On 6/3/2010 4:41 PM, WORLEY, Dale R (Dale) wrote: > ________________________________________ > From: [email protected] > [[email protected]] On Behalf Of Mossman, Paul (Paul) > [[email protected]] > > No changes to the phone and resource-lists.xml configuration file generation > would be required. No Operation-side changes would be required either. > > This is what we should deliver for 4.2.1. Any objections or suggestions? > _______________________________________________ > > To what degree do we want to enforce this? > > Of course, sipXconfig can limit what is written to resource-lists.xml, and > that controls what information RLS passes around, which will stop ignorant > users. > > Do we want to enforce that a user may only subscribe to his own resource > list? Currently, the RLS enforces that the subscriber must have credentials > for the domain, but does not enforce that the credentials match the resource > list. (Since that level of protection of dialog events was not a > requirement.) > > Do we want to enforce that an unauthorized subscriber cannot subscribe > directly to a user's dialog events? > > What are we trying to stop? > > Dale > _______________________________________________ >
Simple .. Customer requests they don't want users to be able to monitor presence of others. A grayed out or inability to check subscribe to presence would make them happy. Its a stock broker and what is happening is crazy brokers are stealing other brokers calls by monitoring presence and using the wonderful pickup feature :) _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
