Re: [plasma] why not web portal mail?

Phillip Hallam-Baker <hallam@gmail.com> Wed, 13 April 2011 00:50 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: plasma@ietfc.amsl.com
Delivered-To: plasma@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 8B547E0687 for <plasma@ietfc.amsl.com>; Tue, 12 Apr 2011 17:50:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.675
X-Spam-Level:
X-Spam-Status: No, score=-2.675 tagged_above=-999 required=5 tests=[AWL=-0.077, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p0PnQvY1CFIo for <plasma@ietfc.amsl.com>; Tue, 12 Apr 2011 17:50:00 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfc.amsl.com (Postfix) with ESMTP id ED369E067D for <plasma@ietf.org>; Tue, 12 Apr 2011 17:49:59 -0700 (PDT)
Received: by vxg33 with SMTP id 33so102764vxg.31 for <plasma@ietf.org>; Tue, 12 Apr 2011 17:49:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=axD9N58QV4S0A4P5PGHtWXXKp9iVJbWkxHVYEtNpMKE=; b=A6YFYYxlA6aWkdlFuJW04SMtQihgn6l7aSarlTY0NGWhTFQLKIlM06gdj2xJ7cYACY cc8OvXW7AbRFfUV/+AlMEb4YoYNttBLbEYq5GvA+ERszEQugU9ufKgDtfQWTyNOx4Eno ZXsbcHhgn4RuBYmWcd3QUBlh2A3TJYZfE3kz0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=w5YUnUanDLvDDKskcEdOIhoVFcIcd10+5xDhfVWHNrLvO4G2d9MXviO3SL6E0lMsjH 4kWoCPYgTFbdiKd55QMyM7uAWtizurNF8x4PNC0BjR6VwOjHXK+ZKdPP8Sw4oGh/W790 iMV7/wWHNX+2gaW3o3E4Jrut8Ii08qWmWNSlM=
MIME-Version: 1.0
Received: by 10.52.176.36 with SMTP id cf4mr2382432vdc.29.1302655799274; Tue, 12 Apr 2011 17:49:59 -0700 (PDT)
Received: by 10.52.166.230 with HTTP; Tue, 12 Apr 2011 17:49:58 -0700 (PDT)
In-Reply-To: <E545B914D50B2A4B994F198378B1525D339DC3C2@DF-M14-12.exchange.corp.microsoft.com>
References: <E545B914D50B2A4B994F198378B1525D2F49734F@DF-M14-12.exchange.corp.microsoft.com> <4DA45FE5.3020102@mnt.se> <E545B914D50B2A4B994F198378B1525D339D7F4B@DF-M14-11.exchange.corp.microsoft.com> <BANLkTimjLVTre_DTjifrk5pQy941QiNHsw@mail.gmail.com> <E545B914D50B2A4B994F198378B1525D339DC3C2@DF-M14-12.exchange.corp.microsoft.com>
Date: Tue, 12 Apr 2011 20:49:58 -0400
Message-ID: <BANLkTik6C0D_O_nFM8x1H4ukHN1fmjwJQw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Trevor Freeman <trevorf@exchange.microsoft.com>
Content-Type: multipart/alternative; boundary=bcaec5171ea72e2b6404a0c23041
Cc: "plasma@ietf.org" <plasma@ietf.org>
Subject: Re: [plasma] why not web portal mail?
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Apr 2011 00:50:01 -0000

Agreed, but not actually an issue.

If we have a collection of data in a database that is controlled under the
secret#example.com policy we might have an infinite series of permutations
and subsets that could be drawn from the database.

We don't need to standardize the expression of the secret#example.com policy
or how it relates to the dataset. There might be constraints in there of the
form 'fans of Lady Gaga can only download a maximum of 1000 items', there
might be propositions that are nondeterministic, even undecidable.


All an application ever needs to deal with is the consequences of that
policy and those can be reduced to a small number of fixed actions plus
'call back for further instructions'.

