[plasma] FW: New Version Notification for draft-freeman-plasma-requirements-10.txt
Trevor Freeman <trevorf@exchange.microsoft.com> Tue, 20 May 2014 00:24 UTC
Return-Path: <trevorf@exchange.microsoft.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 2A1151A0457
for <plasma@ietfa.amsl.com>; Mon, 19 May 2014 17:24:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id eC5e8-_O2IOm for <plasma@ietfa.amsl.com>;
Mon, 19 May 2014 17:24:24 -0700 (PDT)
Received: from na01-sn2-obe.outbound.o365filtering.com
(mail-sn2on0600.outbound.o365filtering.com [IPv6:2a01:111:f400:fc04::600])
(using TLSv1 with cipher AES128-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id E1D161A0450
for <plasma@ietf.org>; Mon, 19 May 2014 17:24:23 -0700 (PDT)
Received: from BL2SR01CA102.namsdf01.sdf.exchangelabs.com (10.255.109.147) by
BL2SR01MB594.namsdf01.sdf.exchangelabs.com (10.255.109.165) with
Microsoft
SMTP Server (TLS) id 15.0.954.7; Tue, 20 May 2014 00:23:58 +0000
Received: from BY1FFOFD001.ffo.gbl (2a01:111:f400:7c00::89) by
BL2SR01CA102.outlook.office365.com (2a01:111:e400:c01::19) with Microsoft
SMTP Server (TLS) id 15.0.954.7 via Frontend Transport; Tue, 20 May 2014
00:23:58 +0000
Received: from hybrid.exchange.microsoft.com (131.107.147.100) by
BY1FFOFD001.mail.o365filtering.com (10.1.16.83) with Microsoft SMTP Server
(TLS) id 15.0.949.3 via Frontend Transport; Tue, 20 May 2014 00:23:58 +0000
Received: from DFM-TK5MBX15-07.exchange.corp.microsoft.com (157.54.109.46) by
DFM-TK5EDG15-02.exchange.corp.microsoft.com (157.54.27.97) with
Microsoft
SMTP Server (TLS) id 15.0.913.21; Mon, 19 May 2014 17:23:55 -0700
Received: from DFM-TK5MBX15-07.exchange.corp.microsoft.com (157.54.109.46) by
DFM-TK5MBX15-07.exchange.corp.microsoft.com (157.54.109.46) with
Microsoft
SMTP Server (TLS) id 15.0.913.20; Mon, 19 May 2014 17:23:54 -0700
Received: from DFM-TK5MBX15-07.exchange.corp.microsoft.com ([157.54.109.46])
by DFM-TK5MBX15-07.exchange.corp.microsoft.com ([169.254.7.74]) with mapi id
15.00.0913.011; Mon, 19 May 2014 17:23:54 -0700
From: Trevor Freeman <trevorf@exchange.microsoft.com>
To: "plasma@ietf.org" <plasma@ietf.org>
Thread-Topic: New Version Notification for
draft-freeman-plasma-requirements-10.txt
Thread-Index: AQHPc8EDP6epYZO77EeBapctJs6nCJtImwZQ
Date: Tue, 20 May 2014 00:23:53 +0000
Message-ID: <7822d29b34984bb8bc6d53f15dd8f5cf@DFM-TK5MBX15-07.exchange.corp.microsoft.com>
References: <20140520001812.23974.20875.idtracker@ietfa.amsl.com>
In-Reply-To: <20140520001812.23974.20875.idtracker@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.13]
Content-Type: multipart/mixed;
boundary="_002_7822d29b34984bb8bc6d53f15dd8f5cfDFMTK5MBX1507exchangeco_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.147.100; IPV:NLI; EFV:NLI; SFV:NSPM;
SFS:(10009001)(377424004)(13464003)(189002)(199002)(377454003)(76786001)(81342001)(99396002)(44976005)(76796001)(84676001)(81542001)(69226001)(4396001)(53806002)(54356002)(66066001)(47446003)(20776003)(80022001)(77982001)(19580405001)(83322001)(64706001)(68736004)(19580395003)(6806004)(15975445006)(33646001)(74366001)(76482001)(2656002)(46102001)(87266001)(87936001)(93136001)(93516002)(94946001)(95416001)(94316002)(74876001)(74706001)(74662001)(31966008)(74502001)(512874002)(15202345003)(90146001)(85852003)(83072002)(99936001)(63696004)(2009001)(65816002)(56816006)(59766002)(56776002)(71186001)(95666003)(47976003)(54316003)(97336001)(92566001)(51856002)(47736002)(49866002)(85306002)(97186001)(81686001)(81816001)(79102001)(568964001)(50986002)(77096001)(21056001)(84326002)(98676001)(97736001)(24736002);
DIR:OUT; SFP:1101; SCL:1; SRVR:BL2SR01MB594; H:hybrid.exchange.microsoft.com;
FPR:; PTR:InfoDomainNonexistent; MX:1; LANG:en;
X-Exchange-Antispam-Report-Test: BL:0; ACTION:Default; RISK:Low; SCL:0;
SPMLVL:NotSpam; PCL:0; RULEID:
X-Forefront-PRVS: 02176E2458
