[XCON] comments on CPCP

To: <petri.koskelainen at nokia.com>, <aki.niemi at nokia.com>, XCON-IETF <xcon at ietf.org>
Subject: [XCON] comments on CPCP
From: Cullen Jennings <fluffy at cisco.com>
Date: Sat, 31 Jul 2004 14:52:15 -0700
List-help: <mailto:xcon-request@ietf.org?subject=help>
List-id: Centralized Conferencing <xcon.ietf.org>
List-post: <mailto:xcon@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/xcon>, <mailto:xcon-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/xcon>, <mailto:xcon-request@ietf.org?subject=unsubscribe>
Sender: xcon-bounces at ietf.org
User-agent: Microsoft-Entourage/11.0.0.040405

Really like the time stuff now - it understand what to do with it.

Some of the identity stuff seems a little confusing. There are a few ways
that a user might authenticate. It might be in the signaling such as caller
id, identity, or S/MIME cert, or even PAI. It might be that they do
something one they reached the conference server like providing a PIN or
password. Typically the difference between and PIN and password has been
that PIN can be used on a TUI but have way less bits. They usually have such
a small number of bits, that the system needs to be sure that lots of
attempts can not be made in a short period of time. Once the identity is
provided, then the conference needs to understand if the user is trying to
be anonymous or invisible. After this we can go deal with the authorization
of what this user is allowed to do. The gist of all this is I think pin and
password are a way to provide an identity but when I read the draft it looks
almost more like a way to bypass the authorization. A given conference may
have all user use the same pin as different users with the identity "Guest"
or it may provide per user pins. Both must be supported.

I don't understand why the refer list is needed. Seems like you would just
have a dial out list and the conf server would decide how it wanted to do
it. I don't care about this - probably just my lack of understanding but I
am curious why the RL?

The ways the rules to boot someone are defined, it is going to be hard for a
program to load the current rule set, then figure out how to modify it to
make sure a given user can not join. Related to this, every time the rules
change, I assume the system has to reapply every user through the whole rule
set to find out if there permissions would change and act accordingly. If I
used to be key participant, and I am the only key participant on the call,
then I change the rules so I am not longer a key participant, will the
conference realize it needs to end (assuming it ends when the key
participant leaves).

If the rules effect when state transitions are allowed, we will not run into
too many problems. If the rules effect what state is allowed, we will run
into tons of problems when the rules change and the conferences is not in an
illegal state and the conference server needs to figure out how to get it
back to a legal state.

I really don't know how to make the rules powerful and simple but right now
I have the feeling they have swung too far on the powerful direction.

Cullen







_______________________________________________
XCON mailing list
XCON at ietf.org
https://www1.ietf.org/mailman/listinfo/xcon

Prev by Date: [XCON] Update: Working Group Agenda
Next by Date: [XCON] xcon-conf-sidebars 01 comments
Previous by thread: [XCON] FW: [Sipping] RE: Comments on conference-package-05
Next by thread: [XCON] xcon-conf-sidebars 01 comments
Index(es):
- Date
- Thread

[XCON] comments on CPCP

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.