[plasma] FW: New Version Notification for draft-freeman-plasma-requirements-10.txt

Trevor Freeman <trevorf@exchange.microsoft.com> Tue, 20 May 2014 00:24 UTC

Return-Path: <trevorf@exchange.microsoft.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 2A1151A0457 for <plasma@ietfa.amsl.com>; Mon, 19 May 2014 17:24:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id eC5e8-_O2IOm for <plasma@ietfa.amsl.com>; Mon, 19 May 2014 17:24:24 -0700 (PDT)
Received: from na01-sn2-obe.outbound.o365filtering.com (mail-sn2on0600.outbound.o365filtering.com [IPv6:2a01:111:f400:fc04::600]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1D161A0450 for <plasma@ietf.org>; Mon, 19 May 2014 17:24:23 -0700 (PDT)
Received: from BL2SR01CA102.namsdf01.sdf.exchangelabs.com ( by BL2SR01MB594.namsdf01.sdf.exchangelabs.com ( with Microsoft SMTP Server (TLS) id 15.0.954.7; Tue, 20 May 2014 00:23:58 +0000
Received: from BY1FFOFD001.ffo.gbl (2a01:111:f400:7c00::89) by BL2SR01CA102.outlook.office365.com (2a01:111:e400:c01::19) with Microsoft SMTP Server (TLS) id 15.0.954.7 via Frontend Transport; Tue, 20 May 2014 00:23:58 +0000
Received: from hybrid.exchange.microsoft.com ( by BY1FFOFD001.mail.o365filtering.com ( with Microsoft SMTP Server (TLS) id 15.0.949.3 via Frontend Transport; Tue, 20 May 2014 00:23:58 +0000
Received: from DFM-TK5MBX15-07.exchange.corp.microsoft.com ( by DFM-TK5EDG15-02.exchange.corp.microsoft.com ( with Microsoft SMTP Server (TLS) id 15.0.913.21; Mon, 19 May 2014 17:23:55 -0700
Received: from DFM-TK5MBX15-07.exchange.corp.microsoft.com ( by DFM-TK5MBX15-07.exchange.corp.microsoft.com ( with Microsoft SMTP Server (TLS) id 15.0.913.20; Mon, 19 May 2014 17:23:54 -0700
Received: from DFM-TK5MBX15-07.exchange.corp.microsoft.com ([]) by DFM-TK5MBX15-07.exchange.corp.microsoft.com ([]) with mapi id 15.00.0913.011; Mon, 19 May 2014 17:23:54 -0700
From: Trevor Freeman <trevorf@exchange.microsoft.com>
To: "plasma@ietf.org" <plasma@ietf.org>
Thread-Topic: New Version Notification for draft-freeman-plasma-requirements-10.txt
Thread-Index: AQHPc8EDP6epYZO77EeBapctJs6nCJtImwZQ
Date: Tue, 20 May 2014 00:23:53 +0000
Message-ID: <7822d29b34984bb8bc6d53f15dd8f5cf@DFM-TK5MBX15-07.exchange.corp.microsoft.com>
References: <20140520001812.23974.20875.idtracker@ietfa.amsl.com>
In-Reply-To: <20140520001812.23974.20875.idtracker@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-originating-ip: []
Content-Type: multipart/mixed; boundary="_002_7822d29b34984bb8bc6d53f15dd8f5cfDFMTK5MBX1507exchangeco_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(377424004)(13464003)(189002)(199002)(377454003)(76786001)(81342001)(99396002)(44976005)(76796001)(84676001)(81542001)(69226001)(4396001)(53806002)(54356002)(66066001)(47446003)(20776003)(80022001)(77982001)(19580405001)(83322001)(64706001)(68736004)(19580395003)(6806004)(15975445006)(33646001)(74366001)(76482001)(2656002)(46102001)(87266001)(87936001)(93136001)(93516002)(94946001)(95416001)(94316002)(74876001)(74706001)(74662001)(31966008)(74502001)(512874002)(15202345003)(90146001)(85852003)(83072002)(99936001)(63696004)(2009001)(65816002)(56816006)(59766002)(56776002)(71186001)(95666003)(47976003)(54316003)(97336001)(92566001)(51856002)(47736002)(49866002)(85306002)(97186001)(81686001)(81816001)(79102001)(568964001)(50986002)(77096001)(21056001)(84326002)(98676001)(97736001)(24736002); DIR:OUT; SFP:1101; SCL:1; SRVR:BL2SR01MB594; H:hybrid.exchange.microsoft.com; FPR:; PTR:InfoDomainNonexistent; MX:1; LANG:en;
X-Exchange-Antispam-Report-Test: BL:0; ACTION:Default; RISK:Low; SCL:0; SPMLVL:NotSpam; PCL:0; RULEID:
X-Forefront-PRVS: 02176E2458
X-OriginatorOrg: exchange.microsoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/plasma/SODlb15jryYcUJ7Yzf-VN3-tzVg
Subject: [plasma] FW: New Version Notification for draft-freeman-plasma-requirements-10.txt
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma/>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 May 2014 00:24:27 -0000

