[Standards] Proposed XMPP Extension: Security Labels in PubSub

Piers Chivers Piers.Chivers at BoldonJames.com
Thu Aug 2 11:03:52 UTC 2012


[Boldon James classification: UNMARKED EXTERNAL]

Hi,
Just a few notes on this:
1. Throughout: It's primarily written from a "Need to Know" basis i.e. don't show people stuff they aren't cleared for.  I'd prefer to see equal emphasis on a "Need to Share" basis i.e. let people know there is something there but they currently don't have clearance.  In a PubSub environment I think this makes more sense than randomly (at least it will seem random to the subscriber) filtering out stuff.  Section 9.1 <insufficient_clearance> touches upon this but I'd prefer to see this mentioned throughout the document.
2. Section 2: "A client SHOULD only publish items to a node that are compatible with the Clearance of the node", why is this not "A client MUST NOT publish items to a node that are incompatible with the Clearance of the node"
3. Example 14: I'm struggling to think of a scenario where a notification without a payload needs a security label (this is a SECRET notification of Britain winning a Gold medal but this is an UNCLASSIFIED notification of Britain winning a Gold medal seems a little odd).  If I'm cleared to subscribe to the node then....
4. Section 9: I think the draft hints at all the possible complexities here.  Perhaps this XEP should limit itself to label based access at the node level only??

Piers

-----Original Message-----
From: standards-bounces at xmpp.org [mailto:standards-bounces at xmpp.org] On Behalf Of Ashley Ward
Sent: 19 June 2012 17:58
To: XMPP Standards
Subject: Re: [Standards] Proposed XMPP Extension: Security Labels in PubSub

Yeah - sorry about that! I had two copies of it on my file system and of course sod's law meant that I sent the wrong one!

Thanks to Peter for updating it!

---
Ash

On 19/06/2012 17:47, "Todd Herman" <todd at apx-labs.com> wrote:

>I was going to say.  There were no periods and parts had "blah blah blah"
>in it.  :)
>
>-----Original Message-----
>From: standards-bounces at xmpp.org [mailto:standards-bounces at xmpp.org] On 
>Behalf Of Peter Saint-Andre
>Sent: Tuesday, June 19, 2012 12:34 PM
>To: XMPP Standards
>Subject: Re: [Standards] Proposed XMPP Extension: Security Labels in 
>PubSub
>
>The authors had sent me an outdated version. I've pushed a revised 
>version to the website.
>
>On 6/19/12 10:17 AM, XMPP Extensions Editor wrote:
>> The XMPP Extensions Editor has received a proposal for a new XEP.
>> 
>> Title: Security Labels in PubSub
>> 
>> Abstract: This document describes an extension to XEP-0258 (Security 
>>Labels in XMPP) to allow for the use of security labels in PubSub.
>>This document describes
>>   	how security label metadata can be applied to the various elements 
>>within PubSub, including nodes and items.
>> 
>> URL: http://xmpp.org/extensions/inbox/pubsub-labels.html
>> 
>> The XMPP Council will decide in the next two weeks whether to accept 
>>this proposal as an official XEP.
>> 
>


Email classified by Boldon James Classifier - www.boldonjames.com 



More information about the Standards mailing list