summaryrefslogtreecommitdiff
path: root/Architecture_and_Design
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-12-12 12:31:12 (GMT)
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-12-12 12:31:12 (GMT)
commit660a7756112fb98052f80a2bf81efbd968f8fc5c (patch)
treeae143d29359f12deee201bafb6c7aab1b88a3435 /Architecture_and_Design
parente7c2d114b816e8e208e6c5918ba173d4ec7d4c56 (diff)
downloadkolab-docs-660a7756112fb98052f80a2bf81efbd968f8fc5c.tar.gz
Add some thoughts on Free/Busy
Diffstat (limited to 'Architecture_and_Design')
-rw-r--r--Architecture_and_Design/en-US/Free_Busy.xml214
1 files changed, 214 insertions, 0 deletions
diff --git a/Architecture_and_Design/en-US/Free_Busy.xml b/Architecture_and_Design/en-US/Free_Busy.xml
new file mode 100644
index 0000000..286ce8f
--- /dev/null
+++ b/Architecture_and_Design/en-US/Free_Busy.xml
@@ -0,0 +1,214 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Architecture_and_Design.ent">
+%BOOK_ENTITIES;
+]>
+<chapter id="chap-Architecture_and_Design-FreeBusy">
+ <title>Free/Busy</title>
+ <para>
+ Free/Busy information can be generated from Event information from, or obtained from existing Free/Busy information in the following locations:
+ </para>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-Kolab_Groupware">
+ <title>Kolab Groupware</title>
+ <para>
+ The Kolab Groupware environment &ndash;we'll call this the <emphasis>corporate</emphasis> Kolab environment.
+ </para>
+
+ </formalpara>
+ <para>
+ Each Kolab Calendar in the personal namespace may be classified as a personal or a corporate calendar (private, or work-related). That is to say, on a per calendar basis, other people within or outside of the Kolab environment may or may not be authorized to read the basic availability, or the details of each event as well.
+ </para>
+ <para>
+ As a mechanism to authorize, we may use the Cyrus IMAP ACLs;
+ </para>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-anonymous_l">
+ <title>anonymous: l</title>
+ <para>
+ Allow anonymous users to view basic Free/Busy information generated from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+ <note>
+ <title>Security Consideration(s)</title>
+ <para>
+ Should the IMAP ACL be applied to the actual IMAP folder, and the IMAP server be allowed to connect to from the Internet, and the anonymous login mechanism be enabled, then everyone could lookup the existence of this IMAP folder.
+ </para>
+
+ </note>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-anonymous_lr">
+ <title>anonymous: lr</title>
+ <para>
+ Allow anonymous users to view detailed Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+ <note>
+ <title>Security Consideration(s)</title>
+ <para>
+ Should the IMAP ACL be applied to the actual IMAP folder, and the IMAP server be allowed to connect to from the Internet, and the anonymous login mechanism be enabled, then everyone could read the contents of this IMAP folder.
+ </para>
+
+ </note>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-anyone_l">
+ <title>anyone: l</title>
+ <para>
+ Allow anyone authenticated to view basic Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-anyone_lr">
+ <title>anyone: lr</title>
+ <para>
+ Allow anyone to view detailed Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-userid_l">
+ <title>&lt;userid&gt;: l</title>
+ <para>
+ Allow the person authenticated and authorized as <emphasis>&lt;userid&gt;</emphasis> to view basic Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-userid_lr">
+ <title>&lt;userid&gt;: lr</title>
+ <para>
+ Allow the person authenticated and authorized as <emphasis>&lt;userid&gt;</emphasis> to view detailed Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+ <note>
+ <title>Security Consideration(s)</title>
+ <para>
+ Note that those authorized as &lt;userid&gt;, using the IMAP ACLs, would actually be allowed to read the complete event message(s) contents.
+ </para>
+
+ </note>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-groupgroupid_l">
+ <title>group:&lt;groupid&gt;: l</title>
+ <para>
+ Allow individuals authenticated part of group <emphasis>&lt;groupid&gt;</emphasis> to view basic Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-groupgroupid_lr">
+ <title>group:&lt;groupid&gt;: lr</title>
+ <para>
+ Allow individuals authenticated part of group <emphasis>&lt;groupid&gt;</emphasis> to view detailed Free/Busy information from the calendaring contents of this folder.
+ </para>
+
+ </formalpara>
+ <note>
+ <title>Security Consideration(s)</title>
+ <para>
+ Note that those authorized as &lt;userid&gt; part of group &lt;groupid&gt;, using the IMAP ACLs, would actually be allowed to read the complete event message(s) contents.
+ </para>
+
+ </note>
+
+ </listitem>
+
+ </itemizedlist>
+
+ </para>
+ <para>
+ To authenticate and authorize user accounts external to the Kolab Groupware environment (i.e., John's wife Jane Doe may see the corporate Free/Busy information, but no-one else may), we may choose to use a group including the contact entry for Jane Doe, for which a password has been set).
+ </para>
+ <para>
+ Note that unless Jane Doe's identifier is a valid identifier to Cyrus IMAP ptloader, the ACL could not be enforced on the individual's basis.
+ </para>
+ <para>
+ Note that unless the group is a valid group for Cyrus IMAP ptloader, the group ACL could not be enforced.
+ </para>
+ <para>
+ Note that the Cyrus IMAP ptloader is configured using different settings than are used for authentication, as it concerns authorization.
+ </para>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-Third_party_Kolab_Groupware">
+ <title>Third-party Kolab Groupware</title>
+ <para>
+ A third-party Kolab Groupware environment, such as a private Kolab server.
+ </para>
+
+ </formalpara>
+ <para>
+ Between a private Kolab server and the corporate Kolab environment, the following options are available to the user:
+ </para>
+ <para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Obtain the Free/Busy information from my private Kolab account and make it available within the corporate Kolab environment without event details.
+ </para>
+
+ </listitem>
+ <listitem>
+ <para>
+ Obtain the detailed Free/Busy information from my private Kolab account and make it available within the corporate Kolab environment with event details to those authorized, and without event details for those unauthorized.
+ </para>
+
+ </listitem>
+
+ </itemizedlist>
+
+ </para>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-Third_party_Calendaring">
+ <title>Third-party Calendaring</title>
+ <para>
+ With read(/write) permissions on, for example, a Google Calendar.
+ </para>
+
+ </formalpara>
+ <para>
+ The configuration for any user's Google Calendar.
+ </para>
+
+ </listitem>
+ <listitem>
+ <formalpara id="form-Architecture_and_Design-FreeBusy-Third_party_FreeBusy">
+ <title>Third-party Free/Busy</title>
+ <para>
+ With read(/write) permissions on, for example, Google iCal as published.
+ </para>
+
+ </formalpara>
+
+ </listitem>
+
+ </itemizedlist>
+
+ </para>
+</chapter>
+