Internet DRAFT - draft-fujimoto-idip

draft-fujimoto-idip



INTERNET-DRAFT                                           Akinori Iwakawa
Expires: April 21, 2000                        Fujitsu Laboratories Ltd.
                                            Shingo Fujimoto, Dave Marvit
                                   Fujitsu Laboratories of America, Inc.
                                                            October 1999


              IDentity Infrastructure Protocol (IDIP)
                   draft-fujimoto-idip-02.txt

Status of this Memo


   This document is an Internet-Draft and is NOT offered in accordance
with Section 10 of RFC2026, and the author does not provide the IETF
with any rights other than to publish as an Internet-Draft

   Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months

and may be updated, replaced, or obsoleted by other documents at any
time.  It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

Abstract
The Identity Infrastructure Protocol (IDIP) is designed to support the
'IDentity Infrastructure' (IDI).  IDI provides users an abstracted
interface for searching, initializing, negotiating, starting, and
terminating personalized network services.


Table of Contents

1.       Introduction..............................................4
1.1      Overview..................................................4
1.2      Requirements..............................................5
1.3      Protocol framework........................................5


A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 1]


INTERNET-DRAFT                    IDIP                      October 1999


1.3.1    IDO.......................................................5
1.3.2    IDIP and IDIP connection..................................6
1.3.3    IDO server................................................6
1.3.4    IDO function..............................................6
1.3.5    Basic operation...........................................6
1.3.5.1  IDIP connection establishment.............................6
1.3.5.2  Getting list of IDO functions.............................7
1.3.5.3  Performing IDO function...................................7
1.3.5.4  Terminating IDO function..................................7
1.3.5.5  Clearing IDIP connection..................................7

2        Internal Protocols........................................8
2.1      Overview..................................................8
2.2      Function Enabler..........................................8
2.3      Function Provider.........................................9
2.4      IDI internal upward protocol and connection...............9
2.5      IDI internal downward protocol and connection............10
2.6      Overall operations including Internal Protocols..........10
2.6.1    Establish IDIiup connection..............................10
2.6.2    Add IDO function.........................................10
2.6.3    Establish IDIep connection...............................10
2.6.4    Get the list of IDO functions............................10
2.6.5    Request to perform an IDO function.......................11
2.6.6    Terminate the IDO function...............................11
2.6.7    Clear the IDIep connection...............................11
2.6.8    Delete IDO function......................................11
2.6.9    Disable IDO function.....................................12
2.6.10   Enable IDO function......................................12
2.6.11   Clear the IDIiup connection..............................12

3        Generic Grammar..........................................12
3.1      Augmented  BNF...........................................12
3.2      Basic Rules..............................................12

4        IDIP Messages............................................12

5        IDIP Parameters..........................................13
5.1      IDO-To and IDO-From......................................13
5.2      Content Type.............................................14
5.3      Content Length...........................................15
5.4      Accept Type..............................................15
5.5      IDIP Authenticate........................................15
5.5.1    Authenticate Style Option................................15
5.5.1a.  Style Basic..............................................15
5.6      Keyword..................................................16
5.7      Location.................................................16
5.8      FunctionId...............................................16
5.9      FEname...................................................16
5.10     Admitfrom and Denyfrom...................................17



A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 2]


INTERNET-DRAFT                    IDIP                      October 1999


6        IDI external protocol request............................17
6.1      IDIep-start-request......................................17
6.2      IDIep-list-request.......................................18
6.3      IDIep-call-request.......................................18
6.4      IDIep-kill-request.......................................18
6.5      IDIep-end-request........................................19

7        IDI external protocol responses..........................19
7.1      Successful response......................................19
7.2      Authentication error response............................19
7.3      Redirect response........................................20
7.4      No function available error response.....................20
7.5      Function not found error response........................20
7.6      Parameter not acceptable error response..................20

8        IDI internal upward protocol(IDIiup).....................20
8.1      IDIiup-login-request.....................................21
8.2      IDIiup-logout-request....................................21
8.3      IDIiup-start-request.....................................22
8.4      IDIiup-end-request.......................................22
8.5      IDIiup-list-request......................................22
8.6      IDIiup-call-request......................................22
8.7      IDIiup-kill-request......................................23
8.8      IDIiup-catch-request.....................................23
8.9      IDIiup-free-request......................................24
8.10     IDIiup-add-request.......................................24
8.11     IDIiup-delete-request....................................25
8.12     IDIiup-disable-request...................................25
8.13     IDIiup-enable-request....................................25
8.14     IDIiup-redirect-request..................................25

9        IDI internal upward protocol responses...................26
9.1      Successful response......................................26
9.2      Authentication error response............................26
9.3      No IDIiup connection response............................26
9.4      No IDIep connection response.............................26
9.5      IDO moved response.......................................27
9.6      IDO not found response...................................27
9.7      Function not launched error..............................27
9.8      Parameter not acceptable error...........................27
9.9      No function available error..............................27

10       IDI internal downward protocol requests..................28
10.1     IDIidp-list-request......................................28
10.2     IDIidp-call-request......................................28

11       IDI internal downward protocol responses.................29
11.1     Successful response......................................29
11.2     Authentication error response............................29
11.3     No function available error..............................29


A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 3]


INTERNET-DRAFT                    IDIP                      October 1999


11.4     Parameter not acceptable error...........................29

12       IDO function format......................................29
12.1     Overview of IDO function format..........................29
12.2     The Structure of IDO function format.....................30
12.3     Description of each elements and attributes..............30
12.3.1   The function element.....................................30
12.3.2   The name element.........................................30
12.3.3   The specification element................................30
12.3.3.1 The spec element.........................................31
12.3.4   The description element..................................31
12.3.5   The status element.......................................31
12.3.6   The item element.........................................31
12.3.6.1 The spec attribute.......................................31
12.3.7   The parameter element....................................31
12.3.8   The type attribute.......................................31
12.3.8.1 Attributes appears on request............................32
12.3.8.2 Attributes appears on response...........................32
12.3.8.3 Attributes appears on catalogue..........................32
12.3.9   The description attribute................................33

13       Examples.................................................33
13.1     Invocation for IRC chat channel..........................33

14       Security Considerations..................................40
14.1     Authentication...........................................40
14.2     Access Controls..........................................40

15       References...............................................40

16       Author's Addresses.......................................41


1 Introduction
1.1 Overview

   There has been a dramatic increase in personal expression and
communication over the Internet.  This includes chatting on IRC channels,
sharing user information by LDAP, writing and reading personal homepages
(using HTTP), sending instant messages with AOL's AIM, and so on.  Using
these services, users can get information about, and communicate with
one another.
   But there is a limitation. A user generally doesn't know what network
services are available to the person he or she wants to communicate with.
Users need to guess what services the other party might have before they
choose to communicate, or ask what services are available out of band
using natural language. (One example is an email asking for his or her
phone number.)
   Even if the user has succeeded in discovering the shared services,
additional information might be necessary. Discovering the information


A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 4]


INTERNET-DRAFT                    IDIP                      October 1999


may be difficult or impossible. For example, even if the user know that
the other user is able to communicate with IRC, an address of IRC server
, to which their IRC clients are commonly connected, is necessary to
communicate with an IRC chat channel because arbitrary two IRC servers
are not always able to communicate each other. And also, nickname of the
user, or channel name might be necessary because they are not always the
same.

   The IDentity Infrastructure (IDI) will provide users a method to
share information about the availability of services and the parameters
relevant to those services.  (Such as "I have a pager and here is the
number.")  The IDentity Infrastructure Protocol (IDIP) is an
application-layer protocol for searching, initializing, negotiating,
starting, and terminating these services.

   With IDI, an IDO (IDentity Object) manages an individual's services.
An IDO also manages information about what services are currently
available (or not), and information which is necessary to operate those
services. One can think of the IDO as a "Contact Point" for the user in
advance of employing each service.

   IDIP is used for communication between IDOs. The purpose of IDIP is
to share information about an individual's services.

1.2. Requirements
   In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" are to be interpreted as described in RFC 2119 [KEYWORDS] and
indicate requirement levels for compliant IDIP implementations.

