JR: The point is that security policies may be matched at boundaries,
they need not be homogeneous across all domains.
I wasn't implying that the security policies must be homogeneous. The
originator and each entity that processes the message can perform its own
local translation of the common identical security label to the appropriate
security policy for local processing.
JR: I agree the originators label cannot be changed as that would invalidate
the signature. That is not what is being proposed,
what is being proposed is the ability to add signed labels by security
at domain boundaries. Which label is then used by the recipient is a matter
of local security policy.
That requirememt can be met by the current ESS eSSSecurityLabel strategy
such that the recipient can distinguish the eSSSecurityLabel applied by the
original signer from those applied by intermediate entities.
JR: We agree on this point. But the label added by the gateway may be
different but have equivalent semantic and handling requirement.
For example, if the label has any human semantics it may use a different
language, the orginator uses English, the recipeint French, the gateway
to the French domain adds the French label.
That requirememt can be met by the current ESS eSSSecurityLabel strategy.