Re: [dssa] Information classification proposal

[Rick Wesson <rick@xxxxxxxxxxxxxxxxxxxxxxxx>]

First, I prefer that we only leverage publicly available information and be
as open and transparent as possable. While this is my preference I
understand some of you MAY wish to share sensitive information. I propose
that the Traffic Light Protocol [1] may be optimal and that those desireing
to share sensitive information. I've participated in groups that this worked
out well, and is fairly intuitive.

[FROM WIKIPEDIA...]

There are four colors (or traffic lights):

RED - personal for named recipients only
   In the context of a meeting, for example, RED information is limited to
those present at the meeting. In most circumstances, RED information will be

  passed verbally or in person.

AMBER - limited distribution
The recipient may share AMBER information with others within their
organization, but only on a ‘need-to-know’ basis. The originator may be
expected to specify the intended limits of that sharing.

GREEN - community wide
Information in this category can be circulated widely within a particular
community. However, the information may not be published or posted publicly
on the Internet, nor released outside of the community.

 WHITE  - unlimited
Subject to standard copyright rules, WHITE information may be distributed
freely, without restriction.

-rick

[1] see http://en.wikipedia.org/wiki/Traffic_Light_Protocol

2011/5/24 Carlos M. Martinez <carlos@xxxxxxxxxx>

> Hello everyone,
>
> <disclaimer>
> This is the first ICANN-related WG I'm involved with, so perhaps this is
> already covered somewhere. If so, please disregard :-)
> </disclaimer>
>
> As a possible idea geared towards facilitating and enabling information
> disclosure and exchange within the DSSA and its sub-WGs I would like to
> propose we consider using a lightweight information classification scheme.
>
> Under this proposal, a disclosing or contributing party SHOULD tag
> documents with the keywords {public, reserved, confidential}.
>
> Possible definitions for these terms would be:
>
> - public: self-explanatory, information and data contained within a
> contribution can be made publicly accesible
> - reserved: information and data contained within a contribution is NOT
> to be made publicly available but each member could share it with the
> constituency each represents
> - confidential: information and data within a contribution is to be
> shared among DSSA members ONLY
>
> We could work a little more on the definitions so they are most
> applicable to our environment, these definitions are only "off the top
> of my head".
>
> Given the amount of participants within the WG I think this could help
> all of us make sound decisions regarding information sharing and could
> offer disclosing parties a form to express sharing policy.
>
> regards
>
> Carlos
> --
>
> Carlos M. Martinez
> LACNIC I+D
> PGP KeyID 0xD51507A2
> Phone: +598-2604-2222 ext. 4419
>
>