1.3 Protocol framework

1.3.1	IDO

   IDOs are the basic components of IDI. Every IDI user has his or her
own IDO. An IDO manages access methods for various network services by
which the other user can communicate with or get information about the
owner of the IDO.  This method is called an "IDO function".  An IDO
function has some attributes which are unique to each user (nickname in
chat channel, for example), and which comprise the user's "identity".
An IDO provides the following functions in response to a request from
another IDO.

   1) Listing the IDO functions which are permitted to access for user
who has issued the request, along with the initial parameters, which
belong to an IDO.
   2) Starting an IDO function with a specified parameter.
   3) Terminating an IDO function.

   IDIP is used to transport these requests between IDOs.


A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 5]


INTERNET-DRAFT                    IDIP                      October 1999


1.3.2 IDIP and IDIP connection
   The IDIP protocol is based on a request/response paradigm (like HTTP).
However, unlike HTTP, IDIP maintains its connection unless the end-
request command is explicitly issued. This connection is called an IDIP
connection, depends on a virtual circuit connection.  The virtual
circuit runs over TCP (except if the two communicating IDOs are located
on the same host). All IDO communications MUST be passed on this
connection. This implies that an IDO cannot communicate with other IDO
to which the IDIP connection is not established.
   The IDIP connection is an asymmetric connection. A request is
transferred from the "Caller IDO" to "Callee IDO", and its response is
transferred back to the "Caller IDO". Here, "Caller IDO" refers to the
IDO which issued the request to establish the IDIP connection. "Callee
IDO" refers to the IDO which receives that request.
   The IDIP connection does not support multiplexing. For an IDO to
communicate multiple IDOs simultaneously, the IDO must establish a
separate IDIP connection with each IDO.
   The IDIP connection does not support request pipelining. A new
request must not be issued unless a response to the preceding request
has been returned.

                          ----->  IDIP request
      (Caller) IDO ===================================  (Callee) IDO
                |         <-----  IDIP response                   |
                |                                                 |
          IDO function                                     IDO function

1.3.3 IDO server
   An IDO server receives requests to establish IDIP connections and
serves the IDIP connections. Once an IDIP connection is established,
communication between IDOs takes place over the IDIP connection. The IDO
server listens for requests on well-known port which is allocated for
IDIP. IDO servers are specified in the host part of IDO address.

1.3.4 IDO function
   An IDO function is a logical entity which provides a service on an
IDO. The parameters of an IDO function are specified by the callee IDO
in response to the list request(1.3.5.2), or specified by caller IDO in
the call request (1.3.5.3). The parameters MAY be described by IDO
function format (see section 12).

1.3.5 Basic operation
   The operation of IDIP is classified into five phases. An IDO issues a
request in each phase.

1.3.5.1 IDIP connection establishment
   A caller IDO connects via a TCP connection to an IDO server and
issues a start request. The IDO server creates an IDIP connection to the
Callee IDO. The details of that request are described in section 6.1.



A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 6]


INTERNET-DRAFT                    IDIP                      October 1999


   IDO ----------------------->  IDO server ---->  IDO
       Request to establish IDIP connection

   IDO <-----------------------------------------  IDO
       Successful response

1.3.5.2 Getting list of IDO functions
   A caller IDO issues a list request to get the list of IDO functions.
The list of IDO functions MAY be described by an IDO function format as
defined in section 12. The details of that request are described in
section 6.2.

   IDO ----------------------------------------->  IDO
       Request list of IDO functions

   IDO <-----------------------------------------  IDO
       List of IDO functions

1.3.5.3 Performing IDO function
   A caller IDO issues a call request to perform the appropriate IDO
function. The parameters of the IDO function MAY be specified using the
IDO function format (section 12). The details of this request are
described in section 6.3.

   IDO ----------------------------------------->  IDO
       Request to perform an IDO function

   IDO <-----------------------------------------  IDO
       Successful response

1.3.5.4 Terminating IDO function
   The caller IDO issues a terminate request to terminate the IDO
function. The details of this request are described in section 6.4.

   IDO ----------------------------------------->  IDO
       Request to terminate the IDO function
   IDO <-----------------------------------------  IDO
       Successful response

1.3.5.5 Clearing IDIP connection
   A caller IDO issues an end request to clear the IDIP connection. The
details of the request are described in section 6.5.

   IDO ----------------------------------------->  IDO
       Request to clear the IDIP connection

   IDO <-----------------------------------------  IDO
       Successful response




A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 7]


INTERNET-DRAFT                    IDIP                      October 1999


2 Internal Protocols

2.1 Overview
   The IDI internal protocol is a protocol which is used for
communication between a Function Enabler (described below) and an IDO.
Though the specification of the IDI internal protocol is like IDIP, some
messages are augmented and the semantics or parameters of the messages
are different from those used for mutual communication between IDOs.
   To distinguish these differences, a protocol for communication
between an IDO and a Function Enabler is called "IDI Internal Protocol
(IDIip)". To make the distinction clear, when IDIP is used for
communication between IDOs it is called "IDI External Protocol (IDIep)".
   Because the purpose of a Function Enabler is different from that of
an IDO, and IDIP is an asymmetric protocol, IDIip is classified into two
protocols based upon its direction. IDI internal upward protocol (IDIiup)
is used for communication from a Function Enabler to an IDO, and IDI
internal downward protocol (IDIidp) is used for communication from an
IDO to a Function Enabler.


           +----------+    IDIep             +----------+
           |   IDO    |=====================>|   IDO    |
           +----------+                      +----------+
               /||                                ||
                || IDIiup                  IDIidp ||
                ||                                ||/
           +----------+                      +----------+
           | Function |                      | Function |
           | Enabler  |                      | Enabler  |
           +----------+                      +----------+
                || IDO function format            || IDO function format
           +----------+                      +----------+
           | Function |                      | Function |
           | Provider |                      | Provider |
           +----------+                      +----------+
             (Caller)                          (Callee)

2.2 Function Enabler

   Function Enablers have three purposes.

   1) Controlling the behavior of IDO
   Function Enablers can control the behavior of IDOs. For example, a
Function Enabler can make an IDO issue a start request to another IDO,
thereby inducing it to establish an IDIP connection. IDIiup is used for
this purpose.

   2) Add or delete an IDO function
   Function Enablers can add or delete IDO Functions. This specification
MAY be described in IDO function format (see section 11). Function


A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 8]


INTERNET-DRAFT                    IDIP                      October 1999


Enablers can also cancel, enable, and disable IDO functions. IDIiup is
also used for this purpose.

   3) Hosting IDO functions
   Function Enablers perform IDO functions upon request from an IDO.
IDIidp is used for this purpose.

2.3 Function Provider

   A Function Provider is an implementation of each IDO function.
Function Providers offer an abstracted interface for initializing,
negotiating, starting, and terminating each IDO function. This interface
MAY be an IDO function format as defined in section 12.
   A Function Provider is hosted by an IDO and a Function Enabler, and
referenced with a functionid parameter.

2.4 IDI internal upward protocol and connection
   The IDI internal upward protocol (IDIiup) is used for communication
from a Function Enabler to an IDO. As with the external protocol, IDIiup
is a connection-oriented protocol and its connection is called an IDIiup
connection. Every request from a Function Provider to an IDO, and the
associated response, MUST be transferred on the IDIiup connection. This
implies that the Function Enabler cannot communicate with an IDO unless
and until an IDIiup connection is established.
   The feature of an IDIiup connection is the same as an IDIP connection.
The IDO server listens for a request for connection on the well-know
port which is allocated for IDIiup.
   Note that single IDIiup connection can establish multiple IDIP
(external) connections, because the communication from Function Enabler
to the callee IDO is constructed from two independent connections
(IDIiup and IDIep). That is why the list, call, and kill requests of
IDIiup contain an "IDO-To" parameter.

