mirror of
https://github.com/moparisthebest/xeps
synced 2024-12-22 15:48:52 -05:00
Merge branch 'master' of athena.jabber.org:xmpp
This commit is contained in:
commit
ddfd186333
64
xep-0258.xml
64
xep-0258.xml
@ -15,8 +15,8 @@
|
|||||||
<header>
|
<header>
|
||||||
<title>Security Labels in XMPP</title>
|
<title>Security Labels in XMPP</title>
|
||||||
<abstract>This document describes the use of security labels in XMPP. The document
|
<abstract>This document describes the use of security labels in XMPP. The document
|
||||||
specifies how security label metadata is carried in XMPP, when this metadata
|
specifies how security label meta-data is carried in XMPP, when this meta-data
|
||||||
should or should not be provided, and how the metadata is to be processed.</abstract>
|
should or should not be provided, and how the meta-data is to be processed.</abstract>
|
||||||
&LEGALNOTICE;
|
&LEGALNOTICE;
|
||||||
<number>0258</number>
|
<number>0258</number>
|
||||||
<status>Experimental</status>
|
<status>Experimental</status>
|
||||||
@ -36,6 +36,12 @@
|
|||||||
<email>Kurt.Zeilenga@Isode.COM</email>
|
<email>Kurt.Zeilenga@Isode.COM</email>
|
||||||
<jid>Kurt.Zeilenga@Isode.COM</jid>
|
<jid>Kurt.Zeilenga@Isode.COM</jid>
|
||||||
</author>
|
</author>
|
||||||
|
<revision>
|
||||||
|
<version>0.9</version>
|
||||||
|
<date>2011-09-15</date>
|
||||||
|
<initials>kdz</initials>
|
||||||
|
<remark><p>Add optional from attribute to catalog element for S2S requests. Make editorial changes.</p></remark>
|
||||||
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.8</version>
|
<version>0.8</version>
|
||||||
<date>2011-08-11</date>
|
<date>2011-08-11</date>
|
||||||
@ -46,7 +52,7 @@
|
|||||||
<version>0.7</version>
|
<version>0.7</version>
|
||||||
<date>2011-03-08</date>
|
<date>2011-03-08</date>
|
||||||
<initials>kdz</initials>
|
<initials>kdz</initials>
|
||||||
<remark><p>Illustrate XEP 45 security label room configuration. Make clarifications and minor editorial changes.</p></remark>
|
<remark><p>Illustrate XEP Multi-User Chat room security label configuration. Make clarifications and minor editorial changes.</p></remark>
|
||||||
</revision>
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.6</version>
|
<version>0.6</version>
|
||||||
@ -106,7 +112,7 @@
|
|||||||
standardized formats for security labels, clearances, and security policy are
|
standardized formats for security labels, clearances, and security policy are
|
||||||
generalized and do have application in non-government networks.</p>
|
generalized and do have application in non-government networks.</p>
|
||||||
<p>This document describes the use of security labels in &xmpp;. The document specifies
|
<p>This document describes the use of security labels in &xmpp;. The document specifies
|
||||||
how security label metadata is carried in XMPP. It standardizes a mechanism for
|
how security label meta-data is carried in XMPP. It standardizes a mechanism for
|
||||||
carrying ESS Security Labels in XMPP, as well as provides for use of other label
|
carrying ESS Security Labels in XMPP, as well as provides for use of other label
|
||||||
formats. ESS Security Labels are specified in &rfc2634;. ESS Security Labels are
|
formats. ESS Security Labels are specified in &rfc2634;. ESS Security Labels are
|
||||||
commonly used in conjunction with &X.500; clearances and either X.841 or &SDN.801c;
|
commonly used in conjunction with &X.500; clearances and either X.841 or &SDN.801c;
|
||||||
@ -134,8 +140,8 @@
|
|||||||
]]></example>
|
]]></example>
|
||||||
<p>Note: The &IC-ISM; label example is for <em>illustrative purposes only</em>.</p>
|
<p>Note: The &IC-ISM; label example is for <em>illustrative purposes only</em>.</p>
|
||||||
|
|
||||||
<p>The document details when security label metadata should or should not be provided, and how
|
<p>The document details when security label meta-data should or should not be provided, and how
|
||||||
this metadata is to be processed.</p>
|
this meta-data is to be processed.</p>
|
||||||
|
|
||||||
<p>This document does not provide:
|
<p>This document does not provide:
|
||||||
<ul>
|
<ul>
|
||||||
@ -188,7 +194,7 @@
|
|||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='Protocol' anchor='protocol'>
