RE: [XCON] CPCP Requirement: Anonymous participants

To: hisham.khartabil@nokia.com, xcon@ietf.org
Subject: RE: [XCON] CPCP Requirement: Anonymous participants
From: "Drage, Keith (Keith)" <drage@lucent.com>
Date: Fri, 19 Dec 2003 11:13:59 -0000
List-help: <mailto:xcon-request@ietf.org?subject=help>
List-id: Centralized Conferencing <xcon.ietf.org>
List-post: <mailto:xcon@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/xcon>,<mailto:xcon-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/xcon>,<mailto:xcon-request@ietf.org?subject=unsubscribe>
Sender: xcon-admin@ietf.org

In answer to the questions below:

If we are going to allow anonymous users, then CPCP should be allowed to set whether they are allowed for a particular conference or not. I see no mileage in a default.

As regards the type of anonymous user, I see no point in 1), but 2) should be allowed. Note that anonymity  of identity is more than the From header, in that you also need to cover the interrelation with RFC 3325 identities and the sip-identity draft, and/or a specification of privacy of various kinds according to RFC 3323 (header privacy should kill the From header).

In respect of both these, we need to clearly indicate who can see, and who cannot see these identities. I assume that primarily the requirement applies to other participants - but are there special rights for the conference owner - the one able to do the CPCP.

regards

Keith

Keith Drage
Lucent Technologies
drage@lucent.com
tel: +44 1793 776249


> -----Original Message-----
> From: hisham.khartabil@nokia.com [mailto:hisham.khartabil@nokia.com]
> Sent: 15 December 2003 12:54
> To: xcon@ietf.org
> Subject: [XCON] CPCP Requirement: Anonymous participants
> 
> 
> This is the first of a series of emails discussing Conference 
> Policy Requirements. Your engagement is appreciated.
> 
> This is in reference to requirements REQ-A6 and REQ-E9 in 
> http://www.ietf.org/internet-drafts/draft-ietf-xcon-cpcp-reqs-00.txt
> 
>    REQ-A6: It SHOULD be possible to anonymously participate in a
>    conference.
> 
>    REQ-E9: It MUST be possible to allow and disallow anonymous
>    membership in a conference.
> 
> Should a conference policy, using CPCP, specify if anonymous 
> participants are allowed to join a conference? Or should this 
> be a local policy at the server?
> 
> There are 2 types of anonymous participants:
> 
> 1. ones that joins a conference using a http digest username 
> of "anonymous" and no password
> 2. ones that join with a proper username and password, but 
> hide their identity using anonynous@somewhere.com in the 
> From-header of a SIP INVITE. The conference state package 
> notifications shows them as anonymous participants.
> 
> I don't think we need to allow 1. Either a conference 
> requires everyone to know the username and password of the 
> conference, or does not require digest authentication at all.
> 
> 2 can be provided, but we need consensus that this is a 
> useful feature.
> 
> Regards,
> Hisham
> 
> _______________________________________________
> XCON mailing list
> XCON@ietf.org
> https://www1.ietf.org/mailman/listinfo/xcon
> 

_______________________________________________
XCON mailing list
XCON@ietf.org
https://www1.ietf.org/mailman/listinfo/xcon

Prev by Date: RE: [XCON] CPCP Requirement: Anonymous participants
Next by Date: RE: [XCON] CPCP Requirement: Conference package subscribers
Previous by thread: RE: [XCON] CPCP Requirement: Anonymous participants
Next by thread: RE: [XCON] CPCP Requirement: Anonymous participants
Index(es):
- Date
- Thread

RE: [XCON] CPCP Requirement: Anonymous participants

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.