          Callee                  Caller                  Callee
      +----------+    IDIep   +----------+   IDIep    +----------+
      |   IDO    |<===========|   IDO    |===========>|   IDO    |
      +----------+            +----------+            +----------+
                                  /||
                            IDIiup ||
                                   ||
                              +----------+
                              | Function |
                              | Enabler  |
                              +----------+

   IDI internal upward protocol (IDIiup) has three purposes:

   1) Controlling IDO behavior
      Using IDIiup, a Function Enabler can make an IDO operate the five
basic operations described in 1.3.5. Each IDIiup request is "proxied" by


A.Iwakawa, S.Fujimoto, D.Marvit                                 [Page 9]


INTERNET-DRAFT                    IDIP                      October 1999


the IDO and transferred towards the IDIep connection.

   2) Management of IDO functions
      Using IDIiup, a Function Enabler can add or delete IDO functions.
Because an IDO function is implemented as Function Provider, as
described in 2.3, the following attributes of the Function Provider must
be registered when Function Enabler adds the Function Provider to the
IDO. They are location, property, keywords, and Access Control List. The
details of this procedure are described in section 8.10 and 8.11.
      And also, a Function Enabler can make an IDO function available or
unavailable temporally. The details of this procedure are described in
section 8.12 and 8.13.

   3) Management of IDI internal downward connection
      In some cases such as when a Function Enabler is connected to the
Internet via dial-up PPP, it is difficult for IDO to control IDI
downward protocol connection described in 2.5. Therefore, the IDIidp
connection can be established or cleared using IDIiup. The details of
this procedure are described in chapter 8.8 and 8.9.

2.5 IDI internal downward protocol and connection
   This protocol is used for communication from an IDO to a Function
Enabler.
   If the IDO is located on outside of the firewall, and the Function
Enabler is inside of the firewall, then it is impossible to open up a
TCP connection from the IDO to the Function Enabler. Therefore, the
IDIidp connection can be set from either the IDO or the Function Enabler.
In the case where an IDIidp connection is established from a Function
Enabler, IDIiup is used for the procedure.

2.6 Overall operations including Internal Protocols

2.6.1 Establishing an IDIiup connection
   A Function Enabler issues an IDIiup-login-request to establish an
IDIiup connection between the Function Enabler and an IDO. The details
of the request are described in section 8.1.

2.6.2 Adding an IDO function
   A Function Enabler can issue an IDIiup-add-request to add an IDO
function to an IDO. The details of the request are described in section
8.10.

2.6.3 Establishing an IDIep connection
   A Function Enabler can issue an IDIiup-start-request to make an IDO
establish an IDIep connection. The IDO which receives this request
establishes an IDIep connection as described in section 1.3.5.1. The
details of the request are described in sections 6.1 and 8.2.

2.6.4 Getting the list of an IDO's functions
   A Function Enabler can issue an IDIiup-list-request to get the list


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 10]


INTERNET-DRAFT                    IDIP                      October 1999


of an IDO's functions. A Function Enabler MUST specify the callee IDO
using its IDO address and MAY specify some keywords to specify the IDO
function ("chat", "telephone", etc...). Then the request is
translated to an IDIep-list-request by the caller IDO and transferred to
the callee IDO.
   When the callee IDO receives the request, it will search the IDO
functions currently registered. If the Keywords parameter matches the
IDO function, and the caller IDO is allowed to access the IDO function
as determined by the ACLs, then the corresponding list of IDO functions
is returned to the original Function Enabler. The details of this
request are described in sections 6.2 and 8.5.

2.6.5 Request to perform the IDO function
   A Function Enabler can issue an IDIiup-call-request thereby inducing
an IDO to perform an IDO function. The Function Enabler MUST specify the
IDO function in the functionid parameter which was described in the
response to the list request.
   The initial parameter for an IDO function is specified by the
Function Provider and MAY be specified using the IDO function format.
The request is translated to IDIep-call-request by caller IDO and then
transferred to the callee IDO.
   When the callee IDO receives the request, the IDO tries to resolve
the Function Enabler by the functionid parameter specified in the
request. After the Function Enabler is successfully resolved, the IDO
issues an IDIidp-call-request to the Function Enabler.
   A Function Enabler resolves the Function Provider by the functionid
parameter, and if the Function Provider is successfully resolved, the
Function Enabler executes the Function Provider with the parameter
specified in IDIP-data of the request. This specification MAY be the IDO
function format as described in section 12.
   The Function Provider checks the parameters and returns the result of
the request to the Function Enabler. The Function Enabler then
translates this result to an IDIP-response and returns it to the
original Function Enabler via the callee IDO and caller IDO.
   The details of this request are described in sections 6.3, 8.6 and
10.2.

2.6.6 Terminate the IDO function
   A Function Enabler issues an IDIiup-kill-request to make an IDO
terminate the corresponding IDO function. The details of this request
are described in sections 6.4 and 8.7.

2.6.7 Clear the IDIep connection
   A Function Enabler issues an IDIiup-end-request to make an IDO clear
the IDIep connection. The details of this request are described in
section 8.4.

2.6.8 Delete IDO function
   A Function Enabler issues an IDIiup-delete-request to delete an IDO
function from an IDO. The syntax of the IDIiup-delete-request is


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 11]


INTERNET-DRAFT                    IDIP                      October 1999


described in detail in section 8.11.

2.6.9 Disable IDO function
   A Function Enabler issues an IDIiup-disable-request to disable an IDO
function. Once the IDO function was disabled, the IDO function will not
appear in the list returned in response to the list request.

2.6.10 Enable IDO function
   A Function Enabler issues an IDIiup-enable-request to enable an IDO
function. Once an IDO function becomes enabled it will appear in the
list of IDO functions returned in response to the list request.

2.6.11 Clear the IDIiup connection
   A Function Enabler issues IDIiup-logout-request to clear an IDIiup
connection. The details of this request are described in section 8.2.
Note that this request does not delete an IDO function or terminate an
IDO function implicitly.


3 Generic Grammar
3.1 Augmented  BNF

   All of the mechanisms specified in this document are described in
both prose and an augmented Backus-Naur Form (BNF) which is the same as
is used in HTTP1.1 [HTTP1.1].

3.2 Basic Rules

   The rules used to describe the basic parsing constructs of this
specification is almost the same as in HTTP1.1 [HTTP1.1].

4 IDIP Messages

  IDIP-message = IDIP-Request | IDIP-Response

  IDIP-request = IDIP-command IDIP-parameters CRLF IDIP-data

               = IDIep-request | IDIiup-request | IDIidp-request


  IDIP-response = IDIP-status IDIP-parameters CRLF IDIP-data

                = IDIep-response | IDIiup-response | IDIidp-response

  IDIP-parameters = *(IDIP-parameter CRLF)

  IDIP-status = status-code SP status-description CRLF

  Status-codes and status-descriptions are commonly used in IDIep,
IDIiup, IDIidp. The list of status-codes and status-descriptions are


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 12]


INTERNET-DRAFT                    IDIP                      October 1999


given below. The semantics and details of the parameters are given
separately in sections 6,8,and 10.

   status-code   = success       ; 1xx
                 | client-error  ; 2xx
                 | server-error  ; 3xx
                 | generic-error ; 4xx

   success           = "100" ; OK

   client-error      = "201" ; Authentication Error
                     | "202" ; Request Denied
                     | "203" ; Function Not Launched
                     | "204" ; Parameter Not Acceptable
                     | "205" ; Launch Failed
                     | "206" ; Bad Request
   server-error      = "301" ; Invalid Callee
                     | "302" ; Server Internal Error
                     | "303" ; No Function Available
                     | "304" ; Cannot Provide Acceptable Data
                     | "305" ; Server Timeout
                     | "306" ; IDO Moved
                     | "307" ; Function Busy
                     | "308" ; IDO Not Found
                     | "309" ; No IDIep Connection
                     | "310" ; No IDIiup Connection
                     | "311" ; No IDIidp Connection

   generic-error     = "401" ; Unknown Error

   status-description  = 1*TEXT

5 IDIP Parameters

   IDIP-parameter = IDO-To
                  | IDO-From
                  | content-type
                  | content-length
                  | accept-type
                  | IDIP-authenticate
                  | location
                  | keyword
                  | functionid
                  | FEname
                  | admitfrom
                  | denyfrom


5.1 IDO-To and IDO-From



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 13]


INTERNET-DRAFT                    IDIP                      October 1999


   IDO-To         = "To:" SP IDO-Address

   IDO-From       = "From:" SP IDO-Address

   IDO-Address    = identity_name ["@" host [":" port]]

   identity_name  = 1 * <CHAR except "@">

   host           = <FQDN or IP address (in dotted-decimal form),
                    as defined by Section 2.1 of RFC 1123>

   port           = DIGIT


   There is no limitation on the length of an IDO-Address.  However, an
IDO MUST accept IDO Addresses of at least 1024 characters.
   An IDO server must listen for TCP connections from IDOs and Function
Enablers on the host specified in the host part of the IDO-Address. The
port number is specified in the port part of the IDO address. If the
port is empty or not defined then the default IDI(ep,iup,idp) port is
assumed.

