Network Working Group C. Boulton Internet-Draft Ubiquity Software Corporation Intended status: Informational M. Barnes Expires: April 16, 2007 Nortel October 13, 2006 A User Identifier for Centralized Conferencing (XCON) draft-boulton-xcon-userid-00 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 16, 2007. Copyright Notice Copyright (C) The Internet Society (2006). Abstract A conferencing system is defined by "A framework and Data Model for Centralized Conferencing" and represents a container for administering and managing all conference related information. The conference user concept is introduced in the framework to identify the entity participating in a conference and manipulating conferencing system related properties. This document defines a Conference User Identifier and syntax for identifying a specific Boulton & Barnes Expires April 16, 2007 [Page 1] Internet-Draft XCON User ID October 2006 conference user within a conferencing system. The document also describes the logical mapping of this conference user identifier to protocol and signaling interface specific user identifiers. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions and Terminology . . . . . . . . . . . . . . . . . . 3 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. User ID Mapping . . . . . . . . . . . . . . . . . . . . . . 6 4. Conference User Identifier Definition . . . . . . . . . . . . . 6 5. Conference User Distribution . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 7 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 9.1. Normative References . . . . . . . . . . . . . . . . . . . 7 9.2. Informative References . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7 Intellectual Property and Copyright Statements . . . . . . . . . . 9 Boulton & Barnes Expires April 16, 2007 [Page 2] Internet-Draft XCON User ID October 2006 1. Introduction This document defines a user identifier and syntax to identify a conference user within a conferencing system. A conferencing system is defined by "A framework and Data Model for Centralized Conferencing" [3] and represents a container for administering and managing all related information ranging from conference policy to conference instance management. Within a conferencing system it is useful to have the concept of a conference user. A conference user identifies the entity participating in a conference and attempting to manipulate conferencing system related properties. A centralized conference as defined in [3] is both signaling and protocol agnostic. However, users interface with the conferencing system using specific protocol and signaling interfaces. Each of these protocols/interfaces often define their own user identifier, which provides a contextual representation of who exactly is associated with a specific protocol or signaling interface. This document provides a top level common user identifier to associate these related protocol and interface user identifiers. It also provides guidelines on how this conferencing system wide user identifier can be used to derive a protocol or interface specific user. The centralised user management allows for control over uniqueness within a system. It also aids in the creation and management of conferencing system wide policies. 2. Conventions and Terminology In this document, BCP 14/RFC 2119 [1] defines the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL". In addition, BCP 15 indicates requirement levels for compliant implementations. This document uses the terminology defined in [3] and also defines the following additional terms: TODO : TODO. 3. Overview Each user within a conferencing system is allocated a unique Conference User Identifier. The conference user identifier is used in association with the conference object identifier defined in [TBD] and by the conference control protocol to uniquely identify a conference user within the scope of a conferencing system. The Boulton & Barnes Expires April 16, 2007 [Page 3] Internet-Draft XCON User ID October 2006 conference control protocol uses the conference user identifier to uniquely determine who is issuing commands. Appropriate policies can then be applied to the requested command. As with the conference object identifier, a number of supplementary user identifiers defined in other protocols are used within a conference instance. Such user identifiers can be associated with this conference user identifier and enable the conferencing system to correlate and map these multiple authenticated user identities to a single global user identifier. Figure 1 illustrates an example using the conference user identifier in association with the user identity defined for BFCP and SIP Digest user identity as defined in RFC3261[2], which would be used when SIP is the call signaling protocol. It should be noted that a conferencing system is free to structure such relationships as required and this information is just included as a guideline that can be used. +---------------+ | Conference | | User | | Identifier | +-------+-------+ | | | +---------------+---------------+ | | +-------+-------+ +-------+-------+ | BFCP | | SIP Digest | | 'UserID' | | Username | +---------------+ +-------+-------+ Figure 1: Conference User Identifier Within a conferencing system, a user is identified by a single conference user identifier. Any additional conferencing