|
<section1 topic='Protocol' anchor='protocol'>
|
||||||
<p>An element, &SECURITYLABEL;, is defined to carry security label metadata. This metadata
|
<p>An element, &SECURITYLABEL;, is defined to carry security label meta-data. This meta-data
|
||||||
includes a security label, zero or more equivalent security labels, and optionally display
|
includes a security label, zero or more equivalent security labels, and optionally display
|
||||||
marking data.</p>
|
marking data.</p>
|
||||||
<example caption="Labeled Message"><![CDATA[
|
<example caption="Labeled Message"><![CDATA[
|
||||||
@ -239,7 +245,7 @@
|
|||||||
fulfill the client's request.</p>
|
fulfill the client's request.</p>
|
||||||
<p>While this specification does not preclude a client from directing
|
<p>While this specification does not preclude a client from directing
|
||||||
a catalog request elsewhere, it is noted that catalog returned by
|
a catalog request elsewhere, it is noted that catalog returned by
|
||||||
a party other than its server may not be directly useable by the
|
a party other than its server may not be directly usable by the
|
||||||
client. For instance, the client's server might require a particular
|
client. For instance, the client's server might require a particular
|
||||||
only-locally-known label be used in messages to a particular remote
|
only-locally-known label be used in messages to a particular remote
|
||||||
JID.</p>
|
JID.</p>
|
||||||
@ -255,11 +261,11 @@
|
|||||||
sending a stanza without a label.</p>
|
sending a stanza without a label.</p>
|
||||||
<p>Each catalog provided should only contain labels for which the client
|
<p>Each catalog provided should only contain labels for which the client
|
||||||
is allowed to use (based upon the user's authorization) in a particular
|
is allowed to use (based upon the user's authorization) in a particular
|
||||||
context (such as in chatroom). A catalog may not be include the
|
context (such as in chat room). A catalog may not be include the
|
||||||
complete set of labels available for the use by the client in the
|
complete set of labels available for the use by the client in the
|
||||||
context.</p>
|
context.</p>
|
||||||
<blockquote>Note: the single catalog per context approach used here
|
<blockquote>Note: the single catalog per context approach used here
|
||||||
is likely inadequate in enviroments where there are a large number
|
is likely inadequate in environments where there are a large number
|
||||||
of labels in use. It is expected that a more sophisticated approach
|
of labels in use. It is expected that a more sophisticated approach
|
||||||
will be introduced in a subsequent revision of this
|
will be introduced in a subsequent revision of this
|
||||||
specification.</blockquote>
|
specification.</blockquote>
|
||||||
@ -308,7 +314,11 @@ selector-value = (<item>"|")*<item>
|
|||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
<p>The following example pair illustrates catalog discovery. Note that client directs the &IQ; to its server regardless of which catalog it requests (via the to= attribute of in &CATALOG; element).</p>
|
|
||||||
|
<p>The following example pair illustrates catalog discovery. The
|
||||||
|
client directs the &IQ; to its server regardless of which catalog
|
||||||
|
it requests via the to= attribute of in &CATALOG; element. The
|
||||||
|
client SHOULD NOT provide a from= attribute in the &CATALOG; element.</p>
|
||||||
|
|
||||||
<example caption="Label Catalog request"><![CDATA[
|
<example caption="Label Catalog request"><![CDATA[
|
||||||
<iq to='example.com' type='get' id='cat1'>
|
<iq to='example.com' type='get' id='cat1'>
|
||||||
@ -354,6 +364,15 @@ selector-value = (<item>"|")*<item>
|
|||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
Where the server needs to obtain a catalog from another server in order
|
||||||
|
to respond to its client, it can send an &IQ; to that server requesting
|
||||||
|
that catalog. The requesting server provides the bare JID of the
|
||||||
|
requesting user in the from= attribute in the &CATALOG; element when
|
||||||
|
it desires a catalog to be prepared specifically for the user.