5.2 Content Type

   The content type parameter can be used to indicate the media type of
IDIP-data.

   content-type   = "Content-Type:" SP media-type

   IDIP uses Internet Media Types [MEDIA TYPE] in the Content-Type
parameter or Accept-Type parameter to provide open and extensible data
typing.

   media-type     = type "/" subtype *( ";" parameter )

   type           = token

   subtype        = token

   parameter      = attribute "=" value

   attribute      = token

   value          = token | quoted-string

   The type, subtype, and parameter attribute names are
case-insensitive. Parameter values may or may not be case-sensitive,
depending on the semantics of the parameter name.




A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 14]


INTERNET-DRAFT                    IDIP                      October 1999


5.2.1 Multipart Types

  In IDIP, content type "multipart/mixed" MAY be used to transfer
multiple lists of IDO functions. Though the syntax of the multipart type
is the same as defined in MIME [MEDIA TYPE], IDIP-parameters SHOULD be
included in the body-part of each enclosed entity in IDIP.

5.3 Content Length

   The Content Length parameter indicates the number of bytes in IDIP-
data.  All IDIP requests and responses MUST include a Content Length
parameter.

  content-length = "Content-Length:" SP 1*DIGIT

   An example is

       Content-Length: 1024

5.4 Accept Type

   The Accept-Type parameter can be used to indicate a media type which
is acceptable as a response to a request. This parameter may appear
multiple times to indicate a list of media.

   accept-type       = "Accept-Type:" SP media-type

5.5 IDIP Authenticate

   The IDIP-Authenticate parameter specifies the style of authentication
parameters.

   IDIP-authenticate = "IDIP-Authenticate:" SP auth-options

   auth-options      = option *(";" option )

   option 		  = authenticate-style

5.5.1 Authenticate Style Option

   The authenticate style option indicates which authentication style
is used. Currently only "style basic" is defined.

   authenticate-style = "style" "=" value

5.5.1a. Style Basic

   This style provides 'password' authentication. The IDIP-body is used
to send password data.



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 15]


INTERNET-DRAFT                    IDIP                      October 1999


5.6  Keyword

   The keyword parameter is used to specify an IDO function in the DIP-
list-request. Also, this parameter is used to register the keyword of
IDO function in IDIiup-add-request. The keyword parameter MAY be
specified with a set of key strings and word strings delimited by an "="
character.
   To specify multiple keywords, multiple keyword parameters should be
specified in the IDIP-request. If the multiple Keyword parameters are
used to specify IDO functions in IDIP-list-request, the conditions  are
assumed to be the logical AND of each parameter.

   keyword      = "Keywords:" SP IDIP-keyword

   IDIP-keyword = [key "="] word CRLF

   key          = token

   word         = token

5.7  Location

   The location parameter is used to specify the IDO-Address of an IDO
which has changed its IDO-Address. This parameter specifies a new
IDO-Address in IDIiup-redirect-request and response to the IDI(ep,iup)-
start-request.

   location     = "Location:" SP location

   location     = IDO-Address

5.8 Functionid

    The functionid parameter is used to specify the IDO function.
Functionid is given by an IDO when a Function Enabler issues an add
request to the IDO. The Function Enabler gets a FunctionId as a response
to the add request.

   functionid   = "FunctionId:" SP functionId

   FunctionId   = DIGIT

5.9 FEname

    The FEname parameter specifies an "alias" of Function Enabler. The
FEname parameter is not necessary the same as the IDO address of the
Function Enabler.
    FEname is specified by the Function Enabler in IDIiup-login-request
(see 8.1).



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 16]


INTERNET-DRAFT                    IDIP                      October 1999


   FEname       = token

5.10 Admitfrom and denyfrom

   The admitfrom parameter and denyfrom parameter are used to specify
the access control for an IDO function. These parameters are described
in IDIiup-add-request. Access control is applied to the IDO specified by
IDO-Address, or to the group specified by groupid.
   The admitfrom parameter specifies the IDO or group granted access to
the corresponding IDO function.
   The denyfrom parameter specifies the IDO or group denied access to
the corresponding IDO function.

   admitfrom    = "Admit-from:" groupId | IDOaddress *(","  IDOaddress )

   denyfrom     = "Deny-from:" groupId | IDOaddress *(","  IDOaddress )

   If the host part of an IDO address is not specified, the host is
assumed to be the host to which this IDO belongs.

   Groupid is a ensemble of IDO addresses and has the following syntax.

   groupId = "#" atom

   The procedure to register the groupid is not specified by IDIP.


6 IDI external protocol request

  IDIP-request = IDIP-command IDIP-parameters CRLF IDIP-data

  IDIP-parameters = *(IDIP-parameter CRLF)


   IDIP-command  =  IDIep-start-request      ;6.1
                   |IDIep-list-request       ;6.2
                   |IDIep-call-request       ;6.3
                   |IDIep-kill-request       ;6.4
                   |IDIep-end-request        ;6.5

  There are some IDIP-parameters commonly necessary for an IDIep request
and response. These parameters are:

  Content-Type:  Media type of IDIP-data.
  Content-Length: Data length of IDIP-data in bytes.
  Note that if request does not contain any IDIP-data, Context-Length
MUST be set to 0 and Content-Type MUST not appear in the request. These
parameters are not described explicitly in the description below.

6.1  IDIep-start-request


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 17]


INTERNET-DRAFT                    IDIP                      October 1999


Headers:
   IDIP-command       : "START" CRLF
   IDIP-parameter     :
      IDO-From:            IDO-address of the IDO which issued this
                          request
      IDO-To  :            IDO-address of the IDO which will receive
                          this request
      [IDIP-authenticate:  Data scheme of authentication information]
   IDIP-data          :[Authentication information]

description:
   Request IDO server to establish an IDIep connection between *this*
IDO and the IDO which is specified by the IDO-To parameter.
   TCP connection on which this command has issued will be the IDIep
connection.


6.2  IDIep-list-request

   IDIP-command       : "LIST" CRLF
   IDIP-parameter     :
      [functionid]
      [keyword]

description:
  Request IDO a list of IDO functions in IDO function format. The format
of the IDO function is described in section 12. Keywords may be
specified to select IDI services. If the functionId is specified, the
appropriate IDI-function should be returned.
  The multiple list of IDO functions is returned using multipart MIME
type with a "mixed" subtype. In this case each body-part of the
multipart MUST contain a FEname parameter and a functionid parameter.

6.3 IDIep-call-request

   IDIP-command       : "CALL" CRLF
   IDIP-parameter     :
      functionid
   IDIP-data          : [IDO function format]

description:
  Request to execute an IDO function as specified by the functionid
parameter.


6.4 IDIep-kill-request

   IDIP-command       : "KILL" CRLF
   IDIP-parameter     :
      functionid


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 18]


INTERNET-DRAFT                    IDIP                      October 1999


   IDIP-data          : [IDO function format]

description:
  Request to terminate an IDO function specified by functionid parameter.


6.5 IDIep-end-request

   IDIP-command     : "END" CRLF

description :
  Request to clear the IDIep connection.