Hi folks,

Here is v10 of the requirements draft with Peter Yee's comments plus some requirements clean up

Attached is the updated word doc with my comments to Peter.


-----Original Message-----
From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] 
Sent: Monday, May 19, 2014 5:18 PM
To: Patrick Patterson; Trevor Freeman; Jim Schaad; Jim Schaad; Patrick Patterson; Trevor Freeman
Subject: New Version Notification for draft-freeman-plasma-requirements-10.txt

A new version of I-D, draft-freeman-plasma-requirements-10.txt
has been successfully submitted by Trevor Freeman and posted to the IETF repository.

Name:		draft-freeman-plasma-requirements
Revision:	10
Title:		Requirements for Message Access Control
Document date:	2014-05-19
Group:		Individual Submission
Pages:		49
URL:            http://www.ietf.org/internet-drafts/draft-freeman-plasma-requirements-10.txt
Status:         https://datatracker.ietf.org/doc/draft-freeman-plasma-requirements/
Htmlized:       http://tools.ietf.org/html/draft-freeman-plasma-requirements-10
Diff:           http://www.ietf.org/rfcdiff?url2=draft-freeman-plasma-requirements-10

  S/MIME delivers confidentiality, integrity, and data origination
  authentication for email. However, there are many situations where
  organizations also want robust access control applied to information
  in messages. The Enhanced Security Services (ESS) RFC5035 for S/MIME
  defines an access control mechanism for email, but the  access check
  happens after the data is decrypted by the recipient which devalues
  the protection afforded by the cryptography and provides very weak
  guarantees of policy compliance. Another major issues for S/MIME is
  its dependency on a single type of identity credential, an X.509
  certificate. Many users on the Internet today do not have X.509
  certificates and therefore cannot use S/MIME.  Furthermore, the
  requirement to discover the X.509 certificate for every recipient of
  an encrypted message by the sender has proven to be an unreliable
  process for a number of reasons.

  This document presents requirements for an alternative model to ESS to
  address the identified issues with access control in order to deliver
  more robust compliance for S/MIME protected messages. This document
  describes an access control model which uses cryptographic keys to
  enforce access control policy decisions where the policy check is
  performed prior to the decryption of the message contents. This
  authorization model can be instantiated using many existing standard
  and is in not intended to be a one off just for email and can also be
  applied to other data types.

  This document also presents requirements for the abstraction of the
  specifics of the authentication technologies used by S/MIME users. The
  abstraction makes it possible for other forms of authentication
  credentials to be used with S/MIME thereby enabling much broader
  adoption. The authentication abstraction model also removes the
  dependency on the need to discover encryption keys by the sender. This
  abstraction can be used independently from access control to enable
  simple scenarios where authentication of the recipient is sufficient
  to grant access to the message.

  The name Plasma was assigned to this effort as part of the IETF
  process. It is derived from PoLicy enhAnced Secure eMAil.


Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat