protocol is not what uses the authorization policy -- it's the LIS
that uses the authorization policy. So maybe the phrase in question
would make more sense if it said, "A LIS functioning at one end of a
location configuration protocol may make use of an authorization model
known as 'LCP policy,' . . ."
Alissa
On Oct 14, 2009, at 1:26 PM, Marc Linsner wrote:
> Alissa,
>
> I don't disagree with this. But I view it a little differently. I
> view
> that there is a demark between the LCP and the policy engine, hence
> the LCP
> doesn't 'use' a particular policy. The LCP is simply the
> communication
> protocol that presents a location request to the policy engine.
> Hence, if,
> the LIS can authenticate a request as coming from a target by some
> other
> means, not using a LCP, the same 'LCP Policy' would be used. So,
> the policy
> isn't tied to the communication protocol, but in the case of a request
> coming in via a LCP, the process required to authenticate the
> requester as
> the target are taken care of by the communication protocol.
>
> If this makes any sense.....
>
> To carry this thought a little further. Someone *could* build a LS/
> LIS that
> includes a DHCP front-end, a SIP front-end, and a HELD front-end. Any
> request coming to this LS/LIS would be evaluated based on the
> protocol it
> arrived on, the authentication of the requester, and then a policy
> chosen
> that fits the posture of the request. Hence, a common policy engine
> that is
> demarked from the communication protocol.
>
> -Marc-
>
>
> On 10/13/09 4:16 PM, "Alissa Cooper" <acooper@cdt.org> wrote:
>
>> So am I right in thinking that if it said
>>
>>>> Location configuration protocols [can|may|might] make use of an
>>>> authorization model
>>>> known as "LCP policy,"
>>
>>
>> that would be better?
>>
>> Alissa
>>
>> On Oct 13, 2009, at 1:28 PM, Marc Linsner wrote:
>>
>>> Alissa,
>>>
>>>
>>> On 10/10/09 3:40 PM, "Alissa Cooper" <acooper@cdt.org> wrote:
>>>
>>>
>>>>
>>>> == Section 5 (based on text suggested below) ==
>>>>> The authorization model for a location configuration protocol
>>>>> assumes
>>>>> that the LR is also the Target, and that providing that LR with
>>>>> information
>>>>> about its own location is allowed. We call this property "LCP
>>>>> policy".
>>>>
>>>> Replace with:
>>>>
>>>> Location configuration protocols make use of an authorization model
>>>> known as "LCP policy," which permits only Targets to be the
>>>> recipients
>>>> of their own locations.
>>>>
>>>
>>> GeoPriv should not set-in-stone "LCP Policy". That's up to the
>>> RuleMaker.
>>> We can assume the RuleMaker's policy for a target knowing it's own
>>> location
>>> is different from a 3rd party policy, and we can posture the request
>>> as
>>> such, but as Laura Leiss has stated for a long time, the Rulemaker
>>> will
>>> ultimately decide whether a target will see it's own location or
>>> not.
>>>
>>> -Marc-
>>>
>>>
>>>
>>
>>
>> _______________________________________________
>> Geopriv mailing list
>> Geopriv@ietf.org
>> https://www.ietf.org/mailman/listinfo/geopriv
>
>
>
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
