Security Labels
De Trustedbird Client Wiki
Révision de 20 septembre 2010 à 16:35 par Rfairise (discussion | contributions)
English | Français
> Documentation > Trustedbird > Security Labels > Technical Documentation
This feature is used to add security information in a message which will be used to handle authorizations and access rights.
It implements the security service "security labels" defined in RFC 2634 Enhanced Security Services for S/MIME. A security label is a set of security information regarding the sensitivity of the content that is protected by S/MIME encapsulation.
A security label is composed of:
- Security Policy Identifier
- Security Classification (optional)
- Privacy Mark (optional)
- Security Categories (optional)
Additional resources:
- Technical Documentation
- RFC 2634 - section 3 - Enhanced Security Services for S/MIME
- RFC 3114 - Implementing Company Classification Policy with the S/MIME Security Label
- RFC 4134 - Examples of S/MIME Messages
- Screencast
Sommaire
Installation
This feature is integrated in Trustedbird 2.
Usage
In order to define your own security policy, edit or add a new XML file (based on this XML Schema) in securityLabel folder in your profile directory.
Security policy example:
<?xml version="1.0" encoding="UTF-8"?> <!-- ESS Security Label policy definition example --> <securityLabel> <!-- Security Policy Identifier value (attribute) [OID] label (attribute) [string]: displayed name of the policy --> <securityPolicyIdentifier value="1.2.840.113549.1.9.16.7.1" label="default" /> <!-- Security Classification valueDisplayed (attribute) [boolean]: decide if value is displayed or only label item (element): value (attribute) [integer]: must be in 0 - 256 range label (attribute) [string]: displayed name --> <securityClassification valueDisplayed="true"> <item value="0" label="unmarked" /> <item value="1" label="unclassified" /> <item value="2" label="restricted" /> <item value="3" label="confidential" /> <item value="4" label="secret" /> <item value="5" label="top-secret" /> </securityClassification> <!-- Privacy Mark freeText (attribute) [boolean]: define if free text if allowed item (element): add a predefined privacy mark value (attribute) [string]: displayed text and value of the privacy mark --> <privacyMark freeText="true"> <item value="NOCONTRACTOR" /> <item value="NOFORN" /> <item value="保密" /> <item value="प्रतिबंधित/सीमित" /> </privacyMark> <!-- Security Categories securityClassificationValue (attribute) [integer]: specify that these categories apply only to this classification item (element): category oid (attribute) [OID]: type of the category type (attribute) [integer]: data type of value attribute (1 for UTF-8 string, 2 for integer) value (attribute) [string]: text of the category label (attribute) [string]: displayed name of the category --> <!-- For all Security Classification --> <securityCategories> <item oid="1.2.66.1.5" type="1" value="private" label="Private" /> <item oid="1.2.66.1.89.4" type="1" value="EU Protected Information" label="Protected Information" /> </securityCategories> <!-- Only for Security Classification 4 --> <securityCategories securityClassificationValue="4"> <item oid="1.2.3.8" type="1" value="EYES ONLY" label="EYES ONLY" /> <item oid="1.2.398.5" type="1" value="EU do not print" label="DO NOT PRINT" /> <item oid="1.2.398.5" type="1" value="FR do not print" label="Ne pas imprimer" /> </securityCategories> <!-- Only for Security Classification 5 --> <securityCategories securityClassificationValue="5"> <item oid="1.2.324.74" type="1" value="NATO CONFIDENTIAL" label="NATO CONFIDENTIAL" /> <item oid="1.2.324.75" type="1" value="NATO RESTRICTED" label="NATO RESTRICTED" /> <item oid="1.2.99.2" type="1" value="高度機密" label="top-secret" /> <item oid="1.2.99.3" type="2" value="57" label="a" /> <item oid="1.2.99.4" type="2" value="6000" label="b" /> <item oid="1.2.99.5" type="1" value="6000" label="c" /> </securityCategories> </securityLabel>
Screenshots
Trustedbird 3.1 (based on Thunderbird 3.1)
Compose window
Settings
Compose Info
View and sort messages with the security classification column
Message security info