INTERNET-DRAFT Akinori Iwakawa Expires: April 21, 2000 Fujitsu Laboratories Ltd. Shingo Fujimoto, Dave Marvit Fujitsu Laboratories of America, Inc. October 1999 IDentity Infrastructure Protocol (IDIP) draft-fujimoto-idip-02.txt Status of this Memo This document is an Internet-Draft and is NOT offered in accordance with Section 10 of RFC2026, and the author does not provide the IETF with any rights other than to publish as an Internet-Draft Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Abstract The Identity Infrastructure Protocol (IDIP) is designed to support the 'IDentity Infrastructure' (IDI). IDI provides users an abstracted interface for searching, initializing, negotiating, starting, and terminating personalized network services. Table of Contents 1. Introduction..............................................4 1.1 Overview..................................................4 1.2 Requirements..............................................5 1.3 Protocol framework........................................5 A.Iwakawa, S.Fujimoto, D.Marvit [Page 1] INTERNET-DRAFT IDIP October 1999 1.3.1 IDO.......................................................5 1.3.2 IDIP and IDIP connection..................................6 1.3.3 IDO server................................................6 1.3.4 IDO function..............................................6 1.3.5 Basic operation...........................................6 1.3.5.1 IDIP connection establishment.............................6 1.3.5.2 Getting list of IDO functions.............................7 1.3.5.3 Performing IDO function...................................7 1.3.5.4 Terminating IDO function..................................7 1.3.5.5 Clearing IDIP connection..................................7 2 Internal Protocols........................................8 2.1 Overview..................................................8 2.2 Function Enabler..........................................8 2.3 Function Provider.........................................9 2.4 IDI internal upward protocol and connection...............9 2.5 IDI internal downward protocol and connection............10 2.6 Overall operations including Internal Protocols..........10 2.6.1 Establish IDIiup connection..............................10 2.6.2 Add IDO function.........................................10 2.6.3 Establish IDIep connection...............................10 2.6.4 Get the list of IDO functions............................10 2.6.5 Request to perform an IDO function.......................11 2.6.6 Terminate the IDO function...............................11 2.6.7 Clear the IDIep connection...............................11 2.6.8 Delete IDO function......................................11 2.6.9 Disable IDO function.....................................12 2.6.10 Enable IDO function......................................12 2.6.11 Clear the IDIiup connection..............................12 3 Generic Grammar..........................................12 3.1 Augmented BNF...........................................12 3.2 Basic Rules..............................................12 4 IDIP Messages............................................12 5 IDIP Parameters..........................................13 5.1 IDO-To and IDO-From......................................13 5.2 Content Type.............................................14 5.3 Content Length...........................................15 5.4 Accept Type..............................................15 5.5 IDIP Authenticate........................................15 5.5.1 Authenticate Style Option................................15 5.5.1a. Style Basic..............................................15 5.6 Keyword..................................................16 5.7 Location.................................................16 5.8 FunctionId...............................................16 5.9 FEname...................................................16 5.10 Admitfrom and Denyfrom...................................17 A.Iwakawa, S.Fujimoto, D.Marvit [Page 2] INTERNET-DRAFT IDIP October 1999 6 IDI external protocol request............................17 6.1 IDIep-start-request......................................17 6.2 IDIep-list-request.......................................18 6.3 IDIep-call-request.......................................18 6.4 IDIep-kill-request.......................................18 6.5 IDIep-end-request........................................19 7 IDI external protocol responses..........................19 7.1 Successful response......................................19 7.2 Authentication error response............................19 7.3 Redirect response........................................20 7.4 No function available error response.....................20 7.5 Function not found error response........................20 7.6 Parameter not acceptable error response..................20 8 IDI internal upward protocol(IDIiup).....................20 8.1 IDIiup-login-request.....................................21 8.2 IDIiup-logout-request....................................21 8.3 IDIiup-start-request.....................................22 8.4 IDIiup-end-request.......................................22 8.5 IDIiup-list-request......................................22 8.6 IDIiup-call-request......................................22 8.7 IDIiup-kill-request......................................23 8.8 IDIiup-catch-request.....................................23 8.9 IDIiup-free-request......................................24 8.10 IDIiup-add-request.......................................24 8.11 IDIiup-delete-request....................................25 8.12 IDIiup-disable-request...................................25 8.13 IDIiup-enable-request....................................25 8.14 IDIiup-redirect-request..................................25 9 IDI internal upward protocol responses...................26 9.1 Successful response......................................26 9.2 Authentication error response............................26 9.3 No IDIiup connection response............................26 9.4 No IDIep connection response.............................26 9.5 IDO moved response.......................................27 9.6 IDO not found response...................................27 9.7 Function not launched error..............................27 9.8 Parameter not acceptable error...........................27 9.9 No function available error..............................27 10 IDI internal downward protocol requests..................28 10.1 IDIidp-list-request......................................28 10.2 IDIidp-call-request......................................28 11 IDI internal downward protocol responses.................29 11.1 Successful response......................................29 11.2 Authentication error response............................29 11.3 No function available error..............................29 A.Iwakawa, S.Fujimoto, D.Marvit [Page 3] INTERNET-DRAFT IDIP October 1999 11.4 Parameter not acceptable error...........................29 12 IDO function format......................................29 12.1 Overview of IDO function format..........................29 12.2 The Structure of IDO function format.....................30 12.3 Description of each elements and attributes..............30 12.3.1 The function element.....................................30 12.3.2 The name element.........................................30 12.3.3 The specification element................................30 12.3.3.1 The spec element.........................................31 12.3.4 The description element..................................31 12.3.5 The status element.......................................31 12.3.6 The item element.........................................31 12.3.6.1 The spec attribute.......................................31 12.3.7 The parameter element....................................31 12.3.8 The type attribute.......................................31 12.3.8.1 Attributes appears on request............................32 12.3.8.2 Attributes appears on response...........................32 12.3.8.3 Attributes appears on catalogue..........................32 12.3.9 The description