[plasma] S/MIME for document control

Phillip Hallam-Baker <hallam@gmail.com> Fri, 04 February 2011 15:59 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: plasma@core3.amsl.com
Delivered-To: plasma@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 14A1B3A6903 for <plasma@core3.amsl.com>; Fri, 4 Feb 2011 07:59:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.626
X-Spam-Level:
X-Spam-Status: No, score=-3.626 tagged_above=-999 required=5 tests=[AWL=-0.028, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eyms6uJuQtT8 for <plasma@core3.amsl.com>; Fri, 4 Feb 2011 07:59:43 -0800 (PST)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by core3.amsl.com (Postfix) with ESMTP id A43993A6969 for <plasma@ietf.org>; Fri, 4 Feb 2011 07:59:43 -0800 (PST)
Received: by gwb20 with SMTP id 20so1096460gwb.31 for <plasma@ietf.org>; Fri, 04 Feb 2011 08:03:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:date:message-id:subject:from:to :content-type; bh=Jpap5N+75c4RFV72/1NkCSm4KHpR0Te4zxltyAG3mAE=; b=m4mJNfTDgCiu1OXF+271oiMHfnT3GcwdikdxWQMQQXWkHbhrbhecXlAXeXzUP2QQ2r Kd4af/amZ63TOUhs6Ng9kkTY7yHs+5/Rh0Na5NZJtQp0s+8ggO/x4b8Wyw9wVpTI+J4N mrwLLt9Y1McWQU1ShCbmkPDBE7M9FJMy+JM5Q=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=nFyDBOCEu/wR3MLGI8yUQeUoSoauwIE/2OdD1MEc5XxFKBeSdbMAHK4HsQVd8uB0Dn DAZAU7v/DmSd6oS2JdpIE7o2orFrZEYCxk/wMQ4O3199NlnPoccIGw7YonQRU0drSsf8 zSEfk/Rl0ERMzdc+DcP26KzwEnnOUefcWnEEU=
MIME-Version: 1.0
Received: by 10.100.48.3 with SMTP id v3mr7738761anv.154.1296835388497; Fri, 04 Feb 2011 08:03:08 -0800 (PST)
Received: by 10.100.242.14 with HTTP; Fri, 4 Feb 2011 08:03:08 -0800 (PST)
Date: Fri, 4 Feb 2011 11:03:08 -0500
Message-ID: <AANLkTim9-k0vn4JhW6-YHU12OMLgxGHdqmCf+4Q9Aw0P@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: plasma@ietf.org
Content-Type: multipart/alternative; boundary=0016e645b8c4a9e0c0049b770443
Subject: [plasma] S/MIME for document control
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Feb 2011 15:59:45 -0000

I have been thinking for a while that S/MIME is probably less useful as a
mail security feature as a document security feature.

Imagine that I could tag a file from Word or Excel with a security policy so
that it woud be automatically saved in an encrypted CMS package with
decryption keys for both me and a document server.

That would be the best way to make sure that the document is encrypted
end-to-end which these days means securing the document in the end point
mobile device as at least as great a priority as on the wire.

There are CMS systems for inside enterprises, but use seems to be marginal
at best and the most interesting/confidential documents in a commercial
environment are almost exclusively those that have to be passed to other
companies to fullfil their function. I.e. the ones exchanged with lawyers,
customers etc. Even patient records need to be exchanged with specialists
from other hospitals.


There is a relevant patent that covers the efficient way to do this -
http://www.freepatentsonline.com/5481613.html, issued in 1994. Currently
assigned to Entrust I believe. Thats only three years and a few months.



-- 
Website: http://hallambaker.com/