VaclavKubart This document follows specification of authorization documents suggested by and defines a document format for storing rules for authorization of instant messages.

sender User sending the instant message represented by URI present in From header field. recipient User receiving the instant message represented by AOR/To URI.

Instant message authorization document is XML document formated according to the schema defined in . It inherits the MIME type of common policy documents defined there - application/auth-policy+xml. All XML elements designed in this document belong to the urn:iptel:xml:ns:im-rules namespace. This namespace breaks conventions mentioned in the document which was used as a source but it will stay here due to compatibility reasons if there will be no problems with it.

Conditions are processed according to the specification in .

If the "instant messaging server" (proxy) trying to resolve authorization rules is bound together with the presence server it can take the sphere value from the presence server as defined in , otherwise sphere value is considered undefined in terms of common policy processing.

This document defines one action - <im-handling>. It is defined an enumerated integer type (like sub-handling in ). Possible values are: block (value 0) The message should not be delivered to the user and should be rejected with a 403 Forbidden result code. This is the dafault value of im-handling. allow (value 1) The message should be delivered to the destination user. In the future these values may change. If there are more matching rules, the resulting action will be the maximum of their <im-handling> values.

Transformations are not defined at this moment. In the future there can be for example length limitations or some flagging (like spam) or rate limitations.

sip:jan@example.com sip:pavel@example.com sip:vasek@example.com sip:ja@example.com allow sip:smith@example.com block ]]>

This document defines im-rules as unique application usage ID (AUID) requiered by XCAP specification.

When an instant message comes to a IM/presence server (proxy) within its domain, the server should look for document [xcap-root]/im-rules/users/[recipient username]/im-rules.xml and process rules in it.

There might be new versions of internet drafts and thus links to them my be obsolete. In such case try increment version in link or find the draft on IETF by name. common auth presence auth