X-OriginatorOrg: exchange.microsoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/plasma/SODlb15jryYcUJ7Yzf-VN3-tzVg
Subject: [plasma] FW: New Version Notification for
draft-freeman-plasma-requirements-10.txt
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list."
<plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>,
<mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma/>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>,
<mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 May 2014 00:24:27 -0000
Hi folks, Here is v10 of the requirements draft with Peter Yee's comments plus some requirements clean up Attached is the updated word doc with my comments to Peter. Trevor -----Original Message----- From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] Sent: Monday, May 19, 2014 5:18 PM To: Patrick Patterson; Trevor Freeman; Jim Schaad; Jim Schaad; Patrick Patterson; Trevor Freeman Subject: New Version Notification for draft-freeman-plasma-requirements-10.txt A new version of I-D, draft-freeman-plasma-requirements-10.txt has been successfully submitted by Trevor Freeman and posted to the IETF repository. Name: draft-freeman-plasma-requirements Revision: 10 Title: Requirements for Message Access Control Document date: 2014-05-19 Group: Individual Submission Pages: 49 URL: http://www.ietf.org/internet-drafts/draft-freeman-plasma-requirements-10.txt Status: https://datatracker.ietf.org/doc/draft-freeman-plasma-requirements/ Htmlized: http://tools.ietf.org/html/draft-freeman-plasma-requirements-10 Diff: http://www.ietf.org/rfcdiff?url2=draft-freeman-plasma-requirements-10 Abstract: S/MIME delivers confidentiality, integrity, and data origination authentication for email. However, there are many situations where organizations also want robust access control applied to information in messages. The Enhanced Security Services (ESS) RFC5035 for S/MIME defines an access control mechanism for email, but the access check happens after the data is decrypted by the recipient which devalues the protection afforded by the cryptography and provides very weak guarantees of policy compliance. Another major issues for S/MIME is its dependency on a single type of identity credential, an X.509 certificate. Many users on the Internet today do not have X.509 certificates and therefore cannot use S/MIME. Furthermore, the requirement to discover the X.509 certificate for every recipient of an encrypted message by the sender has proven to be an unreliable process for a number of reasons. This document presents requirements for an alternative model to ESS to address the identified issues with access control in order to deliver more robust compliance for S/MIME protected messages. This document describes an access control model which uses cryptographic keys to enforce access control policy decisions where the policy check is performed prior to the decryption of the message contents. This authorization model can be instantiated using many existing standard and is in not intended to be a one off just for email and can also be applied to other data types. This document also presents requirements for the abstraction of the specifics of the authentication technologies used by S/MIME users. The abstraction makes it possible for other forms of authentication credentials to be used with S/MIME thereby enabling much broader adoption. The authentication abstraction model also removes the dependency on the need to discover encryption keys by the sender. This abstraction can be used independently from access control to enable simple scenarios where authentication of the recipient is sufficient to grant access to the message. The name Plasma was assigned to this effort as part of the IETF process. It is derived from PoLicy enhAnced Secure eMAil. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [plasma] FW: New Version Notification for draft-f… Trevor Freeman