attribute................................33 13 Examples.................................................33 13.1 Invocation for IRC chat channel..........................33 14 Security Considerations..................................40 14.1 Authentication...........................................40 14.2 Access Controls..........................................40 15 References...............................................40 16 Author's Addresses.......................................41 1 Introduction 1.1 Overview There has been a dramatic increase in personal expression and communication over the Internet. This includes chatting on IRC channels, sharing user information by LDAP, writing and reading personal homepages (using HTTP), sending instant messages with AOL's AIM, and so on. Using these services, users can get information about, and communicate with one another. But there is a limitation. A user generally doesn't know what network services are available to the person he or she wants to communicate with. Users need to guess what services the other party might have before they choose to communicate, or ask what services are available out of band using natural language. (One example is an email asking for his or her phone number.) Even if the user has succeeded in discovering the shared services, additional information might be necessary. Discovering the information A.Iwakawa, S.Fujimoto, D.Marvit [Page 4] INTERNET-DRAFT IDIP October 1999 may be difficult or impossible. For example, even if the user know that the other user is able to communicate with IRC, an address of IRC server , to which their IRC clients are commonly connected, is necessary to communicate with an IRC chat channel because arbitrary two IRC servers are not always able to communicate each other. And also, nickname of the user, or channel name might be necessary because they are not always the same. The IDentity Infrastructure (IDI) will provide users a method to share information about the availability of services and the parameters relevant to those services. (Such as "I have a pager and here is the number.") The IDentity Infrastructure Protocol (IDIP) is an application-layer protocol for searching, initializing, negotiating, starting, and terminating these services. With IDI, an IDO (IDentity Object) manages an individual's services. An IDO also manages information about what services are currently available (or not), and information which is necessary to operate those services. One can think of the IDO as a "Contact Point" for the user in advance of employing each service. IDIP is used for communication between IDOs. The purpose of IDIP is to share information about an individual's services. 1.2. Requirements In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in RFC 2119 [KEYWORDS] and indicate requirement levels for compliant IDIP implementations. 1.3 Protocol framework 1.3.1 IDO IDOs are the basic components of IDI. Every IDI user has his or her own IDO. An IDO manages access methods for various network services by which the other user can communicate with or get information about the owner of the IDO. This method is called an "IDO function". An IDO function has some attributes which are unique to each user (nickname in chat channel, for example), and which comprise the user's "identity". An IDO provides the following functions in response to a request from another IDO. 1) Listing the IDO functions which are permitted to access for user who has issued the request, along with the initial parameters, which belong to an IDO. 2) Starting an IDO function with a specified parameter. 3) Terminating an IDO function. IDIP is used to transport these requests between IDOs. A.Iwakawa, S.Fujimoto, D.Marvit [Page 5] INTERNET-DRAFT IDIP October 1999 1.3.2 IDIP and IDIP connection The IDIP protocol is based on a request/response paradigm (like HTTP). However, unlike HTTP, IDIP maintains its connection unless the end- request command is explicitly issued. This connection is called an IDIP connection, depends on a virtual circuit connection. The virtual circuit runs over TCP (except if the two communicating IDOs are located on the same host). All IDO communications MUST be passed on this connection. This implies that an IDO cannot communicate with other IDO to which the IDIP connection is not established. The IDIP connection is an asymmetric connection. A request is transferred from the "Caller IDO" to "Callee IDO", and its response is transferred back to the "Caller IDO". Here, "Caller IDO" refers to the IDO which issued the request to establish the IDIP connection. "Callee IDO" refers to the IDO which receives that request. The IDIP connection does not support multiplexing. For an IDO to communicate multiple IDOs simultaneously, the IDO must establish a separate IDIP connection with each IDO. The IDIP connection does not support request pipelining. A new request must not be issued unless a response to the preceding request has been returned. -----> IDIP request (Caller) IDO =================================== (Callee) IDO | <----- IDIP response | | | IDO function IDO function 1.3.3 IDO server An IDO server receives requests to establish IDIP connections and serves the IDIP connections. Once an IDIP connection is established, communication between IDOs takes place over the IDIP connection. The IDO server listens for requests on well-known port which is allocated for IDIP. IDO servers are specified in the host part of IDO address. 1.3.4 IDO function An IDO function is a logical entity which provides a service on an IDO. The parameters of an IDO function are specified by the callee IDO in response to the list request(1.3.5.2), or specified by caller IDO in the call request (1.3.5.3). The parameters MAY be described by IDO function format (see section 12). 1.3.5 Basic operation The operation of IDIP is classified into five phases. An IDO issues a request in each phase. 1.3.5.1 IDIP connection establishment A caller IDO connects via a TCP connection to an IDO server and issues a start request. The IDO server creates an IDIP connection to the Callee IDO. The details of that request are described in section 6.1. A.Iwakawa, S.Fujimoto, D.Marvit [Page 6] INTERNET-DRAFT IDIP October 1999 IDO -----------------------> IDO server ----> IDO Request to establish IDIP connection IDO <----------------------------------------- IDO Successful response 1.3.5.2 Getting list of IDO functions A caller IDO issues a list request to get the list of IDO functions. The list of IDO functions MAY be described by an IDO function format as defined in section 12. The details of that request are described in section 6.2. IDO -----------------------------------------> IDO Request list of IDO functions IDO <----------------------------------------- IDO List of IDO functions 1.3.5.3 Performing IDO function A caller IDO issues a call request to perform the appropriate IDO function. The parameters of the IDO function MAY be specified using the IDO function format (section 12). The details of this request are described in section 6.3. IDO -----------------------------------------> IDO Request to perform an IDO function IDO <----------------------------------------- IDO Successful response 1.3.5.4 Terminating IDO function The caller IDO issues a terminate request to terminate the IDO function. The details of this request are described in section 6.4. IDO -----------------------------------------> IDO Request to terminate the IDO function IDO <----------------------------------------- IDO Successful response 1.3.5.5 Clearing IDIP connection A caller IDO issues an end request to clear the IDIP connection. The details of the request are described in section 6.5. IDO -----------------------------------------> IDO Request to clear the IDIP connection IDO <----------------------------------------- IDO Successful response A.Iwakawa, S.Fujimoto, D.Marvit [Page 7] INTERNET-DRAFT IDIP October 1999 2 Internal Protocols 2.1 Overview The IDI internal protocol is a protocol which is used for communication between a Function Enabler (described below) and an IDO. Though the specification of the IDI internal protocol is like IDIP, some messages are augmented and the semantics or parameters of the messages are different from those used for mutual communication between IDOs. To distinguish these differences, a protocol for communication between an IDO and a Function Enabler is called "IDI Internal Protocol (IDIip)". To make the distinction clear, when IDIP is used for communication between IDOs it is called "IDI External Protocol (IDIep)". Because the purpose of a Function Enabler is different from that of an IDO, and IDIP is an asymmetric protocol, IDIip is classified into two protocols based upon its direction. IDI internal upward protocol (IDIiup) is used for communication from a Function Enabler to an IDO, and IDI internal downward protocol (IDIidp) is used for communication from an IDO to a Function Enabler. +----------+ IDIep +----------+ | IDO |=====================>| IDO | +----------+ +----------+ /|| || || IDIiup IDIidp || || ||/ +----------+ +----------+ | Function | | Function | | Enabler | | Enabler | +----------+ +----------+ || IDO function format || IDO function format +----------+ +----------+ | Function | | Function | | Provider | | Provider | +----------+ +----------+ (Caller) (Callee) 2.2 Function Enabler Function Enablers have three purposes. 