[OpenSIPS-Users] Question Regarding Watchers table.

Adrian Georgescu ag at ag-projects.com
Wed Apr 21 16:24:05 CEST 2010


The problem with using inside XCAP documents references to external  
documents opens the can of worms of incorrect or purposely wrong  
provisioning that can lead to loops, denial of service attacks to name  
only a few obvious problems. If you trust a SIP UA to upload this  
information into your presence server in a public Internet scenario,  
it is a naive thing to do.

Secondly, the design of OpenSIPS will not allow you to fetch http  
documents from remote server in a non-blocking way. You server will  
get stuck when the url is not reachable quickly. The new design for  
2.0 will address this but it does not mean is a smart thing to do.

Though I am eager to follow standards as close as I can, getting close  
to these OMA specs are in no way something future proof or rock solid  
design wise. They seem to provide some answers for legitimate  
questions, while they do this by infinitely complicating things and  
introducing other elements that raise more questions.

If you want to go down the OMA path using Mercuro or other OMA client  
you must go an get some OMA compliant Presence Server and XCAP server  
instead of trying to use open source software that most of the time  
uses pure IETF specifications and work around  for what is not or is  
poorly specified.

Adrian

On Apr 21, 2010, at 3:48 PM, calment wrote:

>
>
> Laurent Etiemble wrote:
>>
>> This behavior is described in the "Implementation Guidelines for  
>> OMA XDM
>> v1.1"
>> (http://www.openmobilealliance.org/Technical/release_program/docs/CopyrightClick.aspx?pck=XDM_PRS_IMPL&file=V1_0-20080627-C/OMA-WP-XDM_1_1_Implementation_Guidelines-20080627-C.pdf 
>> ),
>> with some nice graphes in the appendixes. They recommend the use of  
>> lists
>> for RLS and Pres-Rules to avoid duplication and ease the grant of
>> services.
>>
>> Moreover, Mercuro is heavily based on the RCS specifications. In  
>> the "RCS
>> Release 3 Technical Realisation"
>> (http://www.gsmworld.com/documents/ 
>> Service_Realization_v1.0(1).pdf), you
>> will find that a RCS client should only modify the lists inside the
>> resource-lists document, once all documents have been created  
>> (chapter
>> 6.4.3 XML Document Handling).
>>
> Thanks a lot for those informations. I haven't read everythnig but I
> understand better the way it works. Actually, Mercuro Bronze does  
> not manage
> pres-rules despite it's annonced in
> http://www.mercuro.net/downloads/DataSheet_Mercuro.pdf
> http://www.mercuro.net/downloads/DataSheet_Mercuro.pdf . Or at least  
> it uses
> pres-rules once and then uses resource-list to manage presence  
> privacy.
>
>
> Adrian Georgescu wrote:
>>
>> However this requires processing in the server (potentially both  
>> Presence
>> Agent and XCAP) based on some heuristics criteria unless there is
>> something standardized about this behaviour.
>>
> I expect there is no such mechanisms in an openxcap-opensips  
> solution. :-(
> So, how should I make opensips aware of a change in xcap for that it  
> sends
> NOTIFY messages to both clients ?
>
>
> Adrian Georgescu wrote:
>>
>> Can you paste sample xcap files gnerated by your client?
>>
> Here is an extraction of the document (SELECT username, doc_type,  
> doc FROM
> xcap WHERE username='alice') related to Alice just after she accepts  
> in
> Mercuro to be viewed by Bob.
> The only modification done is Bob added in "all Contact" at first  
> and second
> line returned by mysql :
>
> | alice    |        4 | <?xml version="1.0" encoding="utf-8"?>
> <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists">
>  <list name="rcs">
>    <display-name>All Contacts</display-name>
>    <entry uri="sip:alice at open-ims.test" />
>    <entry uri="sip:bob at open-ims.test"
> xmlns="urn:ietf:params:xml:ns:resource-lists">
>     <display-name>bob</display-name>
>    </entry>
>  </list>
>  <list name="rcs_blockedcontacts">
>    <display-name>Blocked Contacts</display-name>
>  </list>
>  <list name="rcs_revokedcontacts">
>    <display-name>Revoked Contacts</display-name>
>  </list>
>  <list name="oma_allcontacts">
>    <display-name>OMA All Contacts</display-name>
>  </list>
>  <list name="oma_blockedcontacts">
>    <display-name>OMA Blocked Contacts</display-name>
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs_blockedcontacts%22%5D"
> />
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs_revokedcontacts%22%5D"
> />
>  </list>
>  <list name="oma_buddylist">
>    <display-name>OMA BuddyList</display-name>
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs%22%5D"
> />
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_pocbuddylist%22%5D"
> />
>  </list>
>  <list name="oma_grantedcontacts">
>    <display-name>OMA Granted Contacts</display-name>
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs%22%5D"
> />
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_buddylist%22%5D"
> />
>  </list>
>  <list name="oma_pocbuddylist">
>    <display-name>OMA POC BuddyList</display-name>
>  </list>
> </resource-lists> |
> | alice    |        4 | <?xml version="1.0" encoding="utf-8"?>
> <resource-lists xmlns:mp="urn:mercuro:params:xml:ns:properties"
> xmlns="urn:ietf:params:xml:ns:resource-lists">
>  <list name="rcs">
>    <display-name>All Contacts</display-name>