|
||||||
|
Otherwise the from= attribute in the &CATALOG; element is absent.
|
||||||
|
</p>
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='Use in XMPP' anchor='xmpp-use'>
|
<section1 topic='Use in XMPP' anchor='xmpp-use'>
|
||||||
@ -389,7 +408,7 @@ selector-value = (<item>"|")*<item>
|
|||||||
absent.</p>
|
absent.</p>
|
||||||
<p>A client which receives a stanza with &SECURITYLABEL; element is to promiently
|
<p>A client which receives a stanza with &SECURITYLABEL; element is to promiently
|
||||||
display the &DISPLAYMARKING; value. A policy-aware may alternatively
|
display the &DISPLAYMARKING; value. A policy-aware may alternatively
|
||||||
promiently display the marking for the &LABEL; prescribed by the governing
|
prominently display the marking for the &LABEL; prescribed by the governing
|
||||||
policy.</p>
|
policy.</p>
|
||||||
<p>Each server is expected to make a number of sensitivity-based authorization
|
<p>Each server is expected to make a number of sensitivity-based authorization
|
||||||
decisions. Each decision is made by evaluating an Access Control Decision
|
decisions. Each decision is made by evaluating an Access Control Decision
|
||||||
@ -415,7 +434,7 @@ selector-value = (<item>"|")*<item>
|
|||||||
the ACDF with the user's clearance and a label associated with the service.
|
the ACDF with the user's clearance and a label associated with the service.
|
||||||
A clearance might also be associated with the service to restrict the set
|
A clearance might also be associated with the service to restrict the set
|
||||||
of labels may be used in labeling stanzas. Labels and clearances can also
|
of labels may be used in labeling stanzas. Labels and clearances can also
|
||||||
be associated with network interfaces, remote servers, chatrooms, pubsub
|
be associated with network interfaces, remote servers, chat rooms, pubsub
|
||||||
nodes.</p>
|
nodes.</p>
|
||||||
<section2 topic='Use in Instant Messaging' anchor='im-use'>
|
<section2 topic='Use in Instant Messaging' anchor='im-use'>
|
||||||
<p>A client may provide a &SECURITYLABEL; element in any &MESSAGE; it sends.</p>
|
<p>A client may provide a &SECURITYLABEL; element in any &MESSAGE; it sends.</p>
|
||||||
@ -435,13 +454,13 @@ selector-value = (<item>"|")*<item>
|
|||||||
<p>Clients SHOULD discover label feature and information on a per room basis.</p>
|
<p>Clients SHOULD discover label feature and information on a per room basis.</p>
|
||||||
</section3>
|
</section3>
|
||||||
<section3 topic='Sending Messages' anchor='muc-send'>
|
<section3 topic='Sending Messages' anchor='muc-send'>
|
||||||
<p>Sending groupchat messages is similiar to sending normal messages, however
|
<p>Sending groupchat messages is similar to sending normal messages, however
|
||||||
their are a few differences.</p>
|
their are a few differences.</p>
|
||||||
<p>Groupchat messages are addressed to the room. The room clearance must
|
<p>Groupchat messages are addressed to the room. The room clearance must
|
||||||
be suitable for the message label, else it should be rejected.</p>
|
be suitable for the message label, else it should be rejected.</p>
|
||||||
<p>The room's clearance may allow a variety of labels to be used. Not all
|
<p>The room's clearance may allow a variety of labels to be used. Not all
|
||||||
partipants may be cleared for all labels allowed in the room. The server
|
participants may be cleared for all labels allowed in the room. The server
|
||||||
MUST only deliver messages to partipants for which they are cleared to
|
MUST only deliver messages to participants for which they are cleared to
|
||||||
receive.</p>
|
receive.</p>
|
||||||
</section3>
|
</section3>
|
||||||
<section3 topic='Private Messages' anchor='muc-private'>
|
<section3 topic='Private Messages' anchor='muc-private'>
|
||||||
@ -540,7 +559,7 @@ selector-value = (<item>"|")*<item>
|
|||||||
protocol violation.</p>
|
protocol violation.</p>
|
||||||
<p>Presence information is subject to sensitivity-base authorization decisions,
|
<p>Presence information is subject to sensitivity-base authorization decisions,
|
||||||
however these decisions are made are made using a label associated with the
|
however these decisions are made are made using a label associated with the
|
||||||
presence resource, such as a chatroom's label.</p>
|
presence resource, such as a chat room's label.</p>
|
||||||
</section2>
|
</section2>
|
||||||
<section2 topic='Use in PubSub' anchor='pubsub-use'>
|
<section2 topic='Use in PubSub' anchor='pubsub-use'>
|
||||||
<section3 topic='Discovery' anchor='pubsub-disco'>
|
<section3 topic='Discovery' anchor='pubsub-disco'>
|
||||||
@ -622,7 +641,7 @@ And by opposing end them?
