RFC 3341 (rfc3341) - Page 2 of 26


The Application Exchange (APEX) Access Service



Alternative Format: Original Text Document



RFC 3341     The Application Exchange (APEX) Access Service    July 2002


   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 23
       References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
       Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 24
   A.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 25
       Full Copyright Statement . . . . . . . . . . . . . . . . . . . 26

1. Introduction

   This memo describes an access service that is built upon the APEX [1]
   "relaying mesh".  The APEX access service is used to control use of
   both the relaying mesh and other APEX services.

   APEX, at its core, provides a best-effort datagram service.  Within
   an administrative domain, all relays must be able to handle messages
   for any endpoint within that domain.  APEX services are logically
   defined as endpoints but given their ubiquitous semantics they do not
   necessarily need to be associated with a single physical endpoint.
   As such, they may be provisioned co-resident with each relay within
   an administrative domain, even though they are logically provided on
   top of the relaying mesh, i.e.,

      +----------+     +----------+    +----------+    +---------+
      |   APEX   |     |   APEX   |    |   APEX   |    |         |
      |  access  |     | presence |    |  report  |    |   ...   |
      | service  |     |  service |    | service  |    |         |
      +----------+     +----------+    +----------+    +---------+
           |                |               |               |
           |                |               |               |
   +----------------------------------------------------------------+
   |                                                                |
   |                            APEX core                           |
   |                                                                |
   +----------------------------------------------------------------+

   That is, applications communicate with an APEX service by exchanging
   data with a "well-known endpoint" (WKE).

   APEX applications communicate with the access service by exchanging
   data with the well-known endpoint "apex=access" in the corresponding
   administrative domain, e.g., "apex=" is the
   endpoint associated with the access service in the "example.com"
   administrative domain.

   Note that within a single administrative domain, the relaying mesh
   makes use of the APEX access service in order to determine if an
   originator is allowed to transmit data to a recipient (c.f., Step 5.3
   of Section 4.4.4.1 of [1]).




Rose, et. al.               Standards Track