Re: [Id-event] RFC 9493 on Subject Identifiers for Security Event Tokens
Atul Tulshibagwale <atul@sgnl.ai> Tue, 12 December 2023 20:58 UTC
Return-Path: <atul@sgnl.ai>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA994C14F5EE for <id-event@ietfa.amsl.com>; Tue, 12 Dec 2023 12:58:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.905
X-Spam-Level:
X-Spam-Status: No, score=-6.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sgnl-ai.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZmiJR2D-LwEf for <id-event@ietfa.amsl.com>; Tue, 12 Dec 2023 12:58:32 -0800 (PST)
Received: from mail-pl1-x631.google.com (mail-pl1-x631.google.com [IPv6:2607:f8b0:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8450C14F5EC for <id-event@ietf.org>; Tue, 12 Dec 2023 12:58:32 -0800 (PST)
Received: by mail-pl1-x631.google.com with SMTP id d9443c01a7336-1d08a924fcfso57399685ad.2 for <id-event@ietf.org>; Tue, 12 Dec 2023 12:58:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sgnl-ai.20230601.gappssmtp.com; s=20230601; t=1702414711; x=1703019511; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=QjWPN4RsUzFjIyzRyVFngvu7WThEiAfBuD128IH0704=; b=bovlGcTBKB1gN6B/tsbK49MIi5/CWmjf2MDqkzrDKYU9MxtHxljHwmdCwP99ppNHXv tAYON8xl5T2yNXr5iib0yqVftZJGIGBxQJSpT72pJEDPpZYJgBa/ndhNcDE/EXHUYwSK 19x84dxbwln4yQU+ah6oMJINjBFnfaV0ZKgKOSMefP5zM62eVUJpuiOr3raMMywQTrpc o0kMBPds/PjyqLAnM3dd299ZT9DNAzP/0qCJNpCG8tvZtFrDhYngRRKtwzPmaCeDVLMH oAdx8W50WjwB7kgpWgjY64Uf4QsEgk/NobmXwnUSSYjAY5DiHjVD0lYUwNS4yyANQQq+ PTKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702414711; x=1703019511; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QjWPN4RsUzFjIyzRyVFngvu7WThEiAfBuD128IH0704=; b=lG09tvEmCr0v3V7Rvs7n6VLc9zYPYB0K+h7Azt7S73hMpoyKsMuCzNIlRZqLCErCJB awjflPI8tueox8oQ4wsqdBfYFSL2Fh0A+6iNqutOr88P7KURmbkeVXYA98SxhAkcYI+X u2h8bcslf2GAgPpEE8y02yPqgj19AYI6YogIuendLtBg2hmwBh/tzr3XxFkLAVhyxGTv XzsJoJmuhiTNV90MYe2wb1sRT5KeR6RDKiKFLNkGUB1EW643Roe51TGIkBt4qd9dkbR7 w185IycP83c7dIN2jpWb/Q0hc8uzWyCI3eZSyWumOYqI4QkcHTJDo3fx5zwWf/10XZmK AEEw==
X-Gm-Message-State: AOJu0Yx19F1pFKPtf6fWY8qz3eEjls4BGg3SL2aOAfGvYW6a4MIJXHUc DUknYElFHzf+8qsfXdS6VtovmnB1Q/BmVq34OSt6n3jtF6dZFGfBFXk=
X-Google-Smtp-Source: AGHT+IESFwL7Jj56Jv1npYzBM7VWuo27gA6pMw/71E2eI3V98kRGBzUwfAGvFM9MEDrxMLjym8sM1FDfUH6W/bw8DKg=
X-Received: by 2002:a17:902:e54a:b0:1d0:ab0e:9154 with SMTP id n10-20020a170902e54a00b001d0ab0e9154mr8301555plf.125.1702414711366; Tue, 12 Dec 2023 12:58:31 -0800 (PST)
MIME-Version: 1.0
References: <20231207010618.7B21719073C5@rfcpa.amsl.com> <D41A05EF-7402-456B-8190-7C8EA65575A8@gmail.com> <CAA1-vB3fVQEu=eQbPYFk6DcQqvU3b8mzBYGJzOR9yzFw7WGAbQ@mail.gmail.com> <CANtBS9dvRAyXXUjCHKQtC3nyP+tXhYKmZ=Fb98qgX53er6Z5JQ@mail.gmail.com> <1CEC92EC-B8F1-49C9-9ED1-DD878FCAD1D1@gmail.com> <CANtBS9cQgw4gkfqoUSD73RbCN01u2kgpDVCct=T_O4tS2_vkOQ@mail.gmail.com> <A271E2B1-3DAC-46F6-A8B2-824E65B0B682@gmail.com>
In-Reply-To: <A271E2B1-3DAC-46F6-A8B2-824E65B0B682@gmail.com>
From: Atul Tulshibagwale <atul@sgnl.ai>
Date: Tue, 12 Dec 2023 12:58:15 -0800
Message-ID: <CANtBS9frArcH6RF7d2gQw5DVru_mpsUcWAtvUCbn_AyPmBZO1w@mail.gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Cc: Prachi Jain <prachi.jain1288@gmail.com>, id-event@ietf.org
Content-Type: multipart/alternative; boundary="00000000000021bf45060c565041"
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/8KZsx6fET2I93WqKbMivm6T_FBo>
Subject: Re: [Id-event] RFC 9493 on Subject Identifiers for Security Event Tokens
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Dec 2023 20:58:36 -0000
