forked from xsf/xeps
-
Notifications
You must be signed in to change notification settings - Fork 0
/
xep-0074.xml
168 lines (168 loc) · 7.03 KB
/
xep-0074.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>
<header>
<title>Simple Access Control</title>
<abstract>A simple protocol for querying information for permissions.</abstract>
&LEGALNOTICE;
<number>0074</number>
<status>Retracted</status>
<type>Standards Track</type>
<sig>Standards</sig>
<dependencies><spec>XEP-0030</spec></dependencies>
<supersedes/>
<supersededby/>
<shortname>sac</shortname>
<author>
<firstname>Justin</firstname>
<surname>Kirby</surname>
<email>justin@openaether.org</email>
<jid>zion@openaether.org</jid>
</author>
<revision>
<version>0.2</version>
<date>2003-10-20</date>
<initials>psa</initials>
<remark>At the request of the author, changed status to Retracted.</remark>
</revision>
<revision>
<version>0.1</version>
<date>2003-03-05</date>
<initials>jk</initials>
<remark>Initial version.</remark>
</revision>
</header>
<section1 topic='Introduction'>
<p>A Jabber travels further into the Jabber-as-Middleware world, it needs a protocol to determine "who can do what to whom". This proposal defines a protocol that enables any Jabber entity to determine the permissions of another Jabber entity, whether the context is a user JID querying a component for access, a client-to-client conversation, or a component asking another component about a request from a user.</p>
<p>All access control lists (ACLs) boil down to three aspects: Actor, Operation, and Target/Sink. With this in mind it becomes almost trivial to implement the basic query/response mechanism.</p>
<example caption="A simple query">
<![CDATA[
<iq to="security.capulet.com"
from="inventory.capulet.com"
type="get" id="1234">
<acl xmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison"/>
</iq>
]]>
</example>
<p>Here we have the inventory.capulet.com component querying the security component as to whether juliet@ may obtain the requested poison.</p>
<example caption="A response to the above query">
<![CDATA[
<iq to="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<acl xmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison">
<allowed/>
</acl>
</iq>
]]>
</example>
<p>Unfortunately, the response is in the affirmative and the romantic tragedy follows.</p>
</section1>
<section1 topic='A More Formal Tone'>
<p>The <acl> element provides the container for the query. It MUST have the three attributes: actor, oper, and target.</p>
<p>The actor attribute is set to the Jabber ID which is attempting to perform an operation. This need not be the JID sending the acl, although it may be. Remember this is to allow for the question, "Can X do Y to Z?", which is a question anyone can ask.</p>
<p>The oper attribute is application-specific and refers to the operation for which a permission check is required (e.g., read/write operations). This also defines the scope of the ACL check, so the implementation is responsible for interpreting the actor and target values based on the value of the 'oper' attribute.</p>
<p>The target is the object which the actor is trying to perform the operation on. This MUST be a node queryable via &xep0030;.</p>
<p>Requests MUST be in the form of an empty <acl/> element with ALL the attributes specified. If not all attributes are specified, the request is incomplete and ambiguities arise; therefore the entity receving the request MUST return a "bad request" error to the sender. </p>
<p>Responses MUST be in one of three forms: allowed, denied, error.</p>
<p>The response is inserted into the <acl/> as a child element. If the response is allowed, then <allowed/> is inserted. If the JID is denied then <denied/> is returned. If there is inadequate information then <error/> is used following the standard Jabber error scheme.</p>
<example caption='A positive response'>
<![CDATA[
<iq to="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<acl xmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison">
<allowed/>
</acl>
</iq>
]]>
</example>
<example caption='Negative response (denied)'>
<![CDATA[
<iq to="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<acl xmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison">
<denied/>
</acl>
</iq>
]]>
</example>
<example caption='Error response'>
<![CDATA[
<iq to="inventory.capulet.com"
from="security.capulet.com"
type="error" id="1234">
<acl xmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison"/>
<error code="404">No information available</error>
</iq>
]]>
</example>
</section1>
<section1 topic='Query List of ACL operations'>
<p>To obtain a list of acl operations that a jid supports, you must send an empty <query/> </p>
<example caption='querying for list of acl operations'>
<![CDATA[
<iq to="security.capulet.com"
from="inventory.capulet.com"
type="get" id="1234">
<query xmlns="http://jabber.org/protocol/sac"/>
</iq>
]]>
</example>
<p>The to jid must then respond with a list of operations, if the jid supports SAC.</p>
<example caption='response to the query'>
<![CDATA[
<iq to="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<query xmlns="http://jabber.org/protocol/sac">
<oper uri="uri://capulet.com/inventory#obtain"/>
<oper uri="uri://capulet.com/inventory#add"/>
<oper uri="uri://capulet.com/inventory#remove"/>
</query>
</iq>
]]>
</example>
</section1>
<section1 topic='Integrating with Service Discovery'>
<p>To follow.</p>
</section1>
<section1 topic='Security Considerations'>
<p>To follow.</p>
</section1>
<section1 topic='IANA Considerations'>
<p>This document requires no interaction with &IANA;.</p>
</section1>
<section1 topic='XMPP Registrar Considerations'>
<p>As a result of this document, the ®ISTRAR; will need to register the 'http://jabber.org/protocol/sac' namespace.</p>
</section1>
<section1 topic='Open Issues'>
<ol>
<li>Add disco integration section.</li>
<li>Fill out error codes.</li>
<li>Add DTD and Schema.</li>
<li>Allow for query of all allowable operations for actor in relation to a target.</li>
<li>Investigate possible integration with pubsub.</li>
</ol>
</section1>
</xep>