[Top] [All Lists]

RE: Comments on SecLabel draft

2000-03-30 17:13:48

-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Jim Schaad
Sent: Wednesday, March 29, 2000 6:48 AM
To: "ietf-smime(_at_)imc(_dot_)org;weston.nicolls";;;;
Subject: Comments on SecLabel draft


1.  Section 1 P2 - Security labels cannot be bound to an encrypted body,
to a signed message.

2.  Please give more text explaining the difference between rank and role
security.  From the current description they look like the same to me.

3.  The Amoco policy description is not clear.  From the text I assumed that
the confidentiality and integrity were orthogonal axis for make decisions
leading to 9 items).  Based on the conversation with you this is not true as
the policy is choose one of the axis and then the point on the axis.  The
should be clarified as to which is correct.

4. Typo - Section 1.2 last para - "while he outer signature" should be

5.  Section -- I don't think that one should provide a syntax for
privacy marks.  However giving a couple of the privacy marks or guidelines
the policy on writting them might be useful.  Given that a privacy mark is a
UTF8 string in the syntax, no addtional ASN syntax is really possible.

6.  You say that categories are used informally, however without knowning
they would be used or specified I cannot even hope to offer syntax
 Given that they are informal why would they not be marked as privacy
 If they are categories then I would expect the policy module to do
thus being informal would cause some difficulties.

7.  I suggest that you name Clearance in the ASN sections to be XxxxSection.
and the same for the other top level items.

<Prev in Thread] Current Thread [Next in Thread>