Re: [plasma] "Recipient List" thread and Distribution Lists

"Jim Schaad" <ietf@augustcellars.com> Fri, 04 January 2013 19:09 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49AD421F8716 for <plasma@ietfa.amsl.com>; Fri, 4 Jan 2013 11:09:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.449
X-Spam-Level:
X-Spam-Status: No, score=-3.449 tagged_above=-999 required=5 tests=[AWL=0.149, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ftF9iXz31HTP for <plasma@ietfa.amsl.com>; Fri, 4 Jan 2013 11:09:46 -0800 (PST)
Received: from smtp4.pacifier.net (smtp4.pacifier.net [64.255.237.176]) by ietfa.amsl.com (Postfix) with ESMTP id 51D5921F870E for <plasma@ietf.org>; Fri, 4 Jan 2013 11:09:46 -0800 (PST)
Received: from Philemon (mail.augustcellars.com [50.34.17.238]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp4.pacifier.net (Postfix) with ESMTPSA id 757FA38F1D; Fri, 4 Jan 2013 11:09:38 -0800 (PST)
From: "Jim Schaad" <ietf@augustcellars.com>
To: "'Alan Borland'" <Alan.Borland@BoldonJames.com>, <plasma@ietf.org>
References: <0E5C08E16910F1409605822C0EC4DB5622037A47@bjex3.corps.boldonjames.com>
In-Reply-To: <0E5C08E16910F1409605822C0EC4DB5622037A47@bjex3.corps.boldonjames.com>
Date: Fri, 4 Jan 2013 11:09:17 -0800
Message-ID: <00de01cdeaae$ff1be640$fd53b2c0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00DF_01CDEA6B.F0FB3E50"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJ5rI3B+tobmEG9RDVCFDlVKhxk5ZbiAxTw
Content-Language: en-us
Subject: Re: [plasma] "Recipient List" thread and Distribution Lists
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2013 19:09:47 -0000

For a DL that is not Plasma enhanced, it will result in the final recipient
being unable to read the message as the Plasma server will refuse to grant
access to the message.  However this would assume that the DL is not
security aware and thus it is not expanding CMS lockboxes to begin with.
How the DL processes a message for which it cannot find a lockbox for itself
is going to be DL dependent.  It might just reject the message rather than
distributing it.  A Plasma server that knows a DL is not plasma enhanced
could create a lockbox for the DL which is not externally policy enforced,
thus the DL would process as today.

 

For a DL that is Plasma enhanced, the DL will create a new Plasma recipient
list and give it to the Plasma server.  The Plasma server will then return
either a new or an updated plasma CMS Recipient object to be placed in the
message. 

 

A DL that is partly Plasma enhanced would get the key from the Plasma
server, and then create new CMS lock boxes for all of the individuals on the
DL just as it does today.  This would lose the external policy enforcement
and might cause the originating plasma server to no longer grant access to
that DL.

 

Jim

 

 

From: plasma-bounces@ietf.org [mailto:plasma-bounces@ietf.org] On Behalf Of
Alan Borland
Sent: Friday, January 04, 2013 1:55 AM
To: 'plasma@ietf.org';
Subject: [plasma] "Recipient List" thread and Distribution Lists

 

Ignoring the syntax of the "Recipient List" for the moment, but how will the
recipient list mechanism work with distribution lists, especially those DLs
expanded by the mail server?  If on send I supply the plasma server
"dl@xyz.com"; as a <Recipient> and "fred@xyz.com"; receives a copy of the
message as a result of the DL expansion then will fred be able to read the
message?

 

Alan.

 

Alan Borland


Boldon James Limited, a QinetiQ company 

Mobile:        +44 (0)7810 556709
Direct:         +44 (0)1270 507841
Switch:        +44 (0)1270 507800
Email:           <mailto:alan.borland@boldonjames.com>
alan.borland@boldonjames.com
Email (R):     <mailto:abborland@qinetiq.r.mil.uk>
abborland@qinetiq.r.mil.uk
Web:
<x-excid://7DBF0000/pas:x-excid:/7DC00001/jmp:http:/www.boldonjames.com/>
www.boldonjames.com

 

 

 

 

 

 

Email classified by Boldon James Classifier -  <http://www.boldonjames.com>
www.boldonjames.com