1) Controlling the behavior of IDO Function Enablers can control the behavior of IDOs. For example, a Function Enabler can make an IDO issue a start request to another IDO, thereby inducing it to establish an IDIP connection. IDIiup is used for this purpose. 2) Add or delete an IDO function Function Enablers can add or delete IDO Functions. This specification MAY be described in IDO function format (see section 11). Function A.Iwakawa, S.Fujimoto, D.Marvit [Page 8] INTERNET-DRAFT IDIP October 1999 Enablers can also cancel, enable, and disable IDO functions. IDIiup is also used for this purpose. 3) Hosting IDO functions Function Enablers perform IDO functions upon request from an IDO. IDIidp is used for this purpose. 2.3 Function Provider A Function Provider is an implementation of each IDO function. Function Providers offer an abstracted interface for initializing, negotiating, starting, and terminating each IDO function. This interface MAY be an IDO function format as defined in section 12. A Function Provider is hosted by an IDO and a Function Enabler, and referenced with a functionid parameter. 2.4 IDI internal upward protocol and connection The IDI internal upward protocol (IDIiup) is used for communication from a Function Enabler to an IDO. As with the external protocol, IDIiup is a connection-oriented protocol and its connection is called an IDIiup connection. Every request from a Function Provider to an IDO, and the associated response, MUST be transferred on the IDIiup connection. This implies that the Function Enabler cannot communicate with an IDO unless and until an IDIiup connection is established. The feature of an IDIiup connection is the same as an IDIP connection. The IDO server listens for a request for connection on the well-know port which is allocated for IDIiup. Note that single IDIiup connection can establish multiple IDIP (external) connections, because the communication from Function Enabler to the callee IDO is constructed from two independent connections (IDIiup and IDIep). That is why the list, call, and kill requests of IDIiup contain an "IDO-To" parameter. Callee Caller Callee +----------+ IDIep +----------+ IDIep +----------+ | IDO |<===========| IDO |===========>| IDO | +----------+ +----------+ +----------+ /|| IDIiup || || +----------+ | Function | | Enabler | +----------+ IDI internal upward protocol (IDIiup) has three purposes: 1) Controlling IDO behavior Using IDIiup, a Function Enabler can make an IDO operate the five basic operations described in 1.3.5. Each IDIiup request is "proxied" by A.Iwakawa, S.Fujimoto, D.Marvit [Page 9] INTERNET-DRAFT IDIP October 1999 the IDO and transferred towards the IDIep connection. 2) Management of IDO functions Using IDIiup, a Function Enabler can add or delete IDO functions. Because an IDO function is implemented as Function Provider, as described in 2.3, the following attributes of the Function Provider must be registered when Function Enabler adds the Function Provider to the IDO. They are location, property, keywords, and Access Control List. The details of this procedure are described in section 8.10 and 8.11. And also, a Function Enabler can make an IDO function available or unavailable temporally. The details of this procedure are described in section 8.12 and 8.13. 3) Management of IDI internal downward connection In some cases such as when a Function Enabler is connected to the Internet via dial-up PPP, it is difficult for IDO to control IDI downward protocol connection described in 2.5. Therefore, the IDIidp connection can be established or cleared using IDIiup. The details of this procedure are described in chapter 8.8 and 8.9. 2.5 IDI internal downward protocol and connection This protocol is used for communication from an IDO to a Function Enabler. If the IDO is located on outside of the firewall, and the Function Enabler is inside of the firewall, then it is impossible to open up a TCP connection from the IDO to the Function Enabler. Therefore, the IDIidp connection can be set from either the IDO or the Function Enabler. In the case where an IDIidp connection is established from a Function Enabler, IDIiup is used for the procedure. 2.6 Overall operations including Internal Protocols 2.6.1 Establishing an IDIiup connection A Function Enabler issues an IDIiup-login-request to establish an IDIiup connection between the Function Enabler and an IDO. The details of the request are described in section 8.1. 2.6.2 Adding an IDO function A Function Enabler can issue an IDIiup-add-request to add an IDO function to an IDO. The details of the request are described in section 8.10. 2.6.3 Establishing an IDIep connection A Function Enabler can issue an IDIiup-start-request to make an IDO establish an IDIep connection. The IDO which receives this request establishes an IDIep connection as described in section 1.3.5.1. The details of the request are described in sections 6.1 and 8.2. 2.6.4 Getting the list of an IDO's functions A Function Enabler can issue an IDIiup-list-request to get the list A.Iwakawa, S.Fujimoto, D.Marvit [Page 10] INTERNET-DRAFT IDIP October 1999 of an IDO's functions. A Function Enabler MUST specify the callee IDO using its IDO address and MAY specify some keywords to specify the IDO function ("chat", "telephone", etc...). Then the request is translated to an IDIep-list-request by the caller IDO and transferred to the callee IDO. When the callee IDO receives the request, it will search the IDO functions currently registered. If the Keywords parameter matches the IDO function, and the caller IDO is allowed to access the IDO function as determined by the ACLs, then the corresponding list of IDO functions is returned to the original Function Enabler. The details of this request are described in sections 6.2 and 8.5. 2.6.5 Request to perform the IDO function A Function Enabler can issue an IDIiup-call-request thereby inducing an IDO to perform an IDO function. The Function Enabler MUST specify the IDO function in the functionid parameter which was described in the response to the list request. The initial parameter for an IDO function is specified by the Function Provider and MAY be specified using the IDO function format. The request is translated to IDIep-call-request by caller IDO and then transferred to the callee IDO. When the callee IDO receives the request, the IDO tries to resolve the Function Enabler by the functionid parameter specified in the request. After the Function Enabler is successfully resolved, the IDO issues an IDIidp-call-request to the Function Enabler. A Function Enabler resolves the Function Provider by the functionid parameter, and if the Function Provider is successfully resolved, the Function Enabler executes the Function Provider with the parameter specified in IDIP-data of the request. This specification MAY be the IDO function format as described in section 12. The Function Provider checks the parameters and returns the result of the request to the Function Enabler. The Function Enabler then translates this result to an IDIP-response and returns it to the original Function Enabler via the callee IDO and caller IDO. The details of this request are described in sections 6.3, 8.6 and 10.2. 