Security Labels in Internet Email
RFC 7444
Document | Type |
RFC - Informational
(February 2015; No errata)
Was draft-zeilenga-email-seclabel (individual)
|
|
---|---|---|---|
Authors | Kurt Zeilenga , Alexey Melnikov | ||
Last updated | 2015-10-14 | ||
Stream | ISE | ||
Formats | plain text html pdf htmlized bibtex | ||
IETF conflict review | conflict-review-zeilenga-email-seclabel | ||
Stream | ISE state | Published RFC | |
Consensus Boilerplate | Unknown | ||
Document shepherd | Adrian Farrel | ||
Shepherd write-up | Show (last changed 2014-08-31) | ||
IESG | IESG state | RFC 7444 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) | ||
IANA | IANA review state | Version Changed - Review Needed | |
IANA action state | RFC-Ed-Ack |
Independent Submission K. Zeilenga Request for Comments: 7444 A. Melnikov Category: Informational Isode Limited ISSN: 2070-1721 February 2015 Security Labels in Internet Email Abstract This document describes a header field, SIO-Label, for use in Internet email to convey the sensitivity of the message. This header field may carry a textual representation (a display marking) and/or a structural representation (a security label) of the sensitivity of the message. This document also describes a header field, SIO-Label- History, for recording changes in the message's label. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7444. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Zeilenga & Melnikov Informational [Page 1] RFC 7444 Security Labels in Internet Email February 2015 Table of Contents 1. Introduction ....................................................2 1.1. Relationship to Inline Sensitivity Markings ................3 1.2. Relationship to Preexisting Security Label Header Fields ...4 1.3. Relationship to Enhanced Security Services for S/MIME ......4 2. Conventions Used in This Document ...............................5 3. Overview ........................................................5 4. The SIO-Label Header Field ......................................6 5. The SIO-Label-History Header Field ..............................9 6. IANA Considerations ............................................12 7. Security Considerations ........................................12 8. References .....................................................14 8.1. Normative References ......................................14 8.2. Informative References ....................................15 Acknowledgements ..................................................16 Authors' Addresses ................................................16 1. Introduction A security label, sometimes referred to as a confidentiality label, is a structured representation of the sensitivity of a piece of information. A security label can be used in conjunction with a clearance, a structured representation of what sensitive information a person (or other entity) is authorized to access, and a security policy to control access to each piece of information. For instance, an email message could have an "EXAMPLE CONFIDENTIAL" label that requires the sender and the receiver to have a clearance granting access to information labeled "EXAMPLE CONFIDENTIAL". X.841 [X.841] provides a discussion of security labels, clearances, and security policy. A display marking is a textual representation of the sensitivity of a piece of information. For instance, "EXAMPLE CONFIDENTIAL" is a textual representation of the sensitivity. A security policy can be used to generate display markings from security labels. Display markings are generally expected to be prominently displayed whenever the content is displayed. Sensitivity-based authorization is used in networks that operate under a set of information classification rules, such as in government and military agency networks. The standardized formats for security labels, clearances, security policy, and associated authorization models are generalized and can be used in non- government deployments where appropriate. Zeilenga & Melnikov Informational [Page 2] RFC 7444 Security Labels in Internet Email February 2015 Security labels may also be used for purposes other than authorization. In particular, they may be used simply to convey the sensitivity of a piece information. The security label could beShow full document text