On Apr 3, 2009, at 9:44 AM, Russ Housley wrote:
I really do not have time to write about all of my concerns.
Understand. It might be a long write-up!
However, once you get beyond the basic classifications, the SPIF model breaks.
I would say that the SPIF model discussed in SDN 801 has some significant limitations. Dealing with the "black project" problem you allude to is certainly one of them. Another is that the SPIF only describes authorization to access (e.g., read) an object (given the policy, the object's label, and the accessor's clearance). It doesn't describes what labels an entity is allowed to use in labeling an object. While one might assume that "right to read" implies a "right to label", this assumption is only useful in simple environments. It cannot handle various national or international policies.
I do think there is a need to develop a SPIF replacement that addresses various limitations, and would be willing to provide input in such an effort. However, it needs to be driven by key stakeholders.
Until there is a suitable SPIF replacement for labeling at the application level (e.g., Directory, email, XMPP), I'll continue to implement SPIF-based solutions as simply there simply ain't anything better policy-neutral solution (that I'm aware of)... and that's what my customers are asking for (as they find it useful in their use cases).
-- Kurt
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.