Trevor is having issues sending to the list, so some of you might have missed seeing that a new version of this document has been published.
Jim > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Friday, July 06, 2012 1:43 PM > To: [email protected] > Cc: [email protected]; [email protected] > Subject: New Version Notification for draft-freeman-plasma-requirements- > 02.txt > > > A new version of I-D, draft-freeman-plasma-requirements-02.txt > has been successfully submitted by Trevor Freeman and posted to the > IETF repository. > > Filename: draft-freeman-plasma-requirements > Revision: 02 > Title: Requirements for Message Access Control > Creation date: 2012-07-06 > WG ID: Individual Submission > Number of pages: 53 > URL: http://www.ietf.org/internet-drafts/draft-freeman-plasma- > requirements-02.txt > Status: http://datatracker.ietf.org/doc/draft-freeman-plasma- > requirements > Htmlized: http://tools.ietf.org/html/draft-freeman-plasma- > requirements-02 > Diff: http://tools.ietf.org/rfcdiff?url2=draft-freeman-plasma- > requirements-02 > > Abstract: > There are many situations where organizations want to protect > information with robust access control, either for implementation of > intellectual property right protections, enforcement of contractual > confidentiality agreements or because of legal regulations. The > Enhanced Security Services (ESS) for S/MIME defines an access control > mechanism which is enforced by the recipient's client after > decryption of the message. The ESS mechanism therefore is dependent > on the correct access policy configuration of every recipient's > client. This mechanism also provides full access to the data to all > recipients prior to the access control check, this is considered to > be inadequate due to the difficulty in demonstrating policy > compliance. > > This document lays out the deficiencies of the current ESS security > label, and presents requirements for a new model for doing/providing > access control to messages where the access check is performed prior > to message content decryption. This new model also does not require > policy configuration on the client to simplify deployment and > compliance verification. > > The proposed model additionally provides a method where non-X.509 > certificate credentials can be used for encryption/decryption of > S/MIME messages. > > > > > The IETF Secretariat _______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
