[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 10.4 IDENTIFY Command

To: ietf-calendar@xxxxxxx
Subject: Re: 10.4 IDENTIFY Command
From: Bruce_Kahn@xxxxxxxxxxxxxxxx
Date: Mon, 11 Nov 2002 11:15:01 -0500
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-calendar/mail-archive/>
List-id: <ietf-calendar.imc.org>
List-unsubscribe: <mailto:ietf-calendar-request@imc.org?body=unsubscribe>
Sender: owner-ietf-calendar@xxxxxxxxxxxx

Doug replied on 11/06/2002 08:15:56 PM: > Just curious, do you feel the the CS should ask the CUA if the > user has permission? Or are you saying that the CS should not > do it internally?
I think that we have a disjoin in our design WRT IDENTIFY. The CU can configure the CUA w/a list of identities to try and switch to but the CS has the final authority over allowing or disallowing the actualy IDENTIFY command to succeed or not. As such I think that there should be some way for the CUA to get the list of 'alternate' or assumable identities from the CS.

Otherwise my CUA just has to take the list its configured w/and try to see if the CS will allow the change. Its possible that the list of, say, 20 alternate identities my AA has (she's also the team AA) does not jive w/the CS's derived list of allowable identities. So her CUA just keeps going "I want to change my identity to UPN2", "I want to change my identity to UPN3", etc.

It would be MUCH simpler if the CUA had a way to get the list from the CS. That way it could cut down on extra network traffic AND it could do something nice in the UI like indicate "You are not authorized to assume UPN3 and UPN6 that you have configured."

At one point early on in CAP we had the design that the CS would return back the 'primary' UPN that the CUA was assuming and we had discussed the possibility of sending back the list of alternate UPNs. It seems to me that this never got resolved (I didnt check, I have 500+ msgs to wade thru still) but I think we should do it. If not at authentication time (not everyone will change identities) then via a command of some kind.

> Do you have a proposal that will allow one CUA to inform a CS > 'trust me' I have permission?
You misread my concern. I think the CUA should have a way to get the list of allowable identities from the CS, not push a list to the CS. That would be "administration" stuff and not something on the list of discussable topics for 1.0.

Bruce
===========================================================================
Bruce Kahn INet: Bruce_Kahn@xxxxxxxxxxxxxxxx
Messaging & Collaboration Phone: 978.399.6496
IBM Software Group FAX: and nothing but the FAX...
Standard disclaimers apply, even where prohibited by law...

Follow-Ups:
- Re: 10.4 IDENTIFY Command
  - From: Doug Royer

References:
- Re: 10.4 IDENTIFY Command
  - From: Doug Royer

Prev by Date: Re: 10.4 IDENTIFY Command
Next by Date: Re: 10.4 IDENTIFY Command II
Previous by thread: Re: 10.4 IDENTIFY Command
Next by thread: Re: 10.4 IDENTIFY Command
Index(es):
- Date
- Thread