FYI, I have just posed draft 8 which contains the fixed from the last set of comments from the document shepherd.
Please review and send comments to me as I want to get this document to the IESG for publication. Thanks -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Monday, October 21, 2013 1:13 PM To: Patrick Patterson; Jim Schaad; Trevor Freeman Subject: New Version Notification for draft-freeman-plasma-requirements-08.txt A new version of I-D, draft-freeman-plasma-requirements-08.txt has been successfully submitted by Trevor Freeman and posted to the IETF repository. Filename: draft-freeman-plasma-requirements Revision: 08 Title: Requirements for Message Access Control Creation date: 2013-10-21 Group: Individual Submission Number of pages: 62 URL: http://www.ietf.org/internet-drafts/draft-freeman-plasma-requirements-08.txt Status: http://datatracker.ietf.org/doc/draft-freeman-plasma-requirements Htmlized: http://tools.ietf.org/html/draft-freeman-plasma-requirements-08 Diff: http://www.ietf.org/rfcdiff?url2=draft-freeman-plasma-requirements-08 Abstract: There are many situations where organizations want to protect information with robust access control, either for implementation of intellectual property right protections, enforcement of contractual confidentiality agreements or because of legal regulations. The Enhanced Security Services (ESS) for S/MIME defines an access control mechanism for email which is enforced by the recipient's client after decryption of the message. The ESS mechanism therefore is dependent on the correct access policy configuration of every recipient's client. This mechanism also provides full access to the data to all recipients prior to the access control check, which is considered to be inadequate for robust access control due to the difficulty in demonstrating policy compliance. This document lays out the deficiencies of the current ESS security label, and presents requirements for a new model for providing access control to messages where the access check is performed prior to message content decryption. This new model also does not require policy configuration on the client thereby simplifying deployment and compliance verification. The proposed model additionally provides a method where non-X.509 certificate credentials can be used for encryption/decryption of S/MIME messages. The name Plasma was assigned to this effort as part of the IETF process. It is derived from PoLicy enhAnced Secure eMAil. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