7 IDI external protocol responses

  IDIep-response = status IDIP-parameters CRLF IDIP-data

                 = Successful response                      ; 7.1
                 | Authentication error response            ; 7.2
                 | Redirect response                        ; 7.3
                 | No function available error response     ; 7.4
                 | Function not found error response        ; 7.5
                 | Parameter not acceptable error response  ; 7.6


7.1 Successful response

   status-code        : 100
   status-description : OK
   IDIP-data          : [IDO function format]

description:
  The specified IDIep request was successful. The IDO function format
MAY be contained in IDIP-data in the response to the list request or the
call request.
  If the IDIP-data contains multiple lists of IDO function, it MUST be
described using the multipart style(5.2.1).

7.2 Authentication error response

   status-code        : 201
   status-description : Authentication Error
   IDIP-data          :

description:
  The specified IDIep request failed because of an authentication
failure.




A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 19]


INTERNET-DRAFT                    IDIP                      October 1999


7.3 Redirect response

   status-code        : 306
   status-description : IDO Moved
   IDIP-parameter     :
      location:  IDOaddress to which the specified IDO moved.


description:
  The specified IDO has moved to the IDO-address specified in the
Location parameter. This response exists exclusively for IDIep-start
requests.

7.4 No function available error response

   status-code        : 303
   status-description : No Function Available

description:
  The specified keywords did not match any IDO services. If the keyword
is not specified, this result indicates that no IDO function is
available.
  This response is only returned to IDIep-list requests and IDIep-call-
requests.


7.5 Function not launched error response

   status-code        : 203
   status-description : Function Not Launched
   IDIP-data          : [IDO function format]

description:
  The specified IDI service is not acceptable because of an uncertain
error. This response is only returned to the IDIep-call-request.

7.6 Parameter not acceptable error response

   status-code        : 204
   status-description : Parameter Not Acceptable
   IDIP-data          : [IDO function format]

description:
  The specified IDI service is not acceptable with the specified IDI-
function. This response is only returned to the IDIep-call-request.


8 IDI internal upward protocol(IDIiup)
 requests and responses



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 20]


INTERNET-DRAFT                    IDIP                      October 1999


   IDIiup-Request  = IDIiup-login-request     ;8.1
                    |IDIiup-logout-request    ;8.2
                    |IDIiup-start-request     ;8.3
                    |IDIiup-end-request       ;8.4
                    |IDIiup-list-request      ;8.5
                    |IDIiup-call-request      ;8.6
                    |IDIiup-kill-request      ;8.7
                    |IDIiup-catch-request     ;8.8
                    |IDIiup-free-request      ;8.9
                    |IDIiup-add-request       ;8.10
                    |IDIiup-delete-request    ;8.11
                    |IDIiup-disable-request   ;8.12
                    |IDIiup-enable-request    ;8.13
                    |IDIiup-redirect-request  ;8.14

  There are some IDIP-parameters commonly necessary for IDIiup request
and response. These parameters are
  Content-Type:  Media type of IDIP-data.
  Content-Length: Data length of IDIP-data in bytes.
  Note that if requests do not contain any IDIP-data, Context-Length
MUST be set to 0 and Content-Type MUST not appear in the request. These
parameters are not described explicitly in the description below.

8.1 IDIiup-login-request

format:
   IDIP-command       : "LOGIN" CRLF
   IDIP-parameter     :
      IDO-From:            IDO-Address of the Function Enabler which
                          issued this request
      IDO-To  :            IDO-Address of the IDO which will receive
                          this request
      FEname  :            Name of Function Enabler
      [IDIP-authenticate:  Data scheme of authentication information]
   IDIP-data          :[authentication information]

description:
   Request that the IDO establish an IDIiup connection from the Function
Enabler which is specified in the IDO-From parameter, to the IDO which
is specified in the IDO-To parameter.
   The TCP connection on which this command has been issued will be the
IDIiup connection.

8.2 IDIiup-logout-request
format:
   IDIP-command       : "LOGOUT" CRLF

description:
  Request that the IDO clear the IDIiup connection.



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 21]


INTERNET-DRAFT                    IDIP                      October 1999


8.3 IDIiup-start-request


   IDIP-command       : "START" CRLF
   IDIP-parameter     :
      IDO-To  :            IDO-address of IDO to which the IDIep
                          connection connected
      [IDIP-authenticate:  Data scheme of authentication information]
   IDIP-data          : [authentication information]

description:
  Request that the IDO establish an IDIep connection to the IDO which is
specified by the IDO-To parameter.


8.4 IDIiup-end-request

   IDIP-command       : "END" CRLF
   IDIP-parameter     :
      IDO-To:              The IDO address of the IDO which will have
                          its IDIep connection cleared

description:
  Request that the IDO clear the IDIep connection to the IDO which is
specified by IDO-To parameter.


8.5 IDIiup-list-request

   IDIP-command       : "LIST" CRLF
   IDIP-parameter     :
      IDO-To  :            IDO address of the IDO which will receive
                          this request
      [keyword]
      [functionid]

description:
  Request that the IDO issue the IDIep-list-request to the IDO specified
by the IDO-To parameter. The request MAY include the keyword parameter,
or functionid parameter.
  If there is no IDO-To parameter in the request, the request is assumed
to apply to the IDO to which this IDIiup connection is connected.
  If the IDO has no IDIep connection to the IDO which is specified in
IDO-To parameter, "no IDIep connection" error response is returned.


8.6 IDIiup-call-request

   IDIP-command       : "CALL" CRLF
   IDIP-parameter     :


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 22]


INTERNET-DRAFT                    IDIP                      October 1999


      IDO-To:              IDO address to which the IDIep request will
                          be issued
      functionid
   IDIP-data          : [IDO function format]

description:
  Request that the IDO issue IDIep-call-request to the IDO specified by
the IDO-To parameter. IDO function is specified by functionid parameter.
  If the IDO has no IDIep connection to the IDO which is specified in
IDO-To parameter, "no IDIep connection" error response is returned.


8.7 IDIiup-kill-request

   IDIP-command       : "KILL" CRLF
   IDIP-parameter     :
      IDO-To:              IDO address to which the IDIep request will
                          be issued
      functionid
   IDIP-data          : [IDO function format]

description:
  Request that the IDO terminate the IDO function specified by the
functionId parameter.


8.8 IDIiup-catch-request

   IDIP-command       : "CATCH" CRLF
   IDIP-parameter     :
      IDO-From:            IDO-address of Function Enabler which
                          issued this request
      IDO-To  :            IDO-address of IDO which will receive this
                          request
      [IDIP-authenticate:  Data scheme of authentication information]
      [Callback:           host [:port]]
   IDIP-data          :[authentication information]

description:
   Request that the IDO establish an IDIidp connection from the IDO
which specified by the IDO-To parameter to the Function Enabler which is
specified by IDO-From parameter.
   If the "Callback:" parameter is specified, request that the IDO
establish the TCP connection to the specified port of specified host.
The host parameter is presented by FQDN or IP address in dot decimal.
   If the "Callback:" parameter is not specified, this TCP connection
will be an IDIidp connection.

   Note: The "Callback:" parameter is not supported for the time being,
because of authentication problems.


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 23]


INTERNET-DRAFT                    IDIP                      October 1999


8.9 IDIiup-free-request

   IDIP-command       : "FREE" CRLF

description:
  Request that the IDO clear the IDIidp connection between the IDO and
this Function Enabler.


8.10 IDIiup-add-request

   IDIP-command       : "ADD" CRLF
   IDIP-parameter     :
      keyword:
      [functionid]
      [admitfrom:  groupId | IDO address *("," IDO address )]
      [denyfrom:   groupId | IDO address *("," IDO address )]
   IDIP-data          : [IDO function format]

description:
  Request IDO to add an IDO function.
  The location of the Function Provider is regarded as the location of
the Function Enabler which issued this request.
  A property of IDO function MAY be described using IDO function format
described in section 12. This property is transferred as IDIP-data of
the request.
  The keyword parameter is keywords of the IDO function (see 5.6).
  The admitfrom parameter and denyfrom parameter are used to set ACLs of
this IDO function (see 5.10). The condition specified by these parameter
follows the following rules.

  o If the same user or group is specified in multiple admit/denyfrom
parameters, the condition specified by later parameter has higher
priority.
  o If the admitfrom parameter appears prior to denyfrom-parameter or no
denyfrom-parameter is specified in the request, IDO MUST treat that deny
request from every IDO, as an initial access control. After that, the
conditions specified by admitfrom/denyfrom parameters are applied.
  o If the denyfrom parameter appears prior to admitfrom-parameter or no
admitfrom-parameter is specified in the request, IDO MUST treat that
admit request from every IDO, as an initial access control. After that,
the conditions specified by admitfrom/denyfrom parameters are applied.
  o If the request contains neither admitfrom-parameter nor denyfrom-
parameter, the IDO function MUST accept request from every IDO.