mechanisms that contain a protocol specific user ID can be associated with the conference user identifier, as illustrated in Figure 1. This mechanism allows conferencing systems to manage and relate system wide user identities in relation to specific conference objects and helps in the enforcement of system wide policies. The following example illustrates the representation and relationships that might occur in a typical conference instance. The Boulton & Barnes Expires April 16, 2007 [Page 4] Internet-Draft XCON User ID October 2006 table in Figure 2 lists a typical representation of User Identity hierarchy and association. +--------------------+--------------------+-------------------+--------------------+ | Conf User ID | BFCP User ID | SIP User ID | H323 User ID | +--------------------+--------------------+-------------------+--------------------+ | John | HK37ihdaj | 123674 | 928373 | +--------------------+--------------------+-------------------+--------------------+ Figure 2: User Identity Representation The information from Figure 2 can then be applied to the representation introduced in Figure 1. This results in Figure 3. +--------------+ | Conference | | User | | Identifier | +--------------+ | John | +------+-------+ | | | +---------------------+---------------------+ | | | +-------+--------+ +-------+-------+ +--------+-------+ | BFCP User ID | | SIP User ID | | H323 User ID | +----------------+ +---------------+ +----------------+ | HK37ihdaj | | 123674 | | 928373 | +----------------+ +-------+-------+ +----------------+ Figure 3: User ID Tree Representation Further elements can be added to the tree representation in Figure 3 to enable a complete representation of a conference instance within a conferencing system. If a conferencing system can guarantee that user identities for varying protocols can use one unique identifier across the whole system then this type of mechanism is not required. Some systems require more complex user identity association. For example, a SIP User dialing into a Conference might enter using a PIN code using Boulton & Barnes Expires April 16, 2007 [Page 5] Internet-Draft XCON User ID October 2006 DTMF. The PIN code would then be used to uniquely identify the conference user within the conferencing system. If a system wide conference user identifier is used it MUST comply to the syntax specified in Section 4 and used for various other protocols/ interfaces using the mapping rules defined in Section 3.1. 3.1. User ID Mapping [Editors Note: Strict mapping rules will be defined once Section 4 is completed]. 4. Conference User Identifier Definition This section provides the details for the definition of the Conference User Identifier. [Editors Note: Discussion is needed to work through the details including (not exclusively) consideration of the following: 1. How much normative detail do we need to include in this document for the conference user identifier? 2. Or are the details of the conference user identifier implementation specific and we just need to provide examples? 3. Does the definition require that the mapping to the user ids for other protocols be obvious (e.g., visibly derivable or would that be implementation specific? ]. 5. Conference User Distribution This section details the distribution of the conference user identifier to the conferencing clients. A typical mode for distributing the user identifer is out of band during conferencing client configuration, thus the mechanism is outside the scope of the centralized conferencing framework and protocols. However, a conferencing system should also be capable of allocating and distributing a user identifier during the first signaling interaction with the conferencing system, such as an initial request for blueprints or adding a new user to an existing conference. [Editor's Note: Further details will be added once there is resolution on some of the previous sections and more details defined for the conference control protocol.] Boulton & Barnes Expires April 16, 2007 [Page 6] Internet-Draft XCON User ID October 2006 6. Security Considerations Security Considerations to be included in later versions of this document. 7. IANA Considerations 8. Acknowledgments TODO. 9. References 9.1. Normative References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 9.2. Informative References [2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [3] Barnes, M., "A Framework and Data Model for Centralized Conferencing", draft-ietf-xcon-framework-05 (work in progress), September 2006. [4] Camarillo, G., "The Binary Floor Control Protocol (BFCP)", draft-ietf-xcon-bfcp-06 (work in progress), December 2005. [5] Camarillo, G., "Session Description Protocol (SDP) Format for Binary Floor Control Protocol (BFCP) Streams", draft-ietf-mmusic-sdp-bfcp-03 (work in progress), December 2005. Boulton & Barnes Expires April 16, 2007 [Page 7] Internet-Draft XCON User ID October 2006 Authors' Addresses Chris Boulton Ubiquity Software Corporation Building 3 Wern Fawr Lane St Mellons Cardiff, South Wales CF3 5EA Email: cboulton@ubiquitysoftware.com Mary Barnes Nortel 2201 Lakeside Blvd Richardson, TX Email: mary.barnes@nortel.com Boulton & Barnes Expires April 16, 2007 [Page 8] Internet-Draft XCON User ID October 2006 Full Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Boulton & Barnes Expires April 16, 2007 [Page 9]