As a generic concept, I like this and I'm sure there will be cases
where this will be useful but it's not needed for the P2P SIP
application and it is going to open up lots of interesting topics on
how to created ACLs. (I for one will argue more for RBAC instead of
classic ACL). So as an draft that is an extensions to the base, I'd
certainly be keen on this and see it as useful but I would argue it
should not go in the base draft - it's not needed for many
applications and it will take some time to get done.
Cullen <in my individual contributor role>
On Mar 26, 2009, at 6:57 PM, Narayanan, Vidya wrote:
At the moment, RELOAD defines some access control rules that allows
authorization of a node/user to store at a particular location.
However, only that node/user may modify or overwrite the data. It
does not allow a mechanism to authorize other nodes or users to
modify the data. I think it is very useful to also have provisions
for authorizing other node ids or user names that can modify the
data. As a simple use case for this, consider multiple members of a
family being able to modify the mapping for the SIP AOR of their
home phone. There are plenty of other cases as well where data
created by one node may be modified by other authorized nodes.
For this purpose, I think defining an ACL that is allowed to be
stored with the data might be appropriate. The creator may specify
a list of node ids or user names that are authorized to modify the
data.
We can discuss further on the actual solution options, but, I’d
first like to get feedback on the topic itself to see if people
agree this is worth addressing.
Thanks,
Vidya
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
