[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 3

To: MTA filtering mailing list <ietf-mta-filters@xxxxxxx>
Subject: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 3
From: Robert Burrell Donkin <robertburrelldonkin@xxxxxxxxx>
Date: Thu, 30 Jul 2009 13:44:39 +0100
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=+Ra5ofht3XVQzewFckfXWeDv98d8AV9Xde4s8aU5cNk=; b=CNTgNiO18X940NtOIje7PEqqVhg/2fQ8Xgvm6RBsr53QuVO9UuYGjC/gPAVyHKiGxL NXu9VfYSDRjKqES1m5JFL49ESLqG+Ak+bUuMwn8FEYmcQBfsVLuSmFW9dN/miZkggrSb jNkaqaG0rNL+7UDdbBVDUogfxjzFxSvrGIMvU=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=xsB9+QqAX9rZ2UqVZ+R3eZ6Oa13vJWhor4iisuuNS88hp7WeZBq5oc3bUMUAkoiRHC 47uilyVTH6WFSDO3Jz+PY6q+wLrz7vG88+WRu13RCrFyEn1DoaFl752ePx5AWm5B32Rm td6fnABKnUE+n0+fsVkExx7g61Qj82wnGLbiQ=
List-archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-id: <ietf-mta-filters.imc.org>
List-unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mta-filters@xxxxxxxxxxxx

   "Protocols/APIs used to retrieve/verify external list membership MUST
   provide at least the same level of confidentiality as protocols/APIs
   used to retrieve Sieve scripts.  For example, if Sieve scripts are
   retrieved using LDAP secured with Transport Layer Security (TLS)
   encryption, then the protocol used to retrieve external list
   membership must use a comparable mechanism for providing connection
   confidentiality.  In particular, the protocol used to retrieve
   external list membership must not be lacking encryption."

Use Case One: Public FOAF

how does banning access to public resources improve security?

Use Case Two: Web Services

how should an implementation judge whether a web service discovered
over UDDI (say) is more or less confidential than script storage in
LDAP (say)?

- robert

Follow-Ups:
- Re: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 3
  - From: Ned Freed

Prev by Date: [draft-melnikov-sieve-external-lists] 2.2 Allow Extensions To Use List
Next by Date: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 2
Previous by thread: [draft-melnikov-sieve-external-lists] 2.2 Allow Extensions To Use List
Next by thread: Re: [draft-melnikov-sieve-external-lists] 3. Security Considerations, Paragraph 3
Index(es):
- Date
- Thread