2.6.6 Terminate the IDO function A Function Enabler issues an IDIiup-kill-request to make an IDO terminate the corresponding IDO function. The details of this request are described in sections 6.4 and 8.7. 2.6.7 Clear the IDIep connection A Function Enabler issues an IDIiup-end-request to make an IDO clear the IDIep connection. The details of this request are described in section 8.4. 2.6.8 Delete IDO function A Function Enabler issues an IDIiup-delete-request to delete an IDO function from an IDO. The syntax of the IDIiup-delete-request is A.Iwakawa, S.Fujimoto, D.Marvit [Page 11] INTERNET-DRAFT IDIP October 1999 described in detail in section 8.11. 2.6.9 Disable IDO function A Function Enabler issues an IDIiup-disable-request to disable an IDO function. Once the IDO function was disabled, the IDO function will not appear in the list returned in response to the list request. 2.6.10 Enable IDO function A Function Enabler issues an IDIiup-enable-request to enable an IDO function. Once an IDO function becomes enabled it will appear in the list of IDO functions returned in response to the list request. 2.6.11 Clear the IDIiup connection A Function Enabler issues IDIiup-logout-request to clear an IDIiup connection. The details of this request are described in section 8.2. Note that this request does not delete an IDO function or terminate an IDO function implicitly. 3 Generic Grammar 3.1 Augmented BNF All of the mechanisms specified in this document are described in both prose and an augmented Backus-Naur Form (BNF) which is the same as is used in HTTP1.1 [HTTP1.1]. 3.2 Basic Rules The rules used to describe the basic parsing constructs of this specification is almost the same as in HTTP1.1 [HTTP1.1]. 4 IDIP Messages IDIP-message = IDIP-Request | IDIP-Response IDIP-request = IDIP-command IDIP-parameters CRLF IDIP-data = IDIep-request | IDIiup-request | IDIidp-request IDIP-response = IDIP-status IDIP-parameters CRLF IDIP-data = IDIep-response | IDIiup-response | IDIidp-response IDIP-parameters = *(IDIP-parameter CRLF) IDIP-status = status-code SP status-description CRLF Status-codes and status-descriptions are commonly used in IDIep, IDIiup, IDIidp. The list of status-codes and status-descriptions are A.Iwakawa, S.Fujimoto, D.Marvit [Page 12] INTERNET-DRAFT IDIP October 1999 given below. The semantics and details of the parameters are given separately in sections 6,8,and 10. status-code = success ; 1xx | client-error ; 2xx | server-error ; 3xx | generic-error ; 4xx success = "100" ; OK client-error = "201" ; Authentication Error | "202" ; Request Denied | "203" ; Function Not Launched | "204" ; Parameter Not Acceptable | "205" ; Launch Failed | "206" ; Bad Request server-error = "301" ; Invalid Callee | "302" ; Server Internal Error | "303" ; No Function Available | "304" ; Cannot Provide Acceptable Data | "305" ; Server Timeout | "306" ; IDO Moved | "307" ; Function Busy | "308" ; IDO Not Found | "309" ; No IDIep Connection | "310" ; No IDIiup Connection | "311" ; No IDIidp Connection generic-error = "401" ; Unknown Error status-description = 1*TEXT 5 IDIP Parameters IDIP-parameter = IDO-To | IDO-From | content-type | content-length | accept-type | IDIP-authenticate | location | keyword | functionid | FEname | admitfrom | denyfrom 5.1 IDO-To and IDO-From A.Iwakawa, S.Fujimoto, D.Marvit [Page 13] INTERNET-DRAFT IDIP October 1999 IDO-To = "To:" SP IDO-Address IDO-From = "From:" SP IDO-Address IDO-Address = identity_name ["@" host [":" port]] identity_name = 1 * host = port = DIGIT There is no limitation on the length of an IDO-Address. However, an IDO MUST accept IDO Addresses of at least 1024 characters. An IDO server must listen for TCP connections from IDOs and Function Enablers on the host specified in the host part of the IDO-Address. The port number is specified in the port part of the IDO address. If the port is empty or not defined then the default IDI(ep,iup,idp) port is assumed. 5.2 Content Type The content type parameter can be used to indicate the media type of IDIP-data. content-type = "Content-Type:" SP media-type IDIP uses Internet Media Types [MEDIA TYPE] in the Content-Type parameter or Accept-Type parameter to provide open and extensible data typing. media-type = type "/" subtype *( ";" parameter ) type = token subtype = token parameter = attribute "=" value attribute = token value = token | quoted-string The type, subtype, and parameter attribute names are case-insensitive. Parameter values may or may not be case-sensitive, depending on the semantics of the parameter name. A.Iwakawa, S.Fujimoto, D.Marvit [Page 14] INTERNET-DRAFT IDIP October 1999 5.2.1 Multipart Types In IDIP, content type "multipart/mixed" MAY be used to transfer multiple lists of IDO functions. Though the syntax of the multipart type is the same as defined in MIME [MEDIA TYPE], IDIP-parameters SHOULD be included in the body-part of each enclosed entity in IDIP. 5.3 Content Length The Content Length parameter indicates the number of bytes in IDIP- data. All IDIP requests and responses MUST include a Content Length parameter. content-length = "Content-Length:" SP 1*DIGIT An example is Content-Length: 1024 5.4 Accept Type The Accept-Type parameter can be used to indicate a media type which is acceptable as a response to a request. This parameter may appear multiple times to indicate a list of media. accept-type = "Accept-Type:" SP media-type 5.5 IDIP Authenticate The IDIP-Authenticate parameter specifies the style of authentication parameters. IDIP-authenticate = "IDIP-Authenticate:" SP auth-options auth-options = option *(";" option ) option = authenticate-style 5.5.1 Authenticate Style Option The authenticate style option indicates which authentication style is used. Currently only "style basic" is defined. authenticate-style = "style" "=" value 5.5.1a. Style Basic This style provides 'password' authentication. The IDIP-body is used to send password data. A.Iwakawa, S.Fujimoto, D.Marvit [Page 15] INTERNET-DRAFT IDIP October 1999 5.6 Keyword The keyword parameter is used to specify an IDO function in the DIP- list-request. Also, this parameter is used to register the keyword of IDO function in IDIiup-add-request. The keyword parameter MAY be specified with a set of key strings and word strings delimited by an "=" character. To specify multiple keywords, multiple keyword parameters should be specified in the IDIP-request. If the multiple Keyword parameters are used to specify IDO functions in IDIP-list-request, the conditions are assumed to be the logical AND of each parameter. keyword = "Keywords:" SP IDIP-keyword IDIP-keyword = [key "="] word CRLF key = token word = token 5.7 Location The location parameter is used to specify the IDO-Address of an IDO which has changed its IDO-Address. This parameter specifies a new IDO-Address in IDIiup-redirect-request and response to the IDI(ep,iup)- start-request. location = "Location:" SP location location = IDO-Address 5.8 Functionid The functionid parameter is used to specify the IDO function. Functionid is given by an IDO when a Function Enabler issues an add request to the IDO. The Function Enabler gets a FunctionId as a response to the add request. functionid = "FunctionId:" SP functionId FunctionId = DIGIT 5.9 FEname The FEname parameter specifies an "alias" of Function Enabler. The FEname parameter is not necessary the same as the IDO address of the Function Enabler. FEname is specified by the Function Enabler in IDIiup-login-request (see 8.1). A.Iwakawa, S.Fujimoto, D.Marvit [Page 16] INTERNET-DRAFT IDIP October 1999 FEname = token 5.10 Admitfrom and denyfrom The admitfrom parameter and denyfrom parameter are used to specify the access control for an IDO function. These parameters are described in IDIiup-add-request. Access control is applied to the IDO specified by IDO-Address, or to the group specified by groupid. The admitfrom parameter specifies the IDO or group granted access to the corresponding IDO function. The denyfrom parameter specifies the IDO or group denied access to the corresponding IDO function. admitfrom = "Admit-from:" groupId | IDOaddress *("," IDOaddress ) denyfrom = "Deny-from:" groupId | IDOaddress *("," IDOaddress ) If the host part of an IDO address is not specified, the host is assumed to be the host to which this IDO belongs. Groupid is a ensemble of IDO addresses and has the following syntax. groupId = "#" atom The procedure to register the groupid is not specified by IDIP. 6 IDI external protocol request IDIP-request = IDIP-command IDIP-parameters CRLF IDIP-data IDIP-parameters = *(IDIP-parameter CRLF) IDIP-command = IDIep-start-request ;6.1 |IDIep-list-request ;6.2 |IDIep-call-request ;6.3 |IDIep-kill-request ;6.4 |IDIep-end-request ;6.5 There are some IDIP-parameters commonly necessary for an IDIep request and response. These parameters are: Content-Type: Media type of IDIP-data. Content-Length: Data length of IDIP-data in bytes. Note that if request does not contain any IDIP-data, Context-Length MUST be set to 0 and Content-Type MUST not appear in the request. These parameters are not described explicitly in the description below. 