[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Simple] Inter-domain Requirements for SIMPLE

To: <oritl at microsoft.com>, <simple at ietf.org>
Subject: RE: [Simple] Inter-domain Requirements for SIMPLE
From: Markus.Isomaki at nokia.com
Date: Sun, 29 Feb 2004 15:16:38 +0200
Cc: <AVSHALOM at il.ibm.com>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/simple/>
List-help: <mailto:simple-request@ietf.org?subject=help>
List-id: SIP for Instant Messaging and Presence Leveraging Extensions <simple.ietf.org>
List-post: <mailto:simple@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/simple>,<mailto:simple-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/simple>,<mailto:simple-request@ietf.org?subject=unsubscribe>
Sender: simple-admin at ietf.org
Thread-index: AcP6ZXM+6b7veALaRauD3GaVpWh7OgEFSDXA
Thread-topic: Inter-domain Requirements for SIMPLE

Hi Orit and Avshalom,

I have several questions on this draft:

- The draft seems to propose an architecture, where presence SUBSCRIBEs from one domain to another do not simply get routed via a SIP proxy network, but somehow traverse a "presence server" already in the originating domain. This "presence server" acts as some sort of B2BUA. Is this correct?

- I undertood that one motivation for this would be somehow to aggregate the presence subscriptions between the domains so that certain presentity's presence needs only subscribed once from each domain, even if there would be more than one subscriber in this domain. Is this the intention? If yes, the next question would be how to handle authorization, since the presentity might want to reveal his presence in a different way to different watchers, even if they were in the same domain.

- Some security requirements indeed discuss about PS-to-PS security. Would inter-domain security not be best handled generally between SIP proxies (using TLS or VPNs), not specifically for presence application?

- Robert Sparks already asked about this requirement:

o Presence access: It MUST be possible to request continuous access to the status of a remote presentity without "subscribing" to it.

I saw your answer but I still want to clarify. Is this same as sending a request: "Please add me to your presence allow list", so that the subscription would be allowed in the future when needed?

In general I support the idea of groups for authorizations etc. I guess this is addressed in the XCAP presence authorization policy rule work. However in there I find it unfortunate that referencing to external resource lists is now disallowed. I know this was done for some GEOPRIV considerations. However, within controlled domains, such as within an enterprise or a single operator network, they should be allowed, so that user could use his groups in general-purpose fashion. Although I'm not sure if this kind of thing was in the scope of your draft at all.

Markus

-----Original Message-----
From: simple-admin@ietf.org [mailto:simple-admin@ietf.org]On Behalf Of ext Orit Levin
Sent: 24 February, 2004 01:34
To: IETF SIMPLE WG
Cc: Avshalom Houri
Subject: [Simple] Inter-domain Requirements for SIMPLE

Guys!

We have submitted a requirements document for secure and efficient transfer of presence information over inter-domain links.

Please, take a look at our thoughts and suggestions:

http://www.ietf.org/internet-drafts/draft-levin-simple-interdomain-reqs-00.txt

We look forward to your feedbacks on how we can enhance SIMPLE to support these directions.

Thanks,

Orit.

Prev by Date: RE: [Simple] RE: Advanced IM requirements
Next by Date: RE: [Simple] RE: Advanced IM requirements
Previous by thread: RE: [Simple] Inter-domain Requirements for SIMPLE
Next by thread: RE: [Simple] Inter-domain Requirements for SIMPLE
Index(es):
- Date
- Thread