80 likes | 173 Views
Mapping Company Classification Policy to the S/MIME Security Label <draft-ietf-smime-seclabel-00.txt>. Russ Housley March 2000. Weston Nicolls is the author. He could not attend this meeting, so I am providing the briefing in his absence. Purpose and Scope. Informational RFC
E N D
Mapping Company Classification Policy to the S/MIME Security Label<draft-ietf-smime-seclabel-00.txt> Russ Housley March 2000
Weston Nicolls is the author.He could not attend this meeting,so I am providing the briefing inhis absence.
Purpose and Scope • Informational RFC • Describe how the ESS Security Label can used to implement an organizational security policy • Three organizational examples • Provide sample policies for interoperability testing
Organizations • Amoco Corporation • Caterpillar Inc • Whirlpool Corporation
Amoco Corporation • Confidentiality • General • Confidential • Highly Confidential • Integrity • Minimum • Medium • Maximum
Caterpillar Inc • Confidentiality • Public • Confidential Green • Confidential Yellow • Confidential Red
Whirlpool Corporation • Confidentiality • Public • Internal • Confidential • Additional marks at discretion of owner • Privacy Marks? • Security Categories?
Way Forward • First Internet-Draft published in December 1999 • Support interoperability testing • Need to assign Object Identifiers • IETF ones for this document and testing • Organizations assign their own • Determine correct way to handle the Whirlpool additional marks