6.1 IDIep-start-request A.Iwakawa, S.Fujimoto, D.Marvit [Page 17] INTERNET-DRAFT IDIP October 1999 Headers: IDIP-command : "START" CRLF IDIP-parameter : IDO-From: IDO-address of the IDO which issued this request IDO-To : IDO-address of the IDO which will receive this request [IDIP-authenticate: Data scheme of authentication information] IDIP-data :[Authentication information] description: Request IDO server to establish an IDIep connection between *this* IDO and the IDO which is specified by the IDO-To parameter. TCP connection on which this command has issued will be the IDIep connection. 6.2 IDIep-list-request IDIP-command : "LIST" CRLF IDIP-parameter : [functionid] [keyword] description: Request IDO a list of IDO functions in IDO function format. The format of the IDO function is described in section 12. Keywords may be specified to select IDI services. If the functionId is specified, the appropriate IDI-function should be returned. The multiple list of IDO functions is returned using multipart MIME type with a "mixed" subtype. In this case each body-part of the multipart MUST contain a FEname parameter and a functionid parameter. 6.3 IDIep-call-request IDIP-command : "CALL" CRLF IDIP-parameter : functionid IDIP-data : [IDO function format] description: Request to execute an IDO function as specified by the functionid parameter. 6.4 IDIep-kill-request IDIP-command : "KILL" CRLF IDIP-parameter : functionid A.Iwakawa, S.Fujimoto, D.Marvit [Page 18] INTERNET-DRAFT IDIP October 1999 IDIP-data : [IDO function format] description: Request to terminate an IDO function specified by functionid parameter. 6.5 IDIep-end-request IDIP-command : "END" CRLF description : Request to clear the IDIep connection. 7 IDI external protocol responses IDIep-response = status IDIP-parameters CRLF IDIP-data = Successful response ; 7.1 | Authentication error response ; 7.2 | Redirect response ; 7.3 | No function available error response ; 7.4 | Function not found error response ; 7.5 | Parameter not acceptable error response ; 7.6 7.1 Successful response status-code : 100 status-description : OK IDIP-data : [IDO function format] description: The specified IDIep request was successful. The IDO function format MAY be contained in IDIP-data in the response to the list request or the call request. If the IDIP-data contains multiple lists of IDO function, it MUST be described using the multipart style(5.2.1). 7.2 Authentication error response status-code : 201 status-description : Authentication Error IDIP-data : description: The specified IDIep request failed because of an authentication failure. A.Iwakawa, S.Fujimoto, D.Marvit [Page 19] INTERNET-DRAFT IDIP October 1999 7.3 Redirect response status-code : 306 status-description : IDO Moved IDIP-parameter : location: IDOaddress to which the specified IDO moved. description: The specified IDO has moved to the IDO-address specified in the Location parameter. This response exists exclusively for IDIep-start requests. 7.4 No function available error response status-code : 303 status-description : No Function Available description: The specified keywords did not match any IDO services. If the keyword is not specified, this result indicates that no IDO function is available. This response is only returned to IDIep-list requests and IDIep-call- requests. 7.5 Function not launched error response status-code : 203 status-description : Function Not Launched IDIP-data : [IDO function format] description: The specified IDI service is not acceptable because of an uncertain error. This response is only returned to the IDIep-call-request. 7.6 Parameter not acceptable error response status-code : 204 status-description : Parameter Not Acceptable IDIP-data : [IDO function format] description: The specified IDI service is not acceptable with the specified IDI- function. This response is only returned to the IDIep-call-request. 8 IDI internal upward protocol(IDIiup) requests and responses A.Iwakawa, S.Fujimoto, D.Marvit [Page 20] INTERNET-DRAFT IDIP October 1999 IDIiup-Request = IDIiup-login-request ;8.1 |IDIiup-logout-request ;8.2 |IDIiup-start-request ;8.3 |IDIiup-end-request ;8.4 |IDIiup-list-request ;8.5 |IDIiup-call-request ;8.6 |IDIiup-kill-request ;8.7 |IDIiup-catch-request ;8.8 |IDIiup-free-request ;8.9 |IDIiup-add-request ;8.10 |IDIiup-delete-request ;8.11 |IDIiup-disable-request ;8.12 |IDIiup-enable-request ;8.13 |IDIiup-redirect-request ;8.14 There are some IDIP-parameters commonly necessary for IDIiup request and response. These parameters are Content-Type: Media type of IDIP-data. Content-Length: Data length of IDIP-data in bytes. Note that if requests do not contain any IDIP-data, Context-Length MUST be set to 0 and Content-Type MUST not appear in the request. These parameters are not described explicitly in the description below. 8.1 IDIiup-login-request format: IDIP-command : "LOGIN" CRLF IDIP-parameter : IDO-From: IDO-Address of the Function Enabler which issued this request IDO-To : IDO-Address of the IDO which will receive this request FEname : Name of Function Enabler [IDIP-authenticate: Data scheme of authentication information] IDIP-data :[authentication information] description: Request that the IDO establish an IDIiup connection from the Function Enabler which is specified in the IDO-From parameter, to the IDO which is specified in the IDO-To parameter. The TCP connection on which this command has been issued will be the IDIiup connection. 8.2 IDIiup-logout-request format: IDIP-command : "LOGOUT" CRLF description: Request that the IDO clear the IDIiup connection. A.Iwakawa, S.Fujimoto, D.Marvit [Page 21] INTERNET-DRAFT IDIP October 1999 8.3 IDIiup-start-request IDIP-command : "START" CRLF IDIP-parameter : IDO-To : IDO-address of IDO to which the IDIep connection connected [IDIP-authenticate: Data scheme of authentication information] IDIP-data : [authentication information] description: Request that the IDO establish an IDIep connection to the IDO which is specified by the IDO-To parameter. 8.4 IDIiup-end-request IDIP-command : "END" CRLF IDIP-parameter : IDO-To: The IDO address of the IDO which will have its IDIep connection cleared description: Request that the IDO clear the IDIep connection to the IDO which is specified by IDO-To parameter. 8.5 IDIiup-list-request IDIP-command : "LIST" CRLF IDIP-parameter : IDO-To : IDO address of the IDO which will receive this request [keyword] [functionid] description: Request that the IDO issue the IDIep-list-request to the IDO specified by the IDO-To parameter. The request MAY include the keyword parameter, or functionid parameter. If there is no IDO-To parameter in the request, the request is assumed to apply to the IDO to which this IDIiup connection is connected. If the IDO has no IDIep connection to the IDO which is specified in IDO-To parameter, "no IDIep connection" error response is returned. 8.6 IDIiup-call-request IDIP-command : "CALL" CRLF IDIP-parameter : A.Iwakawa, S.Fujimoto, D.Marvit [Page 22] INTERNET-DRAFT IDIP October 1999 IDO-To: IDO address to which the IDIep request will be issued functionid IDIP-data : [IDO function format] description: Request that the IDO issue IDIep-call-request to the IDO specified by the IDO-To parameter. IDO function is specified by functionid parameter. If the IDO has no IDIep connection to the IDO which is specified in IDO-To parameter, "no IDIep connection" error response is returned. 