc2hxm0.corp.nortel.com> <4A5C9E6E.6030001 at sipstation.com>
Thread-index: AcoElF38JzjscuxfTa2jLS1ru6gFAwANkNXQ
Thread-topic: draft-ietf-bliss-shared-appearances: Provisioning considerations

> > Section 9:
> >
> > Delete first paragraph.
> >
> > Clarify the UA also REGISTERs to the AOR. Discuss the 
> security implications, i.e.,
> > you either use the same shared username/password, or you 
> use a different username/password
> > for HTTP digest, per user. Perhaps the security 
> considerations can be described in section 15.
> >
> >   
> 
> I added text about authorization for third party registrations and 
> publication.  A little more text on this would be helpful.

Ah-ah... Now we are getting down to business.

I am now looking at new section 10.1 on registration, and I see that
you are using indeed third-party registration (with To=HelpDesk, 
From=Alice).

So, this would be one way to to it.

Another way would be to NOT use third-party registration at all. In 
other words, Alice would send a first party registration on behalf
of HelpDesk (ie.., To=HelpDesk, From=Alice).

Wouldn't that work?

Then there is the whole issue of authentication with HTTP-Digest.
I guess one could use username="HelpDesk". In this case, the idea is that
Alice would need to know the credentials for HelpDesk. 
Another way would be to use username="alice" instead (i.e., her own credentials).
The decisions on which authentication you use would depend on need of the 
administrator.

Have you tought about this? Am I off based?

Follow-Ups:
- Re: [BLISS] draft-ietf-bliss-shared-appearances: Provisioningconsiderations
  - From: Hutton, Andrew

References:
- [BLISS] Expert Review requests on Shared Line Appearance
  - From: Francois Audet
- Re: [BLISS] Expert Review requests on Shared Line Appearance
  - From: Alan Johnston

Prev by Date: [BLISS] draft-bliss-shared-appearance: Call state update in SUBSCRIBE mode
Next by Date: [BLISS] draft-ietf-bliss-shared-appearances: Final Nits
Previous by thread: [BLISS] draft-bliss-shared-appearance: Call state update in SUBSCRIBE mode
Next by thread: Re: [BLISS] draft-ietf-bliss-shared-appearances: Provisioningconsiderations
Index(es):
- Date
- Thread