Re: OPES and content path security




Abbie Barbir wrote:

 > True end-to-end encryption should be used by the primary
 > parties for data for which intermediaries are not trusted; some
 > intermediaries may impose this themselves.
here we need to be very carefull, how do you know which services aretrusted and which ones are not?? How do you signal that, and how do youverify ??



I think my wording might have caused an issue to be raised earlier
in the trust model than I intended.

In the case in which intermediaries are not trusted, there is no
signalling.  The endpoints use end-to-end encryption, period.  The last
part of the sentence, after the semicolon, indicates that even if the
data is not considered confidential by the primary parties, the
intermediaries might still use negotiate intermediary path encryption
on their own.

Later parts of the original message in this thread discuss the fact
that the primary parties may trust the intermediaries to handle
data that must be kept confidential.

Hilarie

<Prev in Thread]	Current Thread	[Next in Thread>
OPES and content path security, The Purple Streak (Hilarie Orman) Re: OPES and content path security, Markus Hofmann OPES and content path security, The Purple Streak (Hilarie Orman) RE: OPES and content path security, Abbie Barbir Re: OPES and content path security, The Purple Streak (Hilarie Orman) <= Re: OPES and content path security, The Purple Streak (Hilarie Orman)

Previous by Date:	RE: Tentative OPES Agenda for IETF 53, Ian Cooper
Next by Date:	Re: Tentative OPES Agenda for IETF 53, Condry, Michael W.
Previous by Thread:	RE: OPES and content path security, Abbie Barbir
Next by Thread:	Re: OPES and content path security, The Purple Streak (Hilarie Orman)
Indexes:	[Date] [Thread] [Top] [All Lists]