8.7 IDIiup-kill-request IDIP-command : "KILL" CRLF IDIP-parameter : IDO-To: IDO address to which the IDIep request will be issued functionid IDIP-data : [IDO function format] description: Request that the IDO terminate the IDO function specified by the functionId parameter. 8.8 IDIiup-catch-request IDIP-command : "CATCH" CRLF IDIP-parameter : IDO-From: IDO-address of Function Enabler which issued this request IDO-To : IDO-address of IDO which will receive this request [IDIP-authenticate: Data scheme of authentication information] [Callback: host [:port]] IDIP-data :[authentication information] description: Request that the IDO establish an IDIidp connection from the IDO which specified by the IDO-To parameter to the Function Enabler which is specified by IDO-From parameter. If the "Callback:" parameter is specified, request that the IDO establish the TCP connection to the specified port of specified host. The host parameter is presented by FQDN or IP address in dot decimal. If the "Callback:" parameter is not specified, this TCP connection will be an IDIidp connection. Note: The "Callback:" parameter is not supported for the time being, because of authentication problems. A.Iwakawa, S.Fujimoto, D.Marvit [Page 23] INTERNET-DRAFT IDIP October 1999 8.9 IDIiup-free-request IDIP-command : "FREE" CRLF description: Request that the IDO clear the IDIidp connection between the IDO and this Function Enabler. 8.10 IDIiup-add-request IDIP-command : "ADD" CRLF IDIP-parameter : keyword: [functionid] [admitfrom: groupId | IDO address *("," IDO address )] [denyfrom: groupId | IDO address *("," IDO address )] IDIP-data : [IDO function format] description: Request IDO to add an IDO function. The location of the Function Provider is regarded as the location of the Function Enabler which issued this request. A property of IDO function MAY be described using IDO function format described in section 12. This property is transferred as IDIP-data of the request. The keyword parameter is keywords of the IDO function (see 5.6). The admitfrom parameter and denyfrom parameter are used to set ACLs of this IDO function (see 5.10). The condition specified by these parameter follows the following rules. o If the same user or group is specified in multiple admit/denyfrom parameters, the condition specified by later parameter has higher priority. o If the admitfrom parameter appears prior to denyfrom-parameter or no denyfrom-parameter is specified in the request, IDO MUST treat that deny request from every IDO, as an initial access control. After that, the conditions specified by admitfrom/denyfrom parameters are applied. o If the denyfrom parameter appears prior to admitfrom-parameter or no admitfrom-parameter is specified in the request, IDO MUST treat that admit request from every IDO, as an initial access control. After that, the conditions specified by admitfrom/denyfrom parameters are applied. o If the request contains neither admitfrom-parameter nor denyfrom- parameter, the IDO function MUST accept request from every IDO. If the FunctionId-parameter is specified, every attribute of the corresponding IDO function MUST be replaced by following admitfrom parameter, denyfrom parameter, keyword parameter, and properties contained in IDIP-data. If there is no IDIP-data part in this request, Function Enabler A.Iwakawa, S.Fujimoto, D.Marvit [Page 24] INTERNET-DRAFT IDIP October 1999 requests IDO to transfer IDIep-list-request to this Function Enabler via IDIidp connection(see 10.1). 8.11 IDIiup-delete-request IDIP-command : "DELETE" CRLF IDIP-parameter : [functionid] [FEname] description: Request that the IDO delete the IDO service specified by the functionid parameter. If the functionid parameter is not specified, every IDO function registered by this IDIiup connection MUST be deleted. If a FEname parameter is specified, All IDO functions belong to corresponding Function Enabler are deleted. 8.12 IDIiup-disable-request IDIP-command : "DISABLE" CRLF IDIP-parameter : functionid description: Request that the IDO disable the IDO function specified by the FunctionId-parameter. 8.13 IDIiup-enable-request IDIP-command : "ENABLE" CRLF IDIP-parameter : functionid description: Request that the IDO enable the IDO function specified by functionid parameter. 8.14 IDIiup-redirect-request IDIP-command : "REDIRECT" CRLF IDIP-parameter : location : IDO address to which this IDO will move description: Request that the IDO register the redirection. The location parameter specifies the destination IDO address. A.Iwakawa, S.Fujimoto, D.Marvit [Page 25] INTERNET-DRAFT IDIP October 1999 9 IDI internal upward protocol responses IDIiup-response = status IDIP-parameters CRLF IDIP-data = successful response ; 9.1 | authentication error response ; 9.2 | no IDIiup connection response ; 9.3 | no IDIep connection response ; 9.4 | IDO moved response ; 9.5 | IDO not found response ; 9.6 | function not launched error ; 9.7 | parameter not acceptable error ; 9.8 | no function available error ; 9.9 9.1 Successful response status-code : 100 status-description : OK IDIP-parameter : IDIP-data : [IDO function format] description: The specified IDIiup request was successfully completed. The corresponding data was described in the IDIP-data section of the response. The IDO function format MAY be contained in the IDIP-data as returned in the response to a list request or a call request. If IDIP-data contains multiple list of IDO function, it MUST be described using the multipart style(5.2.1). 9.2 Authentication error response status-code : 201 status-description : Authentication Error description: Authentication failure. 9.3 No IDIiup connection response status-code : 310 status-description : No IDIiup Connection description: The specified IDIiup connection does not exist. 9.4 No IDIep connection response status-code : 309 A.Iwakawa, S.Fujimoto, D.Marvit [Page 26] INTERNET-DRAFT IDIP October 1999 status-description : No IDIep Connection IDIP-parameter : [functionid] description: The IDIep connection does not exist. If the response is returned for a call request, the corresponding functionId MUST be described. 9.5 IDO moved response status-code : 306 status-description : IDO Moved IDIP-parameter : location: IDO-Address to which the specified IDO moved description : The specified IDO was moved to the IDO address specified by the location parameter. 9.6 IDO not found response status-code : 307 status-description : IDO Not Found description : Failed to establish an IDIep connection. 9.7 Function not launched error status-code : 203 status-description : Function Not Launched IDIP-data : [IDO function format] description: The specified IDO function was not executed for some unknown reason. 9.8 Parameter not acceptable error status-code : 204 status-description : Parameter Not Acceptable IDIP-data : [IDO function format] description: The specified IDO function was not executed because of a negotiation failure. 9.9 No function available error A.Iwakawa, S.Fujimoto, D.Marvit [Page 27] INTERNET-DRAFT IDIP October 1999 status-code : 303 status-description : No Function Available IDIP-data : [IDO function format] 10 IDI internal downward protocol requests IDIidp-Request = IDIidp-list-request ;10.1 |IDIidp-call-request ;10.2 There are some IDIP-parameters commonly necessary for IDIidp requests and responses. These parameters are Content-Type: Media type of IDIP-data. Content-Length: Data length of IDIP-data in bytes. Note that if the request does not contain any IDIP-data, Context- Length MSUT be set to 0 and Content-Type MUST not appear in the request. These parameters are not described explicitly in the description below. 10.1 IDIidp-list-request IDIP-command : "LIST" CRLF IDIP-parameter : [functionid] description: Request that the Function Enabler return the list of IDO functions. IDO functions MAY be specified by the FunctionId-parameter. If the FunctionId-parameter is not specified, the Function Enabler returns a list of all IDO functions. 10.2 IDIidp-call-request IDIP-command : "CALL" CRLF IDIP-parameter : functionid IDIP-data : [IDO function format] description: Request that the Function Enabler perform the IDO function specified by functionid parameter with properties contained in IDIP-data part of the request. The properties MAY be specified using IDO function format described in section 12. 