Common Policy: A Document Format for Expressing Privacy Preferences
RFC 4745
Document | Type | RFC - Proposed Standard (February 2007; Errata) | |
---|---|---|---|
Authors | John Morris , Henning Schulzrinne , Jonathan Rosenberg , James Polk , Jorge Cuellar , Hannes Tschofenig | ||
Last updated | 2020-01-21 | ||
Stream | Internet Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized with errata bibtex | ||
Reviews | |||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4745 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Cullen Jennings | ||
Send notices to | fluffy@cisco.com, mankin@psg.com, rg+ietf@qualcomm.com, andy@hxr.us |
Network Working Group H. Schulzrinne Request for Comments: 4745 Columbia U. Category: Standards Track H. Tschofenig Siemens Networks GmbH & Co KG J. Morris CDT J. Cuellar Siemens J. Polk J. Rosenberg Cisco February 2007 Common Policy: A Document Format for Expressing Privacy Preferences Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This document defines a framework for authorization policies controlling access to application-specific data. This framework combines common location- and presence-specific authorization aspects. An XML schema specifies the language in which common policy rules are represented. The common policy framework can be extended to other application domains. Schulzrinne, et al. Standards Track [Page 1] RFC 4745 Common Policy February 2007 Table of Contents 1. Introduction ....................................................3 2. Terminology .....................................................4 3. Modes of Operation ..............................................4 3.1. Passive Request-Response - PS as Server (Responder) ........5 3.2. Active Request-Response - PS as Client (Initiator) .........5 3.3. Event Notification .........................................5 4. Goals and Assumptions ...........................................6 5. Non-Goals .......................................................7 6. Basic Data Model and Processing .................................8 6.1. Identification of Rules ....................................9 6.2. Extensions .................................................9 7. Conditions .....................................................10 7.1. Identity Condition ........................................10 7.1.1. Overview ...........................................10 7.1.2. Matching One Entity ................................11 7.1.3. Matching Multiple Entities .........................11 7.2. Single Entity .............................................14 7.3. Sphere ....................................................15 7.4. Validity ..................................................16 8. Actions ........................................................17 9. Transformations ................................................18 10. Procedure for Combining Permissions ...........................18 10.1. Introduction .............................................18 10.2. Combining Rules (CRs) ....................................18 10.3. Example ..................................................19 11. Meta Policies .................................................21 12. Example .......................................................21 13. XML Schema Definition .........................................22 14. Security Considerations .......................................25 15. IANA Considerations ...........................................25 15.1. Common Policy Namespace Registration .....................25 15.2. Content-type Registration for 'application/auth-policy+xml' ............................26 15.3. Common Policy Schema Registration ........................27 16. References ....................................................27 16.1. Normative References .....................................27 16.2. Informative References ...................................28 Appendix A. Contributors ..........................................29 Appendix B. Acknowledgments .......................................29 Schulzrinne, et al. Standards Track [Page 2] RFC 4745 Common Policy February 2007 1. Introduction This document defines a framework for creating authorization policiesShow full document text