>    <entry uri="sip:alice at open-ims.test" /><entry
> xmlns:mp="urn:mercuro:params:xml:ns:properties" uri="sip:bob at open-ims.test 
> "
> xmlns="urn:ietf:params:xml:ns:resource-lists">
>  <display-name>bob</display-name>
>  <mp:prop name="group" value="rcs" />
>  <mp:prop name="display_name" value="bob" />
> </entry>
>  </list>
>  <list name="rcs_blockedcontacts">
>    <display-name>Blocked Contacts</display-name>
>  </list>
>  <list name="rcs_revokedcontacts">
>    <display-name>Revoked Contacts</display-name>
>  </list>
>  <list name="oma_allcontacts">
>    <display-name>OMA All Contacts</display-name>
>  </list>
>  <list name="oma_blockedcontacts">
>    <display-name>OMA Blocked Contacts</display-name>
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs_blockedcontacts%22%5D"
> />
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs_revokedcontacts%22%5D"
> />
>  </list>
>  <list name="oma_buddylist">
>    <display-name>OMA BuddyList</display-name>
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs%22%5D"
> />
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_pocbuddylist%22%5D"
> />
>  </list>
>  <list name="oma_grantedcontacts">
>    <display-name>OMA Granted Contacts</display-name>
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs%22%5D"
> />
>    <external
> anchor="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_buddylist%22%5D"
> />
>  </list>
>  <list name="oma_pocbuddylist">
>    <display-name>OMA POC BuddyList</display-name>
>  </list>
> </resource-lists> |
> | alice    |        8 | <?xml version="1.0" encoding="utf-8"?>
> <rls-services xmlns:rl="urn:ietf:params:xml:ns:resource-lists"
> xmlns="urn:ietf:params:xml:ns:rls-services">
>  <service uri="sip:alice at open-ims.test;pres-list=rcs">
>
> <resource-list>http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22rcs%22%5D</resource-list>
>    <packages>
>      <package>presence</package>
>    </packages>
>  </service>
>  <service uri="sip:alice at open-ims.test;pres-list=oma_buddylist">
>
> <resource-list>http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_buddylist%22%5D</resource-list>
>    <packages>
>      <package>presence</package>
>    </packages>
>  </service>
>  <service uri="sip:alice at open-ims.test;pres-list=oma_pocbuddylist">
>
> <resource-list>http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_pocbuddylist%22%5D</resource- 
> list>
>    <packages>
>      <package>presence</package>
>    </packages>
>  </service>
> </rls-services> |
> | alice    |        2 | <?xml version="1.0" encoding="utf-8"?>
> <cr:ruleset xmlns:op="urn:oma:xml:prs:pres-rules"
> xmlns:ocp="urn:oma:xml:xdm:common-policy"
> xmlns="urn:ietf:params:xml:ns:pres-rules"
> xmlns:cr="urn:ietf:params:xml:ns:common-policy">
>  <cr:rule id="wp_prs_allow_own">
>    <cr:conditions>
>      <cr:identity>
>        <cr:one id="sip:alice at open-ims.test" />
>      </cr:identity>
>    </cr:conditions>
>    <cr:actions>
>      <sub-handling>allow</sub-handling>
>    </cr:actions>
>    <cr:transformations>
>      <provide-services>
>        <all-services />
>      </provide-services>
>      <provide-persons>
>        <all-persons />
>      </provide-persons>
>      <provide-all-attributes />
>      <provide-devices>
>        <all-devices />
>      </provide-devices>
>    </cr:transformations>
>  </cr:rule>
>  <cr:rule id="rcs_allow_services_anonymous">
>    <cr:conditions>
>      <ocp:anonymous-request />
>    </cr:conditions>
>    <cr:actions>
>      <sub-handling>allow</sub-handling>
>    </cr:actions>
>    <cr:transformations>
>      <provide-services>
>        <all-services />
>      </provide-services>
>      <provide-persons>
>        <all-persons />
>      </provide-persons>
>      <provide-all-attributes />
>      <provide-devices>
>        <all-devices />
>      </provide-devices>
>    </cr:transformations>
>  </cr:rule>
>  <cr:rule id="wp_prs_unlisted">
>    <cr:conditions>
>      <ocp:other-identity />
>    </cr:conditions>
>    <cr:actions>
>      <sub-handling>confirm</sub-handling>
>    </cr:actions>
>  </cr:rule>
>  <cr:rule id="wp_prs_grantedcontacts">
>    <cr:conditions>
>      <ocp:external-list>
>        <ocp:entry
> anc="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_grantedcontacts%22%5D"
> />
>      </ocp:external-list>
>    </cr:conditions>
>    <cr:actions>
>      <sub-handling>allow</sub-handling>
>    </cr:actions>
>    <cr:transformations>
>      <provide-services>
>        <all-services />
>      </provide-services>
>      <provide-persons>
>        <all-persons />
>      </provide-persons>
>      <provide-all-attributes />
>      <provide-devices>
>        <all-devices />
>      </provide-devices>
>    </cr:transformations>
>  </cr:rule>
>  <cr:rule id="wp_prs_blockedcontacts">
>    <cr:conditions>
>      <ocp:external-list>
>        <ocp:entry
> anc="http://xcap.open-ims.test:8080/xcap-root/resource-lists/users/sip:alice@open-ims.test/index/ 
> ~~/resource-lists/list%5B at name=%22oma_blockedcontacts%22%5D"
> />
>      </ocp:external-list>
>    </cr:conditions>
>    <cr:actions>
>      <sub-handling>block</sub-handling>
>    </cr:actions>
>  </cr:rule>
> </cr:ruleset> |
>
> -- 
> View this message in context: http://n2.nabble.com/Question-Regarding-Watchers-table-tp3856740p4937077.html
> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>




More information about the Users mailing list