Re: AW: [Geopriv] AW: Common policy identities clarification

From: Aki Niemi ^lt;aki.niemi@nokia.com>
Date: Thu Aug 04 2005 - 04:58:11 EDT

Hi,

ext Tschofenig, Hannes wrote:
>> A rule with no condition matches any request even if no identity
>> was provided;
>
> authenticated or unauthenticated.
>
> there is no concept of 'no identity provided'.
>
>> a rule with no *identity* condition matches regardless of the
>> identity.
>
> authenticated or unauthenticated.

Well, yes, but it need not be spelled out. Just like you don't say that
if the validity element is missing, the rule applies to all requests
received since "the beginning of time" until "the end of the world".

If there is no identity condition, *any* value -- including NULL -- is
allowed for the identity of the request. In my humble opinion, that is.

>> In other words, other conditions will determine whether the rule
>> applies.
>
> hmm. i am missing something here.

Ok, just like if the <conditions> contains no sphere condition; then the
request is matched based on other conditions (validity, identity) --
regardless of whether sphere was provided, or what its value was.

The same principle should apply to identity, and be spelled out.

>> This bit...
>>
>> <conditions> <identity> <any/> </identity> </conditions>
>>
>> ...then again only matches requests that have an asserted identity.
>>
>
>
> we defined it as 'matches only authenticated identities."
>
> (asserted identities are treated as authenticated identities with the
> recent draft version.)

That's fine as well, as long as we're consistent.

>> Does not matter which identity, as long as it is asserted and
>> exists.
>
>
> most issue we discuss are a matter of definitions and style. we
> should discuss these things intensively in order to finish it soon.

Definitely agree. I'm also willing to provide text for the identity (and
the conditions chapters) if necessary.

Cheers,
Aki

> ciao hannes
>
>
>> Cheers, Aki
>>
>
>

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Thu, 04 Aug 2005 11:58:11 +0300

This archive was generated by hypermail 2.1.8 : Thu Aug 04 2005 - 05:14:59 EDT