11 IDI internal downward protocol responses IDIidp-response = status IDIP-parameters CRLF IDIP-data = successful response ; 11.1 | authentication error response ; 11.2 A.Iwakawa, S.Fujimoto, D.Marvit [Page 28] INTERNET-DRAFT IDIP October 1999 | parameter not acceptable error ; 11.3 | no function available error ; 11.4 11.1 Successful response status-code : 100 status-description : OK IDIP-parameter : IDIP-data : [IDO function format] description: The request succeeded. The IDIP-data MAY contain the IDO function format for the response to a call request and a list request. 11.2 Authentication error response status-code : 201 status-description : Authentication Error description: Authentication failure. 11.3 No function available error status-code : 303 status-description : No Function Available description: The specified keywords or functionId did not match any IDO functions. 11.4 Parameter not acceptable error status-code : 204 status-description : Parameter Not Acceptable IDIP-data : [IDO function format] description: The specified IDO function is not acceptable with the specified parameters. Parameters MAY be specified by IDO function format. 12 IDO function format 12.1 Overview of IDO function format The purpose of the IDO function format is to specify or inform the parameters of an IDO function. Also, IDO functions can specify some semantics of parameters which are related to negotiation of parameters. The IDO function format is specified as an Extensible Markup Language A.Iwakawa, S.Fujimoto, D.Marvit [Page 29] INTERNET-DRAFT IDIP October 1999 (XML) application. The IDO function format is transported in IDIP-data part of IDIP message. The IDO function format is handled by the Function Enabler and Function Provider, and IDO does not concern about IDO function format. The IDO function format is used for three purposes. 1) To request the initial parameter for an IDO function An IDO function format is used to specify the initial parameter for an IDO function in an IDIep-call-request, an IDIiup-call-request and an IDIidp-call-request. 2) To return the initial parameter for IDO function An IDO function format is used to specify the result of the request contained in the response message for an IDIep-call-request, an IDIiup- call-request, and an IDIidp-call-request. 3) To register the specification of IDO function 12.2 The Structure of IDO function format The IDO function format is described in well-formed XML. The tree structure of an IDO function is described below. IDO-function- |-name |-specification--spec | | ... | --spec |-description |-status |-item--parameter | |...... | --parameter |....... |-item--parameter 12.3 Description of each element and its attributes 12.3.1 The function element This element is a root element of the IDO function format. The function element includes a name element, a spec element, a desc element, a status element, and an item element. 12.3.2 The name element The name element describes name of this IDO function. 12.3.3 The specification element Function Provider decides whether the IDO function is negotiable or A.Iwakawa, S.Fujimoto, D.Marvit [Page 30] INTERNET-DRAFT IDIP October 1999 not using this element. One or more spec elements are included as child nodes. 12.3.3.1 The spec element Function Provider judges whether the IDO function is negotiable or not with referring to the value of this element. Therefore, the value of spec element must be globally unique. The spec element is combined to spec attribute of item element. If an IDO function format contains multiple item elements, the corresponding multiple spec elements MUST be specified. 12.3.4 The description element The description element explains the function of the Function Provider in a simple text string. 12.3.5 The status element This element specifies purpose of the IDO function format. "request" This IDO function format is a request. "response" This IDO function format is a response to request. "registration" This IDO function format is a catalogue of the IDO function. 12.3.6 The item element The item element concentrates multiple parameters into a single negotiation unit. Item elements include one or more parameter elements. Item elements have a type attribute, a description attribute, and a spec attribute. If the type attribute is specified, the attribute is inherited by the child node. 12.3.6.1 The spec attribute The spec attribute specifies specification for negotiation of the item element. This attribute is combined with spec element and the value must coincide with the value specified in spec element in section 12.3.3.1. 12.3.7 The parameter element The parameter element specifies value of the parameter necessary to perform the IDO function. The parameter element includes a type attribute and a description attribute. The syntax of the content of this element is not specified in this IDO function format specification. The parameter element can have other parameter elements as child nodes. If the attribute is not explicitly specified, then the attribute of the parent element is inherited. 12.3.8 The type attribute The type attribute specifies semantics related to negotiation. The type attribute qualifies parameter element or item element. All parameter elements included in the item element are qualified by the attribute which qualifies parent element unless type attribute of child element is specified explicitly. A.Iwakawa, S.Fujimoto, D.Marvit [Page 31] INTERNET-DRAFT IDIP October 1999 12.3.8.1 Attributes appearing in requests "variable" - The described parameter is a proposed value. If the value is not acceptable, alternative values may be returned. Responses to this request include: "accepted", "alternate" or denied". "fixed" - The described parameter is a proposed value . Even if the value is not acceptable, an alternative value is not required. Responses to this request include: "accepted" or "denied". "fetch" - There is no proposed value for this parameter. 12.3.8.2 Attributes in responses "accepted" - The proposed value was accepted. "alternate" - Though the proposed value is not acceptable, an alternative value specified in the response is acceptable. "denied" - The proposed value is not acceptable, and there is no alternative value proposed for this parameter. If this attribute appears in response to the request with "fetch" attribute, the requested parameter is not provided. "required" - To perform this IDO function , the specified parameter is required. "reply" - The requested parameter is described. "notify" - The parameter is described. 12.3.8.3 Attributes appears in catalogue "required" - The specified parameter is required. The client must specify the value for this parameter with the "variable" or "fixed" attribute in the request. "variable" - The specified parameter is required. The specified value is proposed value. The client must specify the value for this parameter with the "variable" or "fixed" attribute in the request. "fixed" - The specified value is proposed for the parameter. The client must specify the value with the "fixed" parameter in the request. If a different value is specified for the parameter, the request will be denied. "available" - The value of this parameter is available. The client can get the value of this parameter with "fetch" attribute. A.Iwakawa, S.Fujimoto, D.Marvit [Page 32] INTERNET-DRAFT IDIP October 1999 12.3.9 The description attribute A simple text string which explains the item or parameter element. 13 Examples 13.1 Invocation for IRC chat channel In this case, IDO user "Alice" with IDO address "alice@ido1.co.jp" wants to communicate "Bob" with IDO address "bob@ido2.co.jp". Alice wants to chat with bob, if "Bob" is available. alice@ido1.co.jp bob@ido2.co.jp +----------+ IDIep +----------+ | IDO |=====================>| IDO | +----------+ +----------+ /|| || || IDIiup IDIidp || || ||/ +----------+ +----------+ | Function | | Function | | Enabler | | Enabler | +----------+ +----------+ alice@dragon.ido1.co.jp bob@tiger.ido2.co.jp ; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup- ;login-request to establish an IDIiup connection from the Function ;Enabler(alice@dragon.ido1.co.jp) to her IDO(alice@ido1.co.jp) using ;IDIiup. LOGIN From: alice@dragon.ido1.co.jp To: alice@ido1.co.jp Content-Length: 0 ; Alice's IDO(alice@ido1.co.jp) returns a successful response to Alice's ;Function Enabler(alice@dragon.ido1.co.jp). 