Sorry, Forgot to CC the list on my reply....
Darren
-----Original Message-----
From: Darren Harter <dharter(_at_)email(_dot_)msn(_dot_)com>
To: John Pawling <jsp(_at_)jgvandyke(_dot_)com>
Date: Sunday, May 24, 1998 12:25
Subject: Re: ESS EquivalentLabel Proposal
John,
IMO, I think this is an excellent proposal. I personally send paper-based
messages marked under different labelling policies every day - sometimes
these messages are marked under different labelling schemes for each
recipient, although the labels themselves are semantically equivalent (i.e.
All recipients understand them as meaning the same thing).
I was concerned as to how I would implement this using S/MIME, but your
proposal solves the problem with, I believe, an added bonus. If I connect
to domains together that operate under different labelling policies, and
the
management of those domains can agree on a mapping between the different
elements of the labels employed, a single gateway device could add an
ESSEquivalentLabel to each message as it passed between domains.
Applications in the receiving domain would not process the ESSSecurityLabel
as they would not understand the policy OID in it, but they would process
the ESSEquivalentLabel as they would understand the policy OID in that.
The advantage being that when you connect domains together you don't have
to
upgrade each end system to understand the new labelling policies, they only
have to understand their own.
I believe this is a simple and obvious addition to ESS, and probably one
that the IESG would have raised on submission for an RFC.
Darren