3.1.4.1 Group Creation
This is triggered by a request from the higher layer application to create a new group. The following information MUST be provided by the application and stored by local Node:
MemberDataOptional: A Flag indicating whether publishing of membership MUST be delayed until the Node publishes a Record or generates a GMC for another Node.
PresenceDisabled: A Flag indicating whether presence information MUST be automatically published by each node.
DeferExpiration: A Flag indicating whether records MUST NOT be expired when the Node is not connected to the Group.
CloudName: The PNRP Cloud Name where the Graph will register and discover. See [MS-PNRP]
Group Peer Name: A Peer Name for the Group.
Local Peer Name: The Peer Name of the Identity creating the Group.
FriendlyName: An Optional friendly name identifying the Group. The string length, including the null terminator, MUST NOT be larger than 255 characters.
Comment: An Optional string with a comment to be associated with the Group. The string length, including the null terminator, MUST NOT be larger than 255 characters
MembershipLifetime: The lifetime, in seconds, of the Membership information published by a Node. This value MUST be in the range [2280, 31536000]. If this value is outside the valid range, a default value of 2419200 seconds MUST be used.
PresenceLifetime: The lifetime, in seconds, of the Presence information. This value MUST larger than or equal to 300 seconds. If this value is less than 300 seconds, a default value of 300 seconds MUST be used.
AuthenticationSchema: An integer indicating whether Password-based authentication, GMC- based Authentication or both MUST be used to authenticate a new Node into the Graph.
RoleForPassword: A value indicating what Group role MUST be given to any new Node joining the Group with Password-based authentication. This value MUST be ignored if the Password-based authentication is not specified in the AuthenticationSchema datum, otherwise it MUST have one of the following values:
GUID {04387127-aa56-450a-8ce5-4f565c6790f4}: Indicates that each Node joining the group MUST be given Admin role.
GUID {f12dc4c7-0857-4ca0-93fc-b1bb19a3d8c2}: Indicates that each Node joining the Group MUST be given Inviting Member role.
Any value other than the above MUST cause the operation to abort and it is recommended that an error be returned to the application.
The Grouping Security Protocol implementation MUST perform the following steps:
Build the Security Properties record as specified in section 2.2.3.1. All non-constant fields defined in section 2.2.3.1 MUST be filled based on the higher-layer application request. In particular:
Group Security Major/Minor Version: The Group Security version MUST be specified as part of the request, so that the appropriate version numbers can be published in the Security Properties record and creator Membership record. The version MUST be 1.0 if the application has specified that the Group supports only GMC-based authentication. The version MUST be 1.1 if the application has specified that the Group supports password-based authentication.
Cloud: The PNRP Cloud Name supplied by the higher-layer application MUST be stored as the Cloud Name.
Build a Membership record containing the Local GMC chain as specified in section 3.1.7.5.
Trigger P2P Graphing to create a new Graph as specified in [MS-PPGRH] section 3.1.4.1 with the following parameters:
The Graph ID MUST be set to the Group PeerName.
The Creator ID MUST be set to the Creator PeerName.
The Friendly Name MUST be set to the Group Friendly Name.
Max Record Size MUST be set to 0.
Max Frame Size MUST be set to 16,348 bytes.
Max Presence Records MUST be set as follows.
If PresenceDisabled is set, this value MUST be set to -1.
Otherwise, this value MUST be set to 0.
Presence Lifetime MUST be set to PresenceLifetime.
The Defer Expiration flag MUST be set to the value of the Defer Expiration flag passed by the application.
The Scope MUST be set according to the Cloud Name provided by the application.
The Security Provider Module MUST be set to indicate that Graphing MUST use the local Node as Security Provider.
Start listening, as specified in section 3.1.4.4.
If any one of the preceding steps fails, the group creation MUST be terminated, and it is recommended that the Grouping Security Protocol notifies the higher-layer application of the failure.