There will have to be a policy language of course. But the policy language
itself does not need to be part of the standard. Its like the .NET
specification, the byte code and the APIs are standard, but that
infrastructure can support a vast array of languages.

What we need in the PLASMA standard is the range of moves used to implement
the policy.


That is good in two ways, first it is more general and a better
architecture, second it avoids the worst thickets of patent trolldom which
obsess about the idea of moving the policy itself round with the data being
controlled. That is a necessary approach for copyright enforcement which had
to support offline devices and physical media once upon a time but not for
content management in general.


On Tue, Apr 12, 2011 at 6:52 PM, Trevor Freeman <
trevorf@exchange.microsoft.com> wrote:

>  *Policy does not distinguish in what form the data is held. So
> information persisted in email is subject to the same policy as the same
> information persisted in a word document. *
>
> * *
>
> *Yes we have to bind data to some set of policies. The semantics for email
> and documents are the same. *
>
> * *
>
> *Overall the Alice case you cited is too simple. A more realist example is
> *
>
> * *
>
> *Alice has some data and wants to apply policy X and Y to her data *
>
> *Bob has some data and wants to apply policy Z to his data*
>
> * *
>
> *Policies X, Y and Z each defines a set of authorized recipients.*
>
> * *
>
> *Alice and Bob’s data had become comingled so now policies X Y and Z have
> to be enforced.*
>
> * *
>
> *In an ideal world we would want to identify Alice’s and Bob’s data and
> bind it to its respective polices. *
>
> * *
>
> *In a less than perfect world we may enforce access at the container level
> which is an incremental improvement on what we have today. *
>
> * *
>
> * *
>
> *From:* Phillip Hallam-Baker [mailto:hallam@gmail.com]
> *Sent:* Tuesday, April 12, 2011 12:31 PM
> *To:* Trevor Freeman
> *Cc:* Leif Johansson; plasma@ietf.org
>
> *Subject:* Re: [plasma] why not web portal mail?
>
>
>
> If we consider the Word, Excel and Diplomatic cables examples, the data is
> static and to be controlled under a policy regardless of what channels it
> might be transferred or transmitted through.
>
>
>
> The protocol requirement here in my view is to enable applications to
> determine how to apply the security policy identified as X to the data
> object Y.
>
>
>
> On Tue, Apr 12, 2011 at 2:41 PM, Trevor Freeman <
> trevorf@exchange.microsoft.com> wrote:
>
> If you consider XMPP case it is easier because there is no expectation of
> data persistence. It's a synchronous protocol where all parties are online
> together exchanging information and that information is not persisted one
> the session is ended.
>
>
> -----Original Message-----
> From: plasma-bounces@ietf.org [mailto:plasma-bounces@ietf.org] On Behalf
> Of Leif Johansson
> Sent: Tuesday, April 12, 2011 7:21 AM
> To: plasma@ietf.org
> Subject: Re: [plasma] why not web portal mail?
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/06/2011 09:33 PM, Trevor Freeman wrote:
> > Stephen Farrell asked why not use Web portal mail? Why do we need to
> develop plasma?
>
> Maybe that question is easier to answer if we consider plasma for XMPP and
> not just for email. There are important differences between XMPP and email
> that make it much more challenging to build web-only versions of the XMPP.
>
>        Cheers Leif
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk2kX+UACgkQ8Jx8FtbMZndeOwCcC1BQafbUXYLHJZKxsuAcV8eS
> 6ukAnA0JGhMsLdmh+WG+GqEUoVMWj7+e
> =5lPF
> -----END PGP SIGNATURE-----
> _______________________________________________
> plasma mailing list
> plasma@ietf.org
> https://www.ietf.org/mailman/listinfo/plasma
> _______________________________________________
> plasma mailing list
> plasma@ietf.org
> https://www.ietf.org/mailman/listinfo/plasma
>
>
>
>
> --
> Website: http://hallambaker.com/
>



-- 
Website: http://hallambaker.com/