Denning, Feeg, Hanks, Holmes, Regan, Shinn (Foust absent)
is an open item from an SRP meeting of 11/30/96. John Hanks is responsible
Administration Guidelines. Hanks agreed to take the lead (and
work closely with Holmes) to draft guidelines for SAs on (a) how
to handle incidents, (b) protocol to follow when an incident is
referred by SRP, (c) closing the loop on an incident, (d) keeping
SRP informed of major actions, (e) registering with UCIS, and
(f) attaching new hosts to the MasonNet.
A significant amount of public comment was received on the proposal
to restrict posting authority to people on registered GMU hosts.
The comment was overwhelmingly negative. The most compelling reason
was that a lot of students use off-campus ISP's and would be cut
off from posting if GMU.LOCAL were restricted to GMU hosts. The
SRP decided to withdraw its policy revision proposal. There will
be no restrictions on which hosts can post to GMU.LOCAL. Denning
will draft the announcement.
ORIGINATION AUTHORITY. At present, there are no restrictions on
who can post to non-GMU newsgroups. Consequently there is a significant
number of cases where people who have no association with GMU at
all are posting to newsgroups via the GMU newsgroup feed. (Hanks
cited a case of someone from Thailand using GMU newsfeeds to post
files to one of the general newsgroups.) The SRP agreed that such
is not an authorized use of the GMU resource because it is not initiated
by a member of the GMU community and it is not for any of the purposes
the GMU resource was created for. Hanks will draft a statement requesting
UCIS to remove the permission for non-GMU hosts to post to non-GMU
newsgroups. We noted that this will not affect students who use
off campus ISP's since those ISP's already provide access to newsgroups.
CAMPUS NETWORK COMMUNICATIONS. The SRP determined that it would
significantly enchance the security and privacy of campus operations
if all transmissions on campus networks are encrypted and all host-to-host
communications are authenticated. MIT's Kerberos system, which does
this, works for Unix-based systems only. Shinn will draft a statement
for approval by the SRP that requests the Vice Provost for Information
Technology to initiate a project to accomplishment this for all
ENCHANCED MAIL. The SRP noted that many faculty, students, and staff
rely increasingly on electronic communication to transact official
business such as student grading, performance reviews, recommendations,
student records, hiring, and the like. The SRP agreed that the campus
communications are currently exposed to impersonation and alteration,
constituting a significant and growing risk to the ability to use
IT well in the conduct of our educational business. The SRP agreed
that this risk can be reduced if all users move toward adoption
of privacy enchanced mail. PEM allows each sender to digitally sign
messages and each receiver to verify that an incoming message is
authentic. Denning will draft a statement from SRP to the Vice Provost
for Information Technology recommending that a high priority be
given to implementing PEM on campus.
5. RUC POLICY
REVISIONS. Two revisions are needed: (a) conditions under which
the SRP would determine that a system adminstrator has exceed his/her
authority and the SRP actions that would then follow, and (b) guidelines
for those who wish to declare files linked to their web pages as
private. Holmes will draft these policy revisions for approval by
the SRP. Those policy revisions will then be posted for public comment.
6. NEXT MEETING.
The next SRP meeting will be Wed May 1 at 3:30pm.
-back to top-