Re: [XCON] CPCP Issue 28: <pin> and <password>

[Paul Kyzivat <pkyzivat at cisco.com>]

Hisham - comments inline.

	Paul

hisham.khartabil at nokia.com wrote:
> Users who are using a PSTN phone to join a conference can authenticate using a PIN (traditional way). We use the <pin> condition for this.
>
> Users who are aware of the conference password can join, irrespective of their identity. So anyone who knows the password was join. We use the <password> condition for this.
>
> There was a huge confusion about the useability of these 2 conditions. A question was raised on how a focus would react if the password was changed for the conference. Another was raised on what does it mean for a user to be authenticated and then requiring them to enter a password?
>
> There were also comments that a conference policy should not assign passwords. Those are assigned out of band. The conference policy would then just require the password.
>
> There was no consensus on any of these issues. Here is a concrete proposal:

I seem to recall that there was a recognition that pins/passwords can be 
used in two ways:

- they may be used as a means of authenticating. In this case the pin
  or password is specific to an identity that must also be provided

- they may be used as a shared secret for a conference, where possession
  grants admission to the conference regardless of identity.

The first form is irrelevant to CPCP, since its use would simply provide 
the identity that is used by CPCP for authorization. It is the second 
usage that needs to be discussed in CPCP.

> - using password and pin with <id> does not make sense since <id> indicates that a user is authenticated so no need to authenticate that user again.

I don't think the above is true. It is quite possible to be calling from 
a device that authenticates, but not as a user authorized to join. For 
instance this is likely to be the case for users calling from the PSTN - 
the call is likely to have the identity of the calling device: tel:nnn.

So, I think you have multiple ways to get in:
- you are authorized by your identity
- you are authorized by the possession of a secret

> - passwords and pins are set out of band
> - allow rules that indicate that if an unauthenticated user tries to join a conference, then he needs to enter a pin or password.

Or a user that is authenticated but neither authorized nor rejected on 
the basis of that authentication.

> - change pin to only be digits
> - if a password or pin is changed for a certain conference, users who used that pin or password are not booted out.
>
> Any comments?
>
> Regards,
> Hisham
>
> _______________________________________________
> XCON mailing list
> XCON at ietf.org
> https://www1.ietf.org/mailman/listinfo/xcon


_______________________________________________
XCON mailing list
XCON at ietf.org
https://www1.ietf.org/mailman/listinfo/xcon