|
|||||||
<section1 topic='Extension Considerations' anchor='exts'>
|
<section1 topic='Extension Considerations' anchor='exts'>
|
||||||
<p>
|
<p>
|
||||||
This extension is itself is extensible. In particular, the &LABEL; and &EQUIVALENTLABEL;
|
This extension is itself is extensible. In particular, the &LABEL; and &EQUIVALENTLABEL;
|
||||||
elements are designed to hold a range of security labels formats. XML namespaces SHOULD
|
elements are designed to hold a range of security labels formats. XML name spaces SHOULD
|
||||||
be used to avoid name clashes.
|
be used to avoid name clashes.
|
||||||
</p>
|
</p>
|
||||||
</section1>
|
</section1>
|
||||||
@ -636,7 +655,7 @@ And by opposing end them?
|
|||||||
<p>This document is all about authorization, a key aspect of security. Hence,
|
<p>This document is all about authorization, a key aspect of security. Hence,
|
||||||
security considerations are discussed through this document.</p>
|
security considerations are discussed through this document.</p>
|
||||||
<p>Certain XMPP stanzas, such as &PRESENCE; stanzas, are not themselves subject
|
<p>Certain XMPP stanzas, such as &PRESENCE; stanzas, are not themselves subject
|
||||||
to any sensitity-based authorization decisions, and may be forwarded throughout
|
to any sensitivity-based authorization decisions, and may be forwarded throughout
|
||||||
the XMPP network. The content of these stanzas should not contain information
|
the XMPP network. The content of these stanzas should not contain information
|
||||||
requiring sensitivity-based dissemination controls.</p>
|
requiring sensitivity-based dissemination controls.</p>
|
||||||
<p>It is desirable to securely bind the security label to the object it labels.
|
<p>It is desirable to securely bind the security label to the object it labels.
|
||||||
@ -779,6 +798,12 @@ And by opposing end them?
|
|||||||
</xs:annotation>
|
</xs:annotation>
|
||||||
</xs:attribute>
|
</xs:attribute>
|
||||||
|
|
||||||
|
<xs:attribute name="from" type="xs:string">
|
||||||
|
<xs:annotation>
|
||||||
|
<xs:documentation>Target JabberId</xs:documentation>
|
||||||
|
</xs:annotation>
|
||||||
|
</xs:attribute>
|
||||||
|
|
||||||
<xs:attribute name="name" type="xs:string">
|
<xs:attribute name="name" type="xs:string">
|
||||||
<xs:annotation>
|
<xs:annotation>
|
||||||
<xs:documentation>Name</xs:documentation>
|
<xs:documentation>Name</xs:documentation>
|
||||||
@ -839,6 +864,7 @@ And by opposing end them?
|
|||||||
</xs:element>
|
</xs:element>
|
||||||
</xs:sequence>
|
</xs:sequence>
|
||||||
<xs:attribute ref="to" use="optional"/>
|
<xs:attribute ref="to" use="optional"/>
|
||||||
|
<xs:attribute ref="from" use="optional"/>
|
||||||
<xs:attribute ref="name" use="optional"/>
|
<xs:attribute ref="name" use="optional"/>
|
||||||
<xs:attribute ref="desc" use="optional"/>
|
<xs:attribute ref="desc" use="optional"/>
|
||||||
<xs:attribute ref="id" use="optional"/>
|
<xs:attribute ref="id" use="optional"/>
|
||||||
|
Loading…
Reference in New Issue
Block a user