Common Policy: A Document Format for Expressing Privacy Preferences
RFC 4745
Document Type RFC - Proposed Standard (February 2007; Errata)
Authors John Morris  , Henning Schulzrinne  , Jonathan Rosenberg  , James Polk  , Jorge Cuellar  , Hannes Tschofenig 
Last updated 2020-01-21
Stream Internet Engineering Task Force (IETF)
Formats plain text html pdf htmlized (tools) htmlized with errata bibtex
Reviews
SECDIR Early Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4745 (Proposed Standard)
Action Holders
(None)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Cullen Jennings
Send notices to fluffy@cisco.com, mankin@psg.com, rg+ietf@qualcomm.com, andy@hxr.us
Email authors Email WG IPR 1 References Referenced by Nits 
Network Working Group                                     H. Schulzrinne
Request for Comments: 4745                                   Columbia U.
Category: Standards Track                                  H. Tschofenig
                                           Siemens Networks GmbH & Co KG
                                                               J. Morris
                                                                     CDT
                                                              J. Cuellar
                                                                 Siemens
                                                                 J. Polk
                                                            J. Rosenberg
                                                                   Cisco
                                                           February 2007

  Common Policy: A Document Format for Expressing Privacy Preferences

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   This document defines a framework for authorization policies
   controlling access to application-specific data.  This framework
   combines common location- and presence-specific authorization
   aspects.  An XML schema specifies the language in which common policy
   rules are represented.  The common policy framework can be extended
   to other application domains.

Schulzrinne, et al.         Standards Track                     [Page 1]
RFC 4745                     Common Policy                 February 2007

Table of Contents

   1. Introduction ....................................................3
   2. Terminology .....................................................4
   3. Modes of Operation ..............................................4
      3.1. Passive Request-Response - PS as Server (Responder) ........5
      3.2. Active Request-Response - PS as Client (Initiator) .........5
      3.3. Event Notification .........................................5
   4. Goals and Assumptions ...........................................6
   5. Non-Goals .......................................................7
   6. Basic Data Model and Processing .................................8
      6.1. Identification of Rules ....................................9
      6.2. Extensions .................................................9
   7. Conditions .....................................................10
      7.1. Identity Condition ........................................10
           7.1.1. Overview ...........................................10
           7.1.2. Matching One Entity ................................11
           7.1.3. Matching Multiple Entities .........................11
      7.2. Single Entity .............................................14
      7.3. Sphere ....................................................15
      7.4. Validity ..................................................16
   8. Actions ........................................................17
   9. Transformations ................................................18
   10. Procedure for Combining Permissions ...........................18
      10.1. Introduction .............................................18
      10.2. Combining Rules (CRs) ....................................18
      10.3. Example ..................................................19
   11. Meta Policies .................................................21
   12. Example .......................................................21
   13. XML Schema Definition .........................................22
   14. Security Considerations .......................................25
   15. IANA Considerations ...........................................25
      15.1. Common Policy Namespace Registration .....................25
      15.2. Content-type Registration for
            'application/auth-policy+xml' ............................26
      15.3. Common Policy Schema Registration ........................27
   16. References ....................................................27
      16.1. Normative References .....................................27
      16.2. Informative References ...................................28
   Appendix A. Contributors ..........................................29
   Appendix B. Acknowledgments .......................................29

Schulzrinne, et al.         Standards Track                     [Page 2]
RFC 4745                     Common Policy                 February 2007

1.  Introduction

   This document defines a framework for creating authorization policies
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools