Re: [plasma] Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements

Ed Simon <> Thu, 04 October 2012 02:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E798E1F0C80 for <>; Wed, 3 Oct 2012 19:03:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id KcSaIcAEPUht for <>; Wed, 3 Oct 2012 19:03:05 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 0D9231F0C84 for <>; Wed, 3 Oct 2012 19:03:04 -0700 (PDT)
Received: from [] by id CC/CF-04534-85EEC605; Thu, 04 Oct 2012 02:03:04 +0000
X-Originating-IP: []
X-StarScan-Version:; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 17996 invoked from network); 4 Oct 2012 02:03:03 -0000
Received: from (HELO ( by with AES128-SHA encrypted SMTP; 4 Oct 2012 02:03:03 -0000
Received: from E10MB3.tituscorp.local ([fe80::84f4:cfbe:f32f:9a5]) by E10CH1.tituscorp.local ([]) with mapi id 14.03.0083.000; Wed, 3 Oct 2012 22:03:01 -0400
From: Ed Simon <>
To: Jim Schaad <>, "" <>
Thread-Topic: [plasma] Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements
Thread-Index: Ac2SFfmCa9Xxrf87RGaEESJmUK5LWwJaKH0AAZUhI/Y=
Date: Thu, 04 Oct 2012 02:03:00 +0000
Message-ID: <DCD8C7A5A8B3E844AA2E2CBE327CDC920133F1CE@E10MB3.tituscorp.local>
References: <DCD8C7A5A8B3E844AA2E2CBE327CDC9201329321@E10MB3.tituscorp.local>, <010b01cd9b5d$19d92f20$4d8b8d60$>
In-Reply-To: <010b01cd9b5d$19d92f20$4d8b8d60$>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [plasma] Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 04 Oct 2012 02:03:06 -0000

Thanks Jim,

That does help clarify the specifications. For additional clarity, I think it might be helpful, for each of the scenarios you list, and the one where the client agent specifies both recipientInfos and the content encryption key (the spec indicates both may be specified in the same Send request, though in some ways they seem mutually exclusive), to have a specific list of steps with each step pointing to which sections of the two specifications are applicable.


From: Jim Schaad []
Sent: Tuesday, September 25, 2012 16:33
To: Ed Simon;
Subject: RE: [plasma] Clarification of how client applications handle the LockBox in client in <plasma:GetCMSToken> elements

I apologize for the delay, I have been doing more traveling than I expected.

Would the following text make things clearer?

When sending a Plasma enabled message, there are three different classes of
recipients that need to be considered.  The information sent for these three
classes differs.  The three classes are:

1.  No Policy Protection - These recipients are those for which no Plasma
policy protection is to be applied.  Often times the sender of the message
will fall into this class of recipient.  For recipients in this class the
Plasma server is not involved, the sender creates a lock box as if the
Plasma server was not present and places the lock box in to the recipient
info structure as normal.

2.  Policy protected for a specific recipient - This case exists to allow a
message to be policy protected, but also not allow the policy server to any
access to the message.  For recipients of this class access can be denied to
existing recipients by the Plasma server, but new recipients cannot be added
to the list.  For recipients in this class, the sender agent builds a normal
recipient info structure for the recipient, but instead of placing it in the
message direct, it is given to the Plasma server along with the policy to be
satisfied before the lock box is released to the recipient.  The Plasma
server includes  this recipient inside of the Plasma lock box which is
returned to the sender for inclusion in the recipient info structure.

3.  Policy Protected generic recipient - These recipients are those for
which the inclusion in the group of individuals able to decrypt the message
is based solely on the policy.  For these recipients, the sender supplies
the Plasma server with the policy to be applied for inclusion as a recipient
and the content encryption key.  The server then returns this information in
it's Plasma encrypted lock box for inclusion in the  recipient info
structure.  This recipient class must be used if a server is going to do
pre-approval of recipients as described in section XXX of [Requirements].

> -----Original Message-----
> From: [] On
> Behalf Of Ed Simon
> Sent: Thursday, September 13, 2012 6:12 PM
> To:
> Subject: [plasma] Clarification of how client applications handle the
> in client in <plasma:GetCMSToken> elements
> I would like to see the clarification of how client applications handle
> LockBox. In section 8.1.1 of Plasma Service Trust Processing, which
> the XML request created by the client which is sent to the server prior to
> creating the email's CMS form, it states that the LockBox is a "base64
> encoded Recipient Info structure", but in section 3, Encoding Recipient
> of Plasma Service CMS Processing (the only place I see a sufficiently
> description of encoding PLASMA RecipientInfo structures), it says "A
> recipient info structure as defined in this document MUST be created by a
> Plasma server and MUST NOT be created by client software". I can see the
> latter making sense in RecipientInfo structures returned by the server to
> client, but not in the client request for the CMS token. The question
> then what is supposed to go into the LockBox in the sending client's CMS
> token XML request.
> If it is the PLASMA-LockBox ASN.1 structure described in section 3.2 of
> Plasma Service CMS Processing, then more clarity is needed as to exactly
> what the client should send to the PLASMA server in a CMS token request
> (e.g. is it everything but the RecipientInfo blob in the PLASMA-LockBox
> structure?, if labels and recipient names are already specified in XML in
> CMS token request, does/should the client really need to create label and
> NamedRecipient structures in the PLASMA-LockBox? (I suspect not)).
> Ed
> _______________________________________________
> plasma mailing list