100 OK Content-Length: 0 ; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup- ;start-request to make her IDO to establish an IDIP connection to Bob's ;IDO(bob@ido2.co.jp) using the IDIiup connection. START To: bob@ido.fujitsu.co.jp Content-Length: 0 ; Alice's IDO(alice@ido1.co.jp) issues an IDIep-start-request to Bob's ;IDO(bob@ido2.co.jp) to establish an IDIP connection. A.Iwakawa, S.Fujimoto, D.Marvit [Page 33] INTERNET-DRAFT IDIP October 1999 START To: bob@ido.fujitsu.co.jp Content-Length: 0 ; Bob's IDO (bob@ido2.co.jp) returns a successful response to Alice's ;IDO(alice@ido1.co.jp). 100 OK Content-Length: 0 ; Alice's IDO (alice@ido1.co.jp) returns a successful response to ;Alice's Function Enabler(alice@dragon.ido1.co.jp). 100 OK Content-Length: 0 ; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup- ;list-request to get information of Bob's IDO. LIST To: bob@ido2.co.jp Keywords: name=chat Content-Length: 0 ; Alice's IDO(alice@ido1.co.jp) issues an IDIep-list-request to Bob's ;IDO(bob@ido2.co.jp). Note that IDO-To parameter is not contained in the ;message because it will be transferred through the IDIep connection ;which has already been established. LIST Keywords: name=chat Content-Length: 0 ; Bob's IDO(bob@ido2.co.jp) returns successful response to Alice's ;IDO(alice@ido1.co.jp). ; Bob prefers #MEETING for default IRC channel, and irc.chat.co.jp as an ;IRC server. ; IRC Client "Chocoa" can show web page using browser, Bob prefers to ;talk referencing "http://www.fujitsu.co.jp/hypertext/free/chocoa/en/" ;as an initial page. 100 OK FunctionId: 10000 Content-Type: text/xml Content-Length: xxx chocoa This FP invokes chocoa win32 executable A.Iwakawa, S.Fujimoto, D.Marvit [Page 34] INTERNET-DRAFT IDIP October 1999 irc chocoa request irc.chat.co.jp Bob #MEETING http://www.fujitsu.co.jp/hypertext/free/chocoa/en/ ; Alice's IDO(alice@ido1.co.jp) returns a successful response to Alice's ;Function Enabler(alice@dragon.ido1.co.jp). 100 OK Content-Type: text/xml Content-Length:xxx [Content is the same as above] ; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup- ;call-request to request performing an IDO function. ; IDO function is specified by the functionid parameter. CALL To: bob@ido2.co.jp FunctionId: 10000 Content-Type: text/xml Content-Length: xxx chocoa This FP invokes chocoa win32 executable irc chocoa A.Iwakawa, S.Fujimoto, D.Marvit [Page 35] INTERNET-DRAFT IDIP October 1999 request irc.chat.co.jp Alice Bob #MEETING http://www.fujitsu.co.jp/hypertext/free/chocoa/en/ ; Alice's IDO (alice@ido1.co.jp) issues a call request to Bob's ;IDO(bob@ido2.co.jp) to call an IDO function. ; The IDO function is specified by FunctionId: parameter. CALL FunctionId: 10000 Content-Type: text/xml Content-Length: xxx [Content is the same as above] ; Bob's IDO (bob@ido2.co.jp) issues an IDIidp-call-request to Bob's ;Function Enabler(bob@tiger.ido2.co.jp) to perform IDO function via ;IDIidp connection. ; IDO function is specified by functionid parameter. CALL FunctionId: 10000 Content-Type: text/xml Content-Length: xxx [Content is the same as above] ; Bob's Function Enabler(bob@tiger.ido2.co.jp) returns an error response ;to the IDIidp-call-request because he thinks #IDI is better than ;#MEETING for chat channel in this case. 204 Parameter Not Acceptable A.Iwakawa, S.Fujimoto, D.Marvit [Page 36] INTERNET-DRAFT IDIP October 1999 FunctionId: 10000 Content-Type: text/xml Content-Length: xxx chocoa This FP invokes chocoa win32 executable irc chocoa request irc.chat.co.jp Alice Bob #IDI http://www.fujitsu.co.jp/hypertext/free/chocoa/en/ ; Bob's IDO( bob@ido2.co.jp) returns an error response to the call ;request. 204 Parameter Not Acceptable FunctionId: 10000 Content-Type: text/xml Content-Length: xxx [Content is the same as above] ; Alice's IDO( alice@ido1.co.jp) returns an error response to the call ;request. 204 Parameter Not Acceptable FunctionId: 10000 Content-Type: text/xml A.Iwakawa, S.Fujimoto, D.Marvit [Page 37] INTERNET-DRAFT IDIP October 1999 Content-Length: xxx [Content is the same as above] ; Alice's Function Enabler(alice@alice.ido1.co.jp) issues an IDIiup- ;call-request again because channel parameter in the preceding request ;was denied by Bob's Function Enabler. ; Alice's Function Enabler specifies #IDI for a chat channel which is ;counter-proposed by Bob's Function Enabler. Note that every parameter ;must be specified again because the negotiation is a stateless process. CALL To: bob@ido.fujitsu.co.jp FunctionId: 10000 Content-Type: text/xml Content-Length: xxx chocoa This FP invokes chocoa win32 executable irc chocoa request irc.chat.co.jp Alice Bob #IDI http://www.fujitsu.co.jp/hypertext/free/chocoa/en/ ; Alice's IDO (alice@ido1.co.jp) issues an IDIep-call-request to Bob's ;IDO(bob@ido2.co.jp) to request performing an IDO function. CALL A.Iwakawa, S.Fujimoto, D.Marvit [Page 38] INTERNET-DRAFT IDIP October 1999 FunctionId: 10000 Content-Type: text/xml Content-Length: xxx [Content is the same as above] ; Bob's IDO (bob@ido2.co.jp) issues an IDIidp-call-request to Bob's ;Function Enabler(bob@tiger.ido2.co.jp) to call the IDO function via ;IDIidp connection. CALL FunctionId: 10000 Content-Type: text/xml Content-Length: xxx [Content is the same as above] ; Bob's Function Enabler (bob@tiger.ido2.co.jp) returns a successful ;response because he thinks #IDI is an adequate chat channel. 100 OK Content-Type: text/xml Content-Length:xxx chocoa This FP invokes chocoa win32 executable irc chocoa request irc.chat.co.jp Alice Bob #IDI http://www.fujitsu.co.jp/hypertext/free/chocoa/en/ A.Iwakawa, S.Fujimoto, D.Marvit [Page 39] INTERNET-DRAFT IDIP October 1999 ; Bob's IDO(bob@ido2.co.jp) returns a successful response. 100 OK Content-Type: text/xml Content-Length:xxx [Content is the same as above] ; Alice's IDO(alice@ido1.co.jp) returns a successful response to Alice's ;Function Enabler(alice@dragon.ido1.co.jp). 100 OK Content-Type: text/xml Content-Length:xxx [Content is the same as above] 14 Security Considerations 14.1 Authentication IDIP has two types of authentication. One is Function Enabler authentication and the other is IDO authentication. When one IDO requests another IDO to establish IDIP connection, the callee IDO authenticates the caller IDO. When a Function Enabler requests that an IDO establish an IDIiup connection, the IDO authenticates the Function Enabler. When an IDO requests that a Function Enabler establish an IDIidp connection, the Function Enabler and IDO must both authenticate each other because, in some cases, the IDO cannot trust the Function Enabler (Ex. dialup PPP). Because the current version of IDIP does not support mutual authentication, an IDIiup connection is used as an IDIidp connection to overcome such difficulties. 14.2 Access Controls An IDO SHOULD support Access Control to each IDO function using a Function Enabler (see 8.10). Any user who is not allowed to access the IDO function, can not get the list of IDO functions and can not call those functions. The access control is managed by ACLs located on the IDO. The Function Enabler can control this ACLs (see 8.10). 15 References [KEYWORDS] S. Bradner, " Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, Mar.1997. [MEDIA TYPE] A.Iwakawa, S.Fujimoto, D.Marvit [Page 40] INTERNET-DRAFT IDIP October 1999 N. Freed, N. Borenstein, "Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types", RFC2046, Nov. 1996. [HTTP1.1] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC2616, Jun. 1999. 16 Author's Addresses Akinori Iwakawa Fujitsu Laboratories Limited Okubocho Nishiwaki 64 Akashi, HYOGO 674-0054 JAPAN Fax: +81 (78) 934 - 3312 Email: iwakawa@flab.fujitsu.co.jp Shingo Fujimoto Fujitsu Laboratories of America, Inc. 595 Lawrence Expressway Sunnyvale, CA 94086 U.S.A. Fax: +1 (408) 530 - 4515 Email: shingo@fla.fujitsu.com Dave Marvit Fujitsu Laboratories of America, Inc. 595 Lawrence Expressway Sunnyvale, CA 94086 U.S.A. Fax: +1 (408) 530 - 4515 EMail: dave@marvit.org A.Iwakawa, S.Fujimoto, D.Marvit [Page 41]