  If the FunctionId-parameter is specified, every attribute of the
corresponding IDO function MUST be replaced by following admitfrom
parameter, denyfrom parameter, keyword parameter, and properties
contained in IDIP-data.
  If there is no IDIP-data part in this request, Function Enabler


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 24]


INTERNET-DRAFT                    IDIP                      October 1999


requests IDO to transfer IDIep-list-request to this Function Enabler via
IDIidp connection(see 10.1).


8.11 IDIiup-delete-request

   IDIP-command       : "DELETE" CRLF
   IDIP-parameter     :
      [functionid]
      [FEname]

description:
  Request that the IDO delete the IDO service specified by the
functionid parameter. If the functionid parameter is not specified,
every IDO function registered by this IDIiup connection MUST be deleted.
  If a FEname parameter is specified, All IDO functions belong to
corresponding Function Enabler are deleted.

8.12 IDIiup-disable-request

   IDIP-command       : "DISABLE" CRLF
   IDIP-parameter     :
      functionid

description:
  Request that the IDO disable the IDO function specified by the
FunctionId-parameter.


8.13 IDIiup-enable-request

   IDIP-command       : "ENABLE" CRLF
   IDIP-parameter     :
      functionid

description:
  Request that the IDO enable the IDO function specified by functionid
parameter.


8.14 IDIiup-redirect-request

   IDIP-command       : "REDIRECT" CRLF
   IDIP-parameter     :
      location  :          IDO address to which this IDO will move

description:
  Request that the IDO register the redirection. The location parameter
specifies the destination IDO address.



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 25]


INTERNET-DRAFT                    IDIP                      October 1999


9 IDI internal upward protocol responses

   IDIiup-response = status IDIP-parameters CRLF IDIP-data

                   = successful response             ; 9.1
                   | authentication error response   ; 9.2
                   | no IDIiup connection response   ; 9.3
                   | no IDIep connection response    ; 9.4
                   | IDO moved response              ; 9.5
                   | IDO not found response          ; 9.6
                   | function not launched error     ; 9.7
                   | parameter not acceptable error  ; 9.8
                   | no function available error     ; 9.9


9.1 Successful response

   status-code        : 100
   status-description : OK
   IDIP-parameter     :
   IDIP-data          : [IDO function format]

description:
   The specified IDIiup request was successfully completed. The
corresponding data was described in the IDIP-data section of the
response.
   The IDO function format MAY be contained in the IDIP-data as returned
in the response to a list request or a call request.
  If IDIP-data contains multiple list of IDO function, it MUST be
described using the multipart style(5.2.1).

9.2 Authentication error response

   status-code        : 201
   status-description : Authentication Error

description:
  Authentication failure.

9.3 No IDIiup connection response

   status-code        : 310
   status-description : No IDIiup Connection

description:
  The specified IDIiup connection does not exist.

9.4 No IDIep connection response

  status-code        : 309


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 26]


INTERNET-DRAFT                    IDIP                      October 1999


   status-description : No IDIep Connection
   IDIP-parameter     :
      [functionid]

description:
  The IDIep connection does not exist. If the response is returned for a
call request, the corresponding functionId MUST be described.

9.5 IDO moved response

   status-code        : 306
   status-description : IDO Moved
   IDIP-parameter     :
      location:            IDO-Address to which the specified IDO moved

description :
  The specified IDO was moved to the IDO address specified by the
location parameter.

9.6 IDO not found response

   status-code        : 307
   status-description : IDO Not Found

description :
  Failed to establish an IDIep connection.


9.7 Function not launched error

   status-code        : 203
   status-description : Function Not Launched
   IDIP-data          : [IDO function format]

description:
  The specified IDO function was not executed for some unknown reason.


9.8 Parameter not acceptable error

   status-code        : 204
   status-description : Parameter Not Acceptable
   IDIP-data          : [IDO function format]

description:
  The specified IDO function was not executed because of a negotiation
failure.


9.9 No function available error


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 27]


INTERNET-DRAFT                    IDIP                      October 1999


   status-code        : 303
   status-description : No Function Available
   IDIP-data          : [IDO function format]


10 IDI internal downward protocol requests

   IDIidp-Request  = IDIidp-list-request      ;10.1
                    |IDIidp-call-request      ;10.2

  There are some IDIP-parameters commonly necessary for IDIidp requests
and responses. These parameters are
  Content-Type:  Media type of IDIP-data.
  Content-Length: Data length of IDIP-data in bytes.
  Note that if the request does not contain any IDIP-data, Context-
Length MSUT be set to 0 and Content-Type MUST not appear in the request.
These parameters are not described explicitly in the description below.


10.1 IDIidp-list-request

   IDIP-command       : "LIST" CRLF
   IDIP-parameter     :
      [functionid]

description:
  Request that the Function Enabler return the list of IDO functions.
IDO functions MAY be specified by the FunctionId-parameter. If the
FunctionId-parameter is not specified, the Function Enabler returns a
list of all IDO functions.

10.2 IDIidp-call-request

   IDIP-command       : "CALL" CRLF
   IDIP-parameter     :
      functionid
   IDIP-data          : [IDO function format]

description:
  Request that the Function Enabler perform the IDO function specified
by functionid parameter with properties contained in IDIP-data part of
the request. The properties MAY be specified using IDO function format
described in section 12.

11 IDI internal downward protocol responses

   IDIidp-response = status IDIP-parameters CRLF IDIP-data

                   = successful response             ; 11.1
                   | authentication error response   ; 11.2


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 28]


INTERNET-DRAFT                    IDIP                      October 1999


                   | parameter not acceptable error  ; 11.3
                   | no function available error     ; 11.4

11.1 Successful response

   status-code        : 100
   status-description : OK
   IDIP-parameter     :
   IDIP-data          : [IDO function format]

description:
	 The request succeeded. The IDIP-data MAY contain the IDO
function
format for the response to a call request and a list request.

11.2 Authentication error response

   status-code        : 201
   status-description : Authentication Error

description:
  Authentication failure.

11.3 No function available error

   status-code        : 303
   status-description : No Function Available

description:
  The specified keywords or functionId did not match any IDO functions.

11.4 Parameter not acceptable error

   status-code        : 204
   status-description : Parameter Not Acceptable
   IDIP-data          : [IDO function format]

description:
  The specified IDO function is not acceptable with the specified
parameters. Parameters MAY be specified by IDO function format.


12 IDO function format

12.1 Overview of IDO function format

   The purpose of the IDO function format is to specify or inform the
parameters of an IDO function. Also, IDO functions can specify some
semantics of parameters which are related to negotiation of parameters.
   The IDO function format is specified as an Extensible Markup Language


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 29]


INTERNET-DRAFT                    IDIP                      October 1999


(XML) application. The IDO function format is transported in IDIP-data
part of IDIP message. The IDO function format is handled by the Function
Enabler and Function Provider, and IDO does not concern about IDO
function format.

The IDO function format is used for three purposes.

1) To request the initial parameter for an IDO function
   An IDO function format is used to specify the initial parameter for
an IDO function in an IDIep-call-request, an IDIiup-call-request and an
IDIidp-call-request.

2) To return the initial parameter for IDO function
   An IDO function format is used to specify the result of the request
contained in the response message for an IDIep-call-request, an IDIiup-
call-request, and an IDIidp-call-request.

3) To register the specification of IDO function

12.2 The Structure of IDO function format

The IDO function format is described in well-formed XML. The tree
structure of an IDO function is described below.

