Home Mission Minutes Resources Members Spam Music Copyright Violations Nigerian Scams

Attending: Denning, Feeg, Hanks, Holmes, Regan, Shinn (Foust absent)

OLD ITEMS

The following is an open item from an SRP meeting of 11/30/96. John Hanks is responsible for it.

5. System Administration Guidelines. Hanks agreed to take the lead (and work closely with Holmes) to draft guidelines for SAs on (a) how to handle incidents, (b) protocol to follow when an incident is referred by SRP, (c) closing the loop on an incident, (d) keeping SRP informed of major actions, (e) registering with UCIS, and (f) attaching new hosts to the MasonNet.

NEW ITEMS

1. GMU.LOCAL. A significant amount of public comment was received on the proposal to restrict posting authority to people on registered GMU hosts. The comment was overwhelmingly negative. The most compelling reason was that a lot of students use off-campus ISP's and would be cut off from posting if GMU.LOCAL were restricted to GMU hosts. The SRP decided to withdraw its policy revision proposal. There will be no restrictions on which hosts can post to GMU.LOCAL. Denning will draft the announcement.

2. NEWSGROUPS ORIGINATION AUTHORITY. At present, there are no restrictions on who can post to non-GMU newsgroups. Consequently there is a significant number of cases where people who have no association with GMU at all are posting to newsgroups via the GMU newsgroup feed. (Hanks cited a case of someone from Thailand using GMU newsfeeds to post files to one of the general newsgroups.) The SRP agreed that such is not an authorized use of the GMU resource because it is not initiated by a member of the GMU community and it is not for any of the purposes the GMU resource was created for. Hanks will draft a statement requesting UCIS to remove the permission for non-GMU hosts to post to non-GMU newsgroups. We noted that this will not affect students who use off campus ISP's since those ISP's already provide access to newsgroups.

3. ENCRYPTING CAMPUS NETWORK COMMUNICATIONS. The SRP determined that it would significantly enchance the security and privacy of campus operations if all transmissions on campus networks are encrypted and all host-to-host communications are authenticated. MIT's Kerberos system, which does this, works for Unix-based systems only. Shinn will draft a statement for approval by the SRP that requests the Vice Provost for Information Technology to initiate a project to accomplishment this for all campus systems.

4. PRIVACY ENCHANCED MAIL. The SRP noted that many faculty, students, and staff rely increasingly on electronic communication to transact official business such as student grading, performance reviews, recommendations, student records, hiring, and the like. The SRP agreed that the campus communications are currently exposed to impersonation and alteration, constituting a significant and growing risk to the ability to use IT well in the conduct of our educational business. The SRP agreed that this risk can be reduced if all users move toward adoption of privacy enchanced mail. PEM allows each sender to digitally sign messages and each receiver to verify that an incoming message is authentic. Denning will draft a statement from SRP to the Vice Provost for Information Technology recommending that a high priority be given to implementing PEM on campus.

5. RUC POLICY REVISIONS. Two revisions are needed: (a) conditions under which the SRP would determine that a system adminstrator has exceed his/her authority and the SRP actions that would then follow, and (b) guidelines for those who wish to declare files linked to their web pages as private. Holmes will draft these policy revisions for approval by the SRP. Those policy revisions will then be posted for public comment.

6. NEXT MEETING. The next SRP meeting will be Wed May 1 at 3:30pm.

-back to top-