[plasma] Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements

Ed Simon <Ed.Simon@titus.com> Fri, 14 September 2012 01:12 UTC

Return-Path: <Ed.Simon@titus.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 6135621F8608 for <plasma@ietfa.amsl.com>; Thu, 13 Sep 2012 18:12:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id SYS7FrWrTmWw for <plasma@ietfa.amsl.com>; Thu, 13 Sep 2012 18:12:29 -0700 (PDT)
Received: from mail203.messagelabs.com (mail203.messagelabs.com []) by ietfa.amsl.com (Postfix) with ESMTP id 9F7CF21F8549 for <plasma@ietf.org>; Thu, 13 Sep 2012 18:12:29 -0700 (PDT)
X-Env-Sender: Ed.Simon@titus.com
X-Msg-Ref: server-8.tower-203.messagelabs.com!1347585139!10636340!1
X-Originating-IP: []
X-StarScan-Version:; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 11541 invoked from network); 14 Sep 2012 01:12:21 -0000
Received: from 67-210-173.99.static.tel-ott.com (HELO snakeskin.titus.com) ( by server-8.tower-203.messagelabs.com with AES128-SHA encrypted SMTP; 14 Sep 2012 01:12:21 -0000
Received: from E10MB3.tituscorp.local ([fe80::84f4:cfbe:f32f:9a5]) by E10CH2.tituscorp.local ([]) with mapi id 14.03.0071.000; Thu, 13 Sep 2012 21:12:14 -0400
From: Ed Simon <Ed.Simon@titus.com>
To: "plasma@ietf.org" <plasma@ietf.org>
Thread-Topic: Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements
Thread-Index: Ac2SFfmCa9Xxrf87RGaEESJmUK5LWw==
Date: Fri, 14 Sep 2012 01:12:14 +0000
Message-ID: <DCD8C7A5A8B3E844AA2E2CBE327CDC9201329321@E10MB3.tituscorp.local>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [plasma] Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Sep 2012 01:12:30 -0000

I would like to see the clarification of how client applications handle the LockBox. In section 8.1.1 of Plasma Service Trust Processing, which describes the XML request created by the client which is sent to the server prior to creating the email's CMS form, it states that the LockBox is a "base64 encoded Recipient Info structure", but in section 3, Encoding Recipient Info, of Plasma Service CMS Processing (the only place I see a sufficiently detailed description of encoding PLASMA RecipientInfo structures), it says "A recipient info structure as defined in this document MUST be created by a Plasma server and MUST NOT be created by client software". I can see the latter making sense in RecipientInfo structures returned by the server to the client, but not in the client request for the CMS token. The question remains then what is supposed to go into the LockBox in the sending client's CMS token XML request.

If it is the PLASMA-LockBox ASN.1 structure described in section 3.2 of Plasma Service CMS Processing, then more clarity is needed as to exactly what the client should send to the PLASMA server in a CMS token request (e.g. is it everything but the RecipientInfo blob in the PLASMA-LockBox structure?, if labels and recipient names are already specified in XML in the CMS token request, does/should the client really need to create label and NamedRecipient structures in the PLASMA-LockBox? (I suspect not)).