> In a corporate context, this makes perfect sense. If I am downloading company > confidential > material to my laptop, I want to be able to read it on the laptop but I don't > want to accidentally > send a copy to someone else by doing an unfortunate 'reply all'.
So another thing to note in security considerations is that this is a scheme intended to protect well behaved actors who have good habits and an honest software ecosystem from causing damage due to specific single honest mistakes. It is not intended to protect against adversaries, well behaved actors who have sloppy habits, well behaved actors who make more than one mistake on the same message (reply all + attachment with no tag/inappropriate tag), or well behaved actors who make a single mistake from which multiple correlated incorrect actions are derived (misclassify content -> incorrect content tag/incorrect mailing list). In light of these things, I think any language about "ensuring that policy is followed" or the like should just be expunged. If the target is to encourage well-meaning partners to do the accepted thing, that's how it should be presented. Bryce _______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