IDO-function-
            |-name
            |-specification--spec
            |              | ...
            |              --spec
            |-description
            |-status
            |-item--parameter
            |     |......
            |     --parameter
            |.......
            |-item--parameter

12.3 Description of each element and its attributes

12.3.1 The function element
  This element is a root element of the IDO function format. The
function element includes a name element, a spec element, a desc element,
a status element, and an item element.

12.3.2 The name element
  The name element describes name of this IDO function.

12.3.3 The specification element

  Function Provider decides whether the IDO function is negotiable or


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 30]


INTERNET-DRAFT                    IDIP                      October 1999


not using this element. One or more spec elements are included as child
nodes.

12.3.3.1 The spec element
  Function Provider judges whether the IDO function is negotiable or not
with referring to the value of this element. Therefore, the value of
spec element must be globally unique. The spec element is combined to
spec attribute of item element. If an IDO function format contains
multiple item elements, the corresponding multiple spec elements MUST be
specified.

12.3.4 The description element
  The description element explains the function of the Function Provider
in a simple text string.

12.3.5 The status element
  This element specifies purpose of the IDO function format.
  "request"        This IDO function format is a request.
  "response"       This IDO function format is a response to request.
  "registration"   This IDO function format is a catalogue of the IDO
function.

12.3.6 The item element
  The item element concentrates multiple parameters into a single
negotiation unit. Item elements include one or more parameter elements.
  Item elements have a type attribute, a description attribute, and a
spec attribute. If the type attribute is specified, the attribute is
inherited by the child node.

12.3.6.1 The spec attribute
  The spec attribute specifies specification for negotiation of the item
element. This attribute is combined with spec element and the value must
coincide with the value specified in spec element in section 12.3.3.1.

12.3.7 The parameter element
  The parameter element specifies value of the parameter necessary to
perform the IDO function. The parameter element includes a type
attribute and a description attribute. The syntax of the content of this
element is not specified in this IDO function format specification.
  The parameter element can have other parameter elements as child nodes.
If the attribute is not explicitly specified, then the attribute of the
parent element is inherited.

12.3.8 The type attribute

  The type attribute specifies semantics related to negotiation. The
type attribute qualifies parameter element or item element.
  All parameter elements included in the item element are qualified by
the attribute which qualifies parent element unless type attribute of
child element is specified explicitly.


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 31]


INTERNET-DRAFT                    IDIP                      October 1999


12.3.8.1 Attributes appearing in requests

  "variable"  - The described parameter is a proposed value. If the
value is not acceptable, alternative values may be returned.
  Responses to this request include: "accepted", "alternate" or denied".

  "fixed"     - The described parameter is a proposed value . Even if
the value is not acceptable, an alternative value is not required.
  Responses to this request include: "accepted" or "denied".

  "fetch"     - There is no proposed value for this parameter.

12.3.8.2  Attributes in responses

  "accepted"  - The proposed value was accepted.

  "alternate" - Though the proposed value is not acceptable, an
alternative value specified in the response is acceptable.

  "denied"	  - The proposed value is not acceptable, and there is
no
alternative value proposed for this parameter. If this attribute appears
in response to the request with "fetch" attribute, the requested
parameter is not provided.

  "required"  - To perform this IDO function , the specified parameter
is required.

  "reply"     - The requested parameter is described.

  "notify"    - The parameter is described.

12.3.8.3  Attributes appears in catalogue

  "required"  - The specified parameter is required. The client must
specify the value for this parameter with the "variable" or "fixed"
attribute in the request.

  "variable"  - The specified parameter is required. The specified value
is proposed value. The client must specify the value for this parameter
with the "variable" or "fixed" attribute in the request.

  "fixed"     - The specified value is proposed for the parameter. The
client must specify the value with the "fixed" parameter in the request.
If a different value is specified for the parameter, the request will be
denied.

  "available" - The value of this parameter is available. The client can
get the value of this parameter with "fetch" attribute.



A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 32]


INTERNET-DRAFT                    IDIP                      October 1999


12.3.9 The description attribute

  A simple text string which explains the item or parameter element.

13 Examples

13.1 Invocation for IRC chat channel
  In this case, IDO user "Alice" with IDO address "alice@ido1.co.jp"
wants to communicate "Bob" with IDO address "bob@ido2.co.jp".  Alice
wants to chat with bob, if "Bob" is available.

         alice@ido1.co.jp                   bob@ido2.co.jp
           +----------+    IDIep             +----------+
           |   IDO    |=====================>|   IDO    |
           +----------+                      +----------+
               /||                                ||
                || IDIiup                  IDIidp ||
                ||                                ||/
           +----------+                      +----------+
           | Function |                      | Function |
           | Enabler  |                      | Enabler  |
           +----------+                      +----------+
      alice@dragon.ido1.co.jp             bob@tiger.ido2.co.jp

; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup-
;login-request to establish an IDIiup connection from the Function
;Enabler(alice@dragon.ido1.co.jp) to her IDO(alice@ido1.co.jp) using
;IDIiup.

LOGIN
From: alice@dragon.ido1.co.jp
To: alice@ido1.co.jp
Content-Length: 0

; Alice's IDO(alice@ido1.co.jp) returns a successful response to Alice's
;Function Enabler(alice@dragon.ido1.co.jp).

100 OK
Content-Length: 0

; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup-
;start-request to make her IDO to establish an IDIP connection to Bob's
;IDO(bob@ido2.co.jp) using the IDIiup connection.

START
To: bob@ido.fujitsu.co.jp
Content-Length: 0

; Alice's IDO(alice@ido1.co.jp) issues an IDIep-start-request to Bob's
;IDO(bob@ido2.co.jp) to establish an IDIP connection.


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 33]


INTERNET-DRAFT                    IDIP                      October 1999


START
To: bob@ido.fujitsu.co.jp
Content-Length: 0

; Bob's IDO (bob@ido2.co.jp) returns a successful response to Alice's
;IDO(alice@ido1.co.jp).

100 OK
Content-Length: 0

; Alice's IDO (alice@ido1.co.jp) returns a successful response to
;Alice's Function Enabler(alice@dragon.ido1.co.jp).

100 OK
Content-Length: 0

; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup-
;list-request to get information of Bob's IDO.

LIST
To: bob@ido2.co.jp
Keywords: name=chat
Content-Length: 0

; Alice's IDO(alice@ido1.co.jp) issues an IDIep-list-request to Bob's
;IDO(bob@ido2.co.jp). Note that IDO-To parameter is not contained in the
;message because it will be transferred through the IDIep connection
;which has already been established.

LIST
Keywords: name=chat
Content-Length: 0

; Bob's IDO(bob@ido2.co.jp) returns successful response to Alice's
;IDO(alice@ido1.co.jp).
; Bob prefers #MEETING for default IRC channel, and irc.chat.co.jp as an
;IRC server.
; IRC Client "Chocoa" can show web page using browser, Bob prefers to
;talk referencing "http://www.fujitsu.co.jp/hypertext/free/chocoa/en/"
;as an initial page.

100 OK
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

<function>
  <name>chocoa</name>
  <desc>This FP invokes chocoa win32 executable</desc>
  <specification>


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 34]


INTERNET-DRAFT                    IDIP                      October 1999


    <spec>irc</spec>
    <spec>chocoa</spec>
  </specification>
  <status>request</status>
  <item spec="irc">
    <server type="variable">
      irc.chat.co.jp
    </server>
    <callernick type="required">
    </callernick>
    <calleenick type="fixed">
      Bob
    </calleenick>
      <channel type="variable">
        #MEETING
      </channel>
  </item>
  <item spec="chocoa">
    <page type="variable">
      http://www.fujitsu.co.jp/hypertext/free/chocoa/en/
    </page>
  </item>
</function>

; Alice's IDO(alice@ido1.co.jp) returns a successful response to Alice's
;Function Enabler(alice@dragon.ido1.co.jp).

100 OK
Content-Type: text/xml
Content-Length:xxx

[Content is the same as above]

; Alice's Function Enabler(alice@dragon.ido1.co.jp) issues an IDIiup-
;call-request to request performing an IDO function.
; IDO function is specified by the functionid parameter.

