Policy does not distinguish in what form the data is held. So information persisted in email is subject to the same policy as the same information persisted in a word document.
Yes we have to bind data to some set of policies. The semantics for email and documents are the same. Overall the Alice case you cited is too simple. A more realist example is Alice has some data and wants to apply policy X and Y to her data Bob has some data and wants to apply policy Z to his data Policies X, Y and Z each defines a set of authorized recipients. Alice and Bob's data had become comingled so now policies X Y and Z have to be enforced. In an ideal world we would want to identify Alice's and Bob's data and bind it to its respective polices. In a less than perfect world we may enforce access at the container level which is an incremental improvement on what we have today. From: Phillip Hallam-Baker [mailto:[email protected]] Sent: Tuesday, April 12, 2011 12:31 PM To: Trevor Freeman Cc: Leif Johansson; [email protected] Subject: Re: [plasma] why not web portal mail? If we consider the Word, Excel and Diplomatic cables examples, the data is static and to be controlled under a policy regardless of what channels it might be transferred or transmitted through. The protocol requirement here in my view is to enable applications to determine how to apply the security policy identified as X to the data object Y. On Tue, Apr 12, 2011 at 2:41 PM, Trevor Freeman <[email protected]<mailto:[email protected]>> wrote: If you consider XMPP case it is easier because there is no expectation of data persistence. It's a synchronous protocol where all parties are online together exchanging information and that information is not persisted one the session is ended. -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Leif Johansson Sent: Tuesday, April 12, 2011 7:21 AM To: [email protected]<mailto:[email protected]> Subject: Re: [plasma] why not web portal mail? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/06/2011 09:33 PM, Trevor Freeman wrote: > Stephen Farrell asked why not use Web portal mail? Why do we need to develop > plasma? Maybe that question is easier to answer if we consider plasma for XMPP and not just for email. There are important differences between XMPP and email that make it much more challenging to build web-only versions of the XMPP. Cheers Leif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk2kX+UACgkQ8Jx8FtbMZndeOwCcC1BQafbUXYLHJZKxsuAcV8eS 6ukAnA0JGhMsLdmh+WG+GqEUoVMWj7+e =5lPF -----END PGP SIGNATURE----- _______________________________________________ plasma mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/plasma _______________________________________________ plasma mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/plasma -- Website: http://hallambaker.com/
_______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
