Re: [plasma] Security Boundary Inspection - outgoing messages

"Fitch, Scott C" <scott.c.fitch@lmco.com> Sat, 06 August 2011 21:38 UTC

Return-Path: <scott.c.fitch@lmco.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9700621F8519 for <plasma@ietfa.amsl.com>; Sat, 6 Aug 2011 14:38:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dybgpFzA7fJw for <plasma@ietfa.amsl.com>; Sat, 6 Aug 2011 14:38:32 -0700 (PDT)
Received: from mailfo02.lmco.com (mailfo02.lmco.com [192.35.35.12]) by ietfa.amsl.com (Postfix) with ESMTP id 07C7321F8505 for <plasma@ietf.org>; Sat, 6 Aug 2011 14:38:31 -0700 (PDT)
Received: from mailgw3a.lmco.com (mailgw3a.lmco.com [192.35.35.7]) by mailfo02.lmco.com (8.14.3/8.14.3) with ESMTP id p76LcpfV025852 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <plasma@ietf.org>; Sat, 6 Aug 2011 22:38:52 +0100
Received: from emss09g01.ems.lmco.com (relay6.ems.lmco.com [166.17.13.59])by mailgw3a.lmco.com (LM-6) with ESMTP id p76LcpKQ026139for <plasma@ietf.org>; Sat, 6 Aug 2011 17:38:51 -0400 (EDT)
Received: from CONVERSION2-DAEMON.lmco.com by lmco.com (PMDF V6.4 #31806) id <0LPJ0050104R5P@lmco.com> for plasma@ietf.org; Sat, 06 Aug 2011 21:38:51 +0000 (GMT)
Received: from hvxhtpn3.us.lmco.com ([158.186.148.32]) by lmco.com (PMDF V6.4 #31806) with ESMTP id <0LPJ0075L04MWH@lmco.com> for plasma@ietf.org; Sat, 06 Aug 2011 21:38:46 +0000 (GMT)
Received: from HVXMSP1.us.lmco.com ([158.186.148.20]) by hvxhtpn3.us.lmco.com ([158.186.148.32]) with mapi; Sat, 06 Aug 2011 17:38:46 -0400
Date: Sat, 06 Aug 2011 17:38:45 -0400
From: "Fitch, Scott C" <scott.c.fitch@lmco.com>
In-reply-to: <01b401cc53fe$32ea0d60$98be2820$@nwlink.com>
To: "'plasma@ietf.org'" <plasma@ietf.org>
Message-id: <3AED781EC260354F87ADB219D005398748CF9D124D@HVXMSP1.us.lmco.com>
MIME-version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-language: en-US
Content-transfer-encoding: 7BIT
Thread-Topic: [plasma] Security Boundary Inspection - outgoing messages
Thread-Index: AQEZIJHBH4p619w8LwMxiZ58fbHzTZZ1urfwgAEGleM=
Accept-Language: en-US
acceptlanguage: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.4.6813, 1.0.211, 0.0.0000 definitions=2011-08-06_04:2011-08-06, 2011-08-06, 1970-01-01 signatures=0
Subject: Re: [plasma] Security Boundary Inspection - outgoing messages
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Aug 2011 21:38:32 -0000

I think it makes sense to include in the same section as inbound inspection. Though plasma makes outbound inspection much easier over traditional s/mime, it doesn't help inbound spam filtering. Yes, partner enterprises or large ISPs may (pre)authorize messages goings to each other (which helps with malware proliferation). But I doubt that any spammer would be so kind. So we'll still have to rely heavily on other techniques for inbound messages. 

------
Sent from my BlackBerry

----- Original Message -----
From: Jim Schaad [mailto:jimsch@nwlink.com]
Sent: Saturday, August 06, 2011 01:59 AM
To: Fitch, Scott C; plasma@ietf.org <plasma@ietf.org>
Subject: EXTERNAL: RE: [plasma] Security Boundary Inspection - outgoing messages

Do you feel this needs to be a separate scenario, or can we just include it
as part of the current e-mail pipelineing section and discussion transitions
across boundaries in both directionsl

Jim


> -----Original Message-----
> From: plasma-bounces@ietf.org [mailto:plasma-bounces@ietf.org] On
> Behalf Of Fitch, Scott C
> Sent: Thursday, August 04, 2011 1:38 PM
> To: plasma@ietf.org
> Subject: [plasma] Security Boundary Inspection - outgoing messages
> 
> A scenario that is missing from the v02 of the document is the ability to
scan
> outgoing messages. Plasma offers a huge improvement over current S/MIME
> implementations. This capability is definitely of interest to
organizations who
> want to know what information is leaving their security boundaries via
email.
> I recommend adding it as an additional scenario to the document and would
> be willing to help write it up if needed.
> 
> 
> Scott Fitch
> Cyber Architect
> Lockheed Martin Enterprise Business Services
> 
> 
> _______________________________________________
> plasma mailing list
> plasma@ietf.org
> https://www.ietf.org/mailman/listinfo/plasma