CALL
To: bob@ido2.co.jp
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

<function>
  <name>chocoa</name>
  <desc>This FP invokes chocoa win32 executable</desc>
  <specification>
    <spec>irc</spec>
    <spec>chocoa</spec>
  </specification>


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 35]


INTERNET-DRAFT                    IDIP                      October 1999


  <status>request</status>
  <item spec="irc">
    <server type="variable">
      irc.chat.co.jp
    </server>
    <callernick type="variable">
      Alice
    </callernick>
    <calleenick type="fixed">
      Bob
    </calleenick>
      <channel type="variable">
        #MEETING
      </channel>
  </item>
  <item spec="chocoa">
    <page type="variable">
      http://www.fujitsu.co.jp/hypertext/free/chocoa/en/
    </page>
  </item>
</function>

; Alice's IDO (alice@ido1.co.jp) issues a call request to Bob's
;IDO(bob@ido2.co.jp) to call an IDO function.
; The IDO function is specified by FunctionId: parameter.

CALL
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

[Content is the same as above]

; Bob's IDO (bob@ido2.co.jp) issues an IDIidp-call-request to Bob's
;Function Enabler(bob@tiger.ido2.co.jp) to perform IDO function via
;IDIidp connection.
; IDO function is specified by functionid parameter.

CALL
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

[Content is the same as above]

; Bob's Function Enabler(bob@tiger.ido2.co.jp) returns an error response
;to the IDIidp-call-request because he thinks #IDI is better than
;#MEETING for chat channel in this case.

204 Parameter Not Acceptable


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 36]


INTERNET-DRAFT                    IDIP                      October 1999


FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

<function>
  <name>chocoa</name>
  <desc>This FP invokes chocoa win32 executable</desc>
  <specification>
    <spec>irc</spec>
    <spec>chocoa</spec>
  </specification>
  <status>request</status>
  <item spec="irc">
    <server type="accepted">
      irc.chat.co.jp
    </server>
    <callernick type="accepted">
      Alice
    </callernick>
    <calleenick type="accepted">
      Bob
    </calleenick>
      <channel type="alternate">
        #IDI
      </channel>
  </item>
  <item spec="chocoa">
    <page type="accepted">
      http://www.fujitsu.co.jp/hypertext/free/chocoa/en/
    </page>
  </item>
</function>

; Bob's IDO( bob@ido2.co.jp) returns an error response to the call
;request.

204 Parameter Not Acceptable
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

[Content is the same as above]


; Alice's IDO( alice@ido1.co.jp) returns an error response to the call
;request.

204 Parameter Not Acceptable
FunctionId: 10000
Content-Type: text/xml


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 37]


INTERNET-DRAFT                    IDIP                      October 1999


Content-Length: xxx

[Content is the same as above]

; Alice's Function Enabler(alice@alice.ido1.co.jp) issues an IDIiup-
;call-request again because channel parameter in the preceding request
;was denied by Bob's Function Enabler.
; Alice's Function Enabler specifies #IDI for a chat channel which is
;counter-proposed by Bob's Function Enabler. Note that every parameter
;must be specified again because the negotiation is a stateless process.

CALL
To: bob@ido.fujitsu.co.jp
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

<function>
  <name>chocoa</name>
  <desc>This FP invokes chocoa win32 executable</desc>
  <specification>
    <spec>irc</spec>
    <spec>chocoa</spec>
  </specification>
  <status>request</status>
  <item spec="irc">
    <server type="variable">
      irc.chat.co.jp
    </server>
    <callernick type="variable">
      Alice
    </callernick>
    <calleenick type="variable">
      Bob
    </calleenick>
      <channel type="variable">
        #IDI
      </channel>
  </item>
  <item spec="chocoa">
    <page type="variable">
      http://www.fujitsu.co.jp/hypertext/free/chocoa/en/
    </page>
  </item>
</function>

; Alice's IDO (alice@ido1.co.jp) issues an IDIep-call-request to Bob's
;IDO(bob@ido2.co.jp) to request performing an IDO function.

CALL


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 38]


INTERNET-DRAFT                    IDIP                      October 1999


FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

[Content is the same as above]

; Bob's IDO (bob@ido2.co.jp) issues an IDIidp-call-request to Bob's
;Function Enabler(bob@tiger.ido2.co.jp) to call the IDO function via
;IDIidp connection.

CALL
FunctionId: 10000
Content-Type: text/xml
Content-Length: xxx

[Content is the same as above]

; Bob's Function Enabler (bob@tiger.ido2.co.jp) returns a successful
;response because he thinks #IDI is an adequate chat channel.

100 OK
Content-Type: text/xml
Content-Length:xxx

<function>
  <name>chocoa</name>
  <desc>This FP invokes chocoa win32 executable</desc>
  <specification>
    <spec>irc</spec>
    <spec>chocoa</spec>
  </specification>
  <status>request</status>
  <item spec="irc">
    <server type="accepted">
      irc.chat.co.jp
    </server>
    <callernick type="accepted">
      Alice
    </callernick>
    <calleenick type="accepted">
      Bob
    </calleenick>
      <channel type="accepted">
        #IDI
      </channel>
  </item>
  <item spec="chocoa">
    <page type="accepted">
      http://www.fujitsu.co.jp/hypertext/free/chocoa/en/
    </page>


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 39]


INTERNET-DRAFT                    IDIP                      October 1999


  </item>
</function>

; Bob's IDO(bob@ido2.co.jp) returns a successful response.

100 OK
Content-Type: text/xml
Content-Length:xxx

[Content is the same as above]

; Alice's IDO(alice@ido1.co.jp) returns a successful response to Alice's
;Function Enabler(alice@dragon.ido1.co.jp).

100 OK
Content-Type: text/xml
Content-Length:xxx

[Content is the same as above]

14 Security Considerations

14.1 Authentication

   IDIP has two types of authentication. One is Function Enabler
authentication and the other is IDO authentication.
   When one IDO requests another IDO to establish IDIP connection, the
callee IDO authenticates the caller IDO.
   When a Function Enabler requests that an IDO establish an IDIiup
connection, the IDO authenticates the Function Enabler.
   When an IDO requests that a Function Enabler establish an IDIidp
connection, the Function Enabler and IDO must both authenticate each
other because, in some cases, the IDO cannot trust the Function Enabler
(Ex. dialup PPP). Because the current version of IDIP does not support
mutual authentication, an IDIiup connection is used as an IDIidp
connection to overcome such difficulties.

14.2 Access Controls
   An IDO SHOULD support Access Control to each IDO function using a
Function Enabler (see 8.10). Any user who is not allowed to access the
IDO function, can not get the list of IDO functions and can not call
those functions. The access control is managed by ACLs located on the
IDO. The Function Enabler can control this ACLs (see 8.10).

15 References
[KEYWORDS]
S. Bradner, " Key words for use in RFCs to Indicate Requirement Levels",
RFC 2119, Mar.1997.

[MEDIA TYPE]


A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 40]


INTERNET-DRAFT                    IDIP                      October 1999


 N. Freed, N. Borenstein, "Multipurpose Internet Mail Extensions (MIME)
Part Two: Media Types", RFC2046, Nov. 1996.

[HTTP1.1]
R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T.
Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC2616, Jun.
1999.


16 Author's Addresses

   Akinori Iwakawa
   Fujitsu Laboratories Limited
   Okubocho Nishiwaki 64
   Akashi, HYOGO 674-0054 JAPAN

   Fax: +81 (78) 934 - 3312
   Email: iwakawa@flab.fujitsu.co.jp

   Shingo Fujimoto
   Fujitsu Laboratories of America, Inc.
   595 Lawrence Expressway
   Sunnyvale, CA 94086 U.S.A.

   Fax: +1 (408) 530 - 4515
   Email: shingo@fla.fujitsu.com

   Dave Marvit
   Fujitsu Laboratories of America, Inc.
   595 Lawrence Expressway
   Sunnyvale, CA 94086 U.S.A.

   Fax: +1 (408) 530 - 4515
   EMail: dave@marvit.org


















A.Iwakawa, S.Fujimoto, D.Marvit                                [Page 41]