cpl extensions jiri kuthan, gmd fokus [email protected] december 2000, 49th ietf iptel wg
TRANSCRIPT
CPL Extensions
Jiri Kuthan, GMD [email protected] 2000, 49th IETFiptel WG
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 2
Outline
AuthenticationAccess to external databasesNext steps?
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 3
#1 Authentication Support
Need to make call processing dependent on authentication information.
Example: one may want to relay calls to his cell phone only if originated by those in possession of valid credentials.
Solution: add authentication switching to CPL
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 4
CPL Authentication Example<auth-switch>
<not-present> <reject status="authentication_required" realm="access to John Doe's cell phone”
algorithm="digest"/> </not-present><failed>
<log comment="attention, authentication failed"/> <reject status="401" reason="authentication failed” />
</failed><auth is="[email protected]">
<proxy/></auth><otherwise>
<sub ref="voicemail" /></otherwise>
</auth-switch>
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 5
Current Status
There seems to be consensus on: the need for authentication switching the need to abstract from specific authentication mechanisms
Unresolved issues: On what information should be switched?
Resulting authentication status Authentication ID Authentication mechanism class
Should we develop support for portable credential databases? Useful to retain portability of CPL scripts using authentication
switching. If so, the consensus is to separate them from CPL scripts!
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 6
#2 External, Read-only, Database Access
Want to check a header field against a potentially huge list of values maintained by a third party.
Example: check From field against a list of well-known spam sources.
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 7
Alternatives
Solution #1: Route the call through the site maintaining the anti-spam list.
Solution #2: Query the anti-spam list if a caller is on the list. Better privacy -- the anti-spam site sees no
signaling. Explicit support in CPL needed.
Status: no conclusion on the mailing list
49th IETF Meeting draft-kuthan-iptel-cpl-auth-00.txt 8
Next Steps
Authentication Reach consensus on unresolved issues
(credentials, on what should be switched)
Generate syntax (switch, responses)? External Database Access