RE: [XCON] CPCP Requirement: Anonymous participants

[hisham.khartabil@nokia.com]

> -----Original Message-----
> From: ext Drage, Keith (Keith) [mailto:drage@lucent.com]
> Sent: 19.December.2003 13:14
> To: Khartabil Hisham (NMP-MSW/Helsinki); xcon@ietf.org
> Subject: RE: [XCON] CPCP Requirement: Anonymous participants
> 
> 
> In answer to the questions below:
> 
> If we are going to allow anonymous users, then CPCP should be 
> allowed to set whether they are allowed for a particular 
> conference or not. I see no mileage in a default.
> 
> As regards the type of anonymous user, I see no point in 1), 
> but 2) should be allowed. Note that anonymity  of identity is 
> more than the From header, in that you also need to cover the 
> interrelation with RFC 3325 identities and the sip-identity 
> draft, and/or a specification of privacy of various kinds 
> according to RFC 3323 (header privacy should kill the From header).
> 
> In respect of both these, we need to clearly indicate who can 
> see, and who cannot see these identities. I assume that 
> primarily the requirement applies to other participants - but 
> are there special rights for the conference owner - the one 
> able to do the CPCP.

I think it should be one or the other. Either complete anonymity from users, including moderator, or excluding moderator.

For the sake of simplicity (and not to start the privileges discussion again), I would choose complete anonymity, including anonymity from moderators.

/Hisham

> 
> regards
> 
> Keith
> 
> Keith Drage
> Lucent Technologies
> drage@lucent.com
> tel: +44 1793 776249
> 
> 
> > -----Original Message-----
> > From: hisham.khartabil@nokia.com [mailto:hisham.khartabil@nokia.com]
> > Sent: 15 December 2003 12:54
> > To: xcon@ietf.org
> > Subject: [XCON] CPCP Requirement: Anonymous participants
> > 
> > 
> > This is the first of a series of emails discussing Conference 
> > Policy Requirements. Your engagement is appreciated.
> > 
> > This is in reference to requirements REQ-A6 and REQ-E9 in 
> > http://www.ietf.org/internet-drafts/draft-ietf-xcon-cpcp-reqs-00.txt
> > 
> >    REQ-A6: It SHOULD be possible to anonymously participate in a
> >    conference.
> > 
> >    REQ-E9: It MUST be possible to allow and disallow anonymous
> >    membership in a conference.
> > 
> > Should a conference policy, using CPCP, specify if anonymous 
> > participants are allowed to join a conference? Or should this 
> > be a local policy at the server?
> > 
> > There are 2 types of anonymous participants:
> > 
> > 1. ones that joins a conference using a http digest username 
> > of "anonymous" and no password
> > 2. ones that join with a proper username and password, but 
> > hide their identity using anonynous@somewhere.com in the 
> > From-header of a SIP INVITE. The conference state package 
> > notifications shows them as anonymous participants.
> > 
> > I don't think we need to allow 1. Either a conference 
> > requires everyone to know the username and password of the 
> > conference, or does not require digest authentication at all.
> > 
> > 2 can be provided, but we need consensus that this is a 
> > useful feature.
> > 
> > Regards,
> > Hisham
> > 
> > _______________________________________________
> > XCON mailing list
> > XCON@ietf.org
> > https://www1.ietf.org/mailman/listinfo/xcon
> > 
> 

_______________________________________________
XCON mailing list
XCON@ietf.org
https://www1.ietf.org/mailman/listinfo/xcon