This seems to have wound down, but not truly concluded. While I agree with
David that further discussion of the "multiple labels" question seems
fruitless, I raised a slightly different point in my earlier posting which has
gotten lost amongst the many salvos exchanged.
In one of my earlier postings, I noted the scenario in which the originator
includes either or both of an "information" or "system" security label. If
both labels are present, the information label will convey the "true" label of
the content from the originator to the recipient. The system label will convey
the label of the content to be used for access control purposes. In this case,
both labels are provided simultaneously by the same signer, but convey a
deliberately different semantic.
I would like to come to a conclusion that has ESS describe how to provide
this dual-marking.
In my mind, it would be unnecessarily inefficient to convey each of these
in a separate signerInfo elements since they are both generated by the same
signer. However, it would be reasonable to use a different attribute ID for
the information label and simply exempt it from ACDF processing (which is
semantically consistent anyway). What I proposed in my original post was
somewhat more efficient, but separate attributes would keep us off any slippery
slopes.
Thoughts?
Chris
---------------------------------------------------------------
| International Electronic Communication Analysts, Inc. |
| Christopher D. Bonatti 9010 Edgepark Road |
| Principal Engineer Vienna, Virginia 22182 |
| bonattic(_at_)ieca(_dot_)com Tel: 301-212-9428 Fax: 703-506-8377 |
---------------------------------------------------------------