IETF Logo Mail Archive

[plasma] Advanced Policies

"Fitch, Scott C" <scott.c.fitch@lmco.com> Thu, 04 August 2011 21:04 UTC

Return-Path: <scott.c.fitch@lmco.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA25611E8078 for <plasma@ietfa.amsl.com>; Thu, 4 Aug 2011 14:04:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yI-8+0iLzRRD for <plasma@ietfa.amsl.com>; Thu, 4 Aug 2011 14:04:28 -0700 (PDT)
Received: from mailfo01.lmco.com (mailfo01.lmco.com [192.31.106.12]) by ietfa.amsl.com (Postfix) with ESMTP id 7B8AD11E8077 for <plasma@ietf.org>; Thu, 4 Aug 2011 14:04:28 -0700 (PDT)
Received: from mailgw1a.lmco.com (ppalertrelay.lmco.com [192.31.106.7]) by mailfo01.lmco.com (8.14.3/8.14.3) with ESMTP id p74L4hn7025642 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <plasma@ietf.org>; Thu, 4 Aug 2011 22:04:44 +0100
Received: from emss07g01.ems.lmco.com (relay5.ems.lmco.com [166.29.2.16])by mailgw1a.lmco.com (LM-6) with ESMTP id p74L4hSI024822for <plasma@ietf.org>; Thu, 4 Aug 2011 15:04:43 -0600 (MDT)
Received: from CONVERSION2-DAEMON.lmco.com by lmco.com (PMDF V6.4 #31805) id <0LPF00A0197VIC@lmco.com> for plasma@ietf.org; Thu, 04 Aug 2011 21:04:43 +0000 (GMT)
Received: from hvxhtpn1.us.lmco.com ([158.186.148.30]) by lmco.com (PMDF V6.4 #31805) with ESMTP id <0LPF00E8B97OHY@lmco.com> for plasma@ietf.org; Thu, 04 Aug 2011 21:04:38 +0000 (GMT)
Received: from HVXMSP1.us.lmco.com ([158.186.148.20]) by hvxhtpn1.us.lmco.com ([158.186.148.30]) with mapi; Thu, 04 Aug 2011 17:04:37 -0400
Date: Thu, 04 Aug 2011 17:04:36 -0400
From: "Fitch, Scott C" <scott.c.fitch@lmco.com>
To: "plasma@ietf.org" <plasma@ietf.org>
Message-id: <3AED781EC260354F87ADB219D005398748CE6E40FD@HVXMSP1.us.lmco.com>
MIME-version: 1.0
Content-type: text/plain; charset="us-ascii"
Content-language: en-US
Content-transfer-encoding: 7bit
Thread-Topic: Advanced Policies
Thread-Index: AcxS6UmRuScoFAg+Sb2nWEWAV+gK5Q==
Accept-Language: en-US
acceptlanguage: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.4.6813, 1.0.211, 0.0.0000 definitions=2011-08-04_05:2011-08-04, 2011-08-04, 1970-01-01 signatures=0
Subject: [plasma] Advanced Policies
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Aug 2011 21:04:29 -0000

(Apologies for all the posts. Just trying to keep the threads separate for commenting.)

It's important to acknowledge that many Advanced policies will required information about the message beyond just the Policy identifier. An example from the export control world: An email may be governed by the ITAR policy, however, access control decisions are made based ITAR and the specific export license or agreement that applies to the message. Simply identifying that the document is export controlled doesn't given the PDP enough information to make a grant or deny decision.

Stated differently, an access decision is based on attributes about the requester, resource, environment, and action. The plasma scenarios for Advanced Policies should include the ability to convey attributes (labels) about the message (including, but not limited to the policy identifier) and attributes about the recipient.





Scott Fitch
Cyber Architect
Lockheed Martin Enterprise Business Services

v2.23.0 | Report a Bug | By Email