Jim (and friends),
Thank you for your response. I have a few comments:
1) Please remember that this is an optional feature, not every S/MIME
implementor would be forced to implement the equivalentLabel attribute. It
is not that hard to write software that performs equivalency mapping. Van
Dyke has developed code that performs equivalency mapping using a
configuration file that indicates the equivalencies between the security
classifications and security categories in a one domain with those in one or
more remote domains. The source code is available at
http://www.armadillo.huntsville.al.us/software if you would like to take a
look.
2) This is an optional feature, a recipient can totally ignore the
equivalentLabel attribute if it so desires. Because the original signer's
ESSSecurityLabel is present in every signerInfo, the original signer's
security label selections are unambiguous. The receiving software can act
solely on the original signer's security label selections.
3) I was hoping that this proposal would be non-controversial and that we
could quickly reach consensus that it should be added to the ESS I-D. If
the WG can't reach consensus quickly, then I agree with you that the
equivlentLabel should not slow down progression of the ESS I-D.
- John Pawling
At 01:56 PM 5/23/98 -0700, Jim Schaad (Exchange) wrote:
John,
I'm going to think about and read this a few more times, but at first blush
I am againist this for a couple of different reasons.
1. It sounds really hard, my first impression is that this is something
that should be implemented in policy verification code rather than on the
message being sent.
2. Just because Acme and Widget have agreed these are equivalent, does not
mean that a third party would agree that they are the same. Again this
agrues that Acme and Widget should modify their policy verifers to allow for
each other security policies.
3. It is new. At this point I would rather not see drastic changes (and I
would argue that this is drastic) be added to the ESS draft. I would rather
get them into last call and sable and put this into a new draft if we are
going to do it.
jim