<remark>At the request of the author, changed status to Retracted; interested parties should refer to <<linkurl="http://www.openaether.org/projects/sac.html">http://www.openaether.org/projects/sac.html</link>> for further information.</remark>
</revision>
<revision>
<version>0.1</version>
<date>2003-03-05</date>
<initials>jk</initials>
<remark>Initial version.</remark>
</revision>
</header>
<section1topic='Introduction'>
<p>A Jabber travels further into the Jabber-as-Middleware world, it needs a protocol to determine "who can do what to whom". This proposal defines a protocol that enables any Jabber entity to determine the permissions of another Jabber entity, whether the context is a user JID querying a component for access, a client-to-client conversation, or a component asking another component about a request from a user.</p>
<p>All access control lists (ACLs) boil down to three aspects: Actor, Operation, and Target/Sink. With this in mind it becomes almost trivial to implement the basic query/response mechanism.</p>
<examplecaption="A simple query">
<![CDATA[
<iqto="security.capulet.com"
from="inventory.capulet.com"
type="get" id="1234">
<aclxmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison"/>
</iq>
]]>
</example>
<p>Here we have the inventory.capulet.com component querying the security component as to whether juliet@ may obtain the requested poison.</p>
<examplecaption="A response to the above query">
<![CDATA[
<iqto="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<aclxmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison">
<allowed/>
</acl>
</iq>
]]>
</example>
<p>Unfortunately, the response is in the affirmative and the romantic tragedy follows.</p>
</section1>
<section1topic='A More Formal Tone'>
<p>The <acl> element provides the container for the query. It MUST have the three attributes: actor, oper, and target.</p>
<p>The actor attribute is set to the Jabber ID which is attempting to perform an operation. This need not be the JID sending the acl, although it may be. Remember this is to allow for the question, "Can X do Y to Z?", which is a question anyone can ask.</p>
<p>The oper attribute is application-specific and refers to the operation for which a permission check is required (e.g., read/write operations). This also defines the scope of the ACL check, so the implementation is responsible for interpreting the actor and target values based on the value of the 'oper' attribute.</p>
<p>Requests MUST be in the form of an empty <acl/> element with ALL the attributes specified. If not all attributes are specified, the request is incomplete and ambiguities arise; therefore the entity receving the request MUST return a "bad request" error to the sender. </p>
<p>Responses MUST be in one of three forms: allowed, denied, error.</p>
<p>The response is inserted into the <acl/> as a child element. If the response is allowed, then <allowed/> is inserted. If the JID is denied then <denied/> is returned. If there is inadequate information then <error/> is used following the standard Jabber error scheme.</p>
<examplecaption='A positive response'>
<![CDATA[
<iqto="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<aclxmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison">
<allowed/>
</acl>
</iq>
]]>
</example>
<examplecaption='Negative response (denied)'>
<![CDATA[
<iqto="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<aclxmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison">
<denied/>
</acl>
</iq>
]]>
</example>
<examplecaption='Error response'>
<![CDATA[
<iqto="inventory.capulet.com"
from="security.capulet.com"
type="error" id="1234">
<aclxmlns="http://jabber.org/protocol/sac"
actor="juliet@capulet.com/church"
oper="uri://capulet.com/inventory#obtain"
target="poison"/>
<errorcode="404">No information available</error>
</iq>
]]>
</example>
</section1>
<section1topic='Query List of ACL operations'>
<p>To obtain a list of acl operations that a jid supports, you must send an empty <query/></p>
<examplecaption='querying for list of acl operations'>
<![CDATA[
<iqto="security.capulet.com"
from="inventory.capulet.com"
type="get" id="1234">
<queryxmlns="http://jabber.org/protocol/sac"/>
</iq>
]]>
</example>
<p>The to jid must then respond with a list of operations, if the jid supports SAC.</p>
<examplecaption='response to the query'>
<![CDATA[
<iqto="inventory.capulet.com"
from="security.capulet.com"
type="result" id="1234">
<queryxmlns="http://jabber.org/protocol/sac">
<operuri="uri://capulet.com/inventory#obtain"/>
<operuri="uri://capulet.com/inventory#add"/>
<operuri="uri://capulet.com/inventory#remove"/>
</query>
</iq>
]]>
</example>
</section1>
<section1topic='Integrating with Service Discovery'>