Hi Yaron, I was referring to the use of the term "Security Event Identifier Formats Repository" in the rest of the document. The errata has been updated to reflect this now. https://www.rfc-editor.org/errata/eid7727 Thanks, Atul On Tue, Dec 12, 2023 at 10:59 AM Yaron Sheffer <yaronf.ietf@gmail.com> wrote: > Hi Atul, > > > > Back to your original mail, “there are a few more changes that will flow > from there, if this is considered to be an error.” Could you say what > these changes are, so we can deal with this all in one go? > > > > Thanks, > > Yaron > > > > *From: *Atul Tulshibagwale <atul@sgnl.ai> > *Date: *Tuesday, 12 December 2023 at 0:32 > *To: *Yaron Sheffer <yaronf.ietf@gmail.com> > *Cc: *Prachi Jain <prachi.jain1288@gmail.com>, <id-event@ietf.org> > *Subject: *Re: [Id-event] RFC 9493 on Subject Identifiers for Security > Event Tokens > > > > Hi Yaron, > > I believe it is an error, because what is described in the RFC is not > "Security Event Identifiers", they are "Subject Identifiers" within > Security Event Tokens. > > > > I agree that the content of the registry matters more, but I am writing a > draft that relies on this RFC and this registry in particular. It uses the > same Subject Identifier formats, but not within SETs, and the API I'm > defining in my draft has nothing to do with Security Events. Therefore it > becomes confusing to the readers of my draft to be referencing an IANA > registry named "Security Event Identifier Format Registry". > > > > I've filed an errata now: https://www.rfc-editor.org/errata/eid7727. I'm > happy to discuss with the WG. > > > > Thanks, > > Atul > > > > > > On Mon, Dec 11, 2023 at 1:51 PM Yaron Sheffer <yaronf.ietf@gmail.com> > wrote: > > Hi Atul, > > > > I am personally on the fence here because the original context is > identifiers used in security events. See the RFC’s Introduction, where we > start with security events and then slowly broaden the scope. However, if > you think this is in error and should be fixed, feel free to file an errata > [1] and we will discuss it. > > > > Ultimately what counts is the IANA registry [2] and whether it is > comprehensible and useful. > > > > Thanks, > > Yaron > > > > [1] https://www.rfc-editor.org/errata.php#reportnew > > [2] https://www.iana.org/assignments/secevent/secevent.xhtml > > > > *From: *Atul Tulshibagwale <atul@sgnl.ai> > *Date: *Monday, 11 December 2023 at 21:54 > *To: *Prachi Jain <prachi.jain1288@gmail.com> > *Cc: *Yaron Sheffer <yaronf.ietf@gmail.com>, <id-event@ietf.org> > *Subject: *Re: [Id-event] RFC 9493 on Subject Identifiers for Security > Event Tokens > > > > Thanks Yaron, > > > > I think I discovered an issue with the spec, just as I was trying to refer > to it: > > > > Section 8.1 is named "Security Event Identifier Formats Registry". Should > it be named "Subject Identifier Formats Registry"? There are a few more > changes that will flow from there, if this is considered to be an error. > > > > Atul > > > > > > On Thu, Dec 7, 2023 at 3:51 AM Prachi Jain <prachi.jain1288@gmail.com> > wrote: > > Thanks Yaron. Truly appreciate the guidance and support in getting this > past the finish line. > > > > On Thu, Dec 7, 2023 at 5:04 AM Yaron Sheffer <yaronf.ietf@gmail.com> > wrote: > > Congratulations on this last deliverable of the Security Events working > group. Thanks to Annabelle and Prachi who drove this document to completion! > > Yaron > > On 07/12/2023, 3:06, "id-event-bounces@ietf.org <mailto: > id-event-bounces@ietf.org> on behalf of rfc-editor@rfc-editor.org <mailto: > rfc-editor@rfc-editor.org>" <id-event-bounces@ietf.org <mailto: > id-event-bounces@ietf.org> on behalf of rfc-editor@rfc-editor.org <mailto: > rfc-editor@rfc-editor.org>> wrote: > > > A new Request for Comments is now available in online RFC libraries. > > > > > RFC 9493 > > > Title: Subject Identifiers for Security Event Tokens > Author: A. Backman, Ed., > M. Scurtescu, > P. Jain > Status: Standards Track > Stream: IETF > Date: December 2023 > Mailbox: richanna@amazon.com <mailto:richanna@amazon.com>, > marius.scurtescu@coinbase.com <mailto:marius.scurtescu@coinbase.com>, > prachi.jain1288@gmail.com <mailto:prachi.jain1288@gmail.com> > Pages: 18 > Updates/Obsoletes/SeeAlso: None > > > I-D Tag: draft-ietf-secevent-subject-identifiers-18.txt > > > URL: https://www.rfc-editor.org/info/rfc9493 < > https://www.rfc-editor.org/info/rfc9493> > > > DOI: 10.17487/RFC9493 > > > Security events communicated within Security Event Tokens may support > a variety of identifiers to identify subjects related to the event. > This specification formalizes the notion of Subject Identifiers as > structured information that describes a subject and named formats > that define the syntax and semantics for encoding Subject Identifiers > as JSON objects. It also establishes a registry for defining and > allocating names for such formats as well as the JSON Web Token (JWT) > "sub_id" Claim. > > > This document is a product of the Security Events Working Group of the > IETF. > > > This is now a Proposed Standard. > > > STANDARDS TRACK: This document specifies an Internet Standards Track > protocol for the Internet community, and requests discussion and > suggestions > for improvements. Please refer to the current edition of the Official > Internet Protocol Standards (https://www.rfc-editor.org/standards < > https://www.rfc-editor.org/standards>) for the > standardization state and status of this protocol. Distribution of this > memo is unlimited. > > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > https://www.ietf.org/mailman/listinfo/ietf-announce < > https://www.ietf.org/mailman/listinfo/ietf-announce> > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist < > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist> > > > For searching the RFC series, see https://www.rfc-editor.org/search < > https://www.rfc-editor.org/search> > For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk < > https://www.rfc-editor.org/retrieve/bulk> > > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to rfc-editor@rfc-editor.org <mailto: > rfc-editor@rfc-editor.org>. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > > > The RFC Editor Team > Association Management Solutions, LLC > > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://www.ietf.org/mailman/listinfo/id-event < > https://www.ietf.org/mailman/listinfo/id-event> > > > > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org > https://www.ietf.org/mailman/listinfo/id-event > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org > https://www.ietf.org/mailman/listinfo/id-event > >
- [Id-event] RFC 9493 on Subject Identifiers for Se… rfc-editor
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Prachi Jain
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Yaron Sheffer
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Atul Tulshibagwale
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Yaron Sheffer
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Atul Tulshibagwale
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Brian Campbell
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Yaron Sheffer
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Atul Tulshibagwale
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Prachi Jain