[Id-event] Thread - Should Primary Event Be a Separate Attribute (regarding secevent-token-00)
Phil Hunt <phil.hunt@oracle.com> Wed, 01 March 2017 18:28 UTC
Return-Path: <phil.hunt@oracle.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB44D12965B for <id-event@ietfa.amsl.com>; Wed, 1 Mar 2017 10:28:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EZ-o8Eq8y7vW for <id-event@ietfa.amsl.com>; Wed, 1 Mar 2017 10:28:56 -0800 (PST)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 700C81294DF for <id-event@ietf.org>; Wed, 1 Mar 2017 10:28:56 -0800 (PST)
Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v21IStFM029436 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <id-event@ietf.org>; Wed, 1 Mar 2017 18:28:55 GMT
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id v21ISt41019409 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <id-event@ietf.org>; Wed, 1 Mar 2017 18:28:55 GMT
Received: from abhmp0005.oracle.com (abhmp0005.oracle.com [141.146.116.11]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id v21ISttp016583 for <id-event@ietf.org>; Wed, 1 Mar 2017 18:28:55 GMT
Received: from [10.0.1.30] (/24.86.190.97) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 01 Mar 2017 10:28:54 -0800
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1322357F-37E2-4142-8537-8DF7A2E3106A"
Message-Id: <69985A67-A4D4-45E0-9076-3133B63BFCF2@oracle.com>
Date: Wed, 01 Mar 2017 10:28:54 -0800
To: ID Events Mailing List <id-event@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
X-Source-IP: userv0021.oracle.com [156.151.31.71]
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/AajKP2oDe9KuaV1WLpZvJHxkhWM>
Subject: [Id-event] Thread - Should Primary Event Be a Separate Attribute (regarding secevent-token-00)
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2017 18:28:57 -0000
All, Yaron asked me to go over all of the items marked “Thread” in the following email: https://mailarchive.ietf.org/arch/msg/id-event/u99clKDCPTrqEkOxvJpd402jXjY <https://mailarchive.ietf.org/arch/msg/id-event/u99clKDCPTrqEkOxvJpd402jXjY> This is the first of several threads: Should Primary Event Be a Separate Attribute On this topic, following Yaron’s comments Mike Jones raised some points that there should be no distinction between primary events and extensions (https://mailarchive.ietf.org/arch/msg/id-event/0Hhg46ROcidQDLL7OnXUs88TJ9U <https://mailarchive.ietf.org/arch/msg/id-event/0Hhg46ROcidQDLL7OnXUs88TJ9U>). Summarizing: * Processors will run through all of them regardless. It is not necessarily helpful to understand which is a primary vs. extension * Let’s drop distinction between primary vs. extension. You can simply express one or more sets of event attributes in a single JWT My proposal is to drop this terminology in the text and keep the attribute multi-valued. The purpose of the attribute is to inform the reader what events are being asserted and what additional data may be present. It is up to the reader to ultimately infer meaning when one or more URIs are present. Further, when multiple URIs are present it must still to make a combined statement about a single state change about a subject. It must not be used to convey multiple distinct (e.g. transactions) events about a subject. Assuming everyone agrees, I will plan to remove these distinctions in the next update with some new text. Please comment if you have concerns. Phil Oracle Corporation, Identity Cloud Services & Identity Standards @independentid www.independentid.com <http://www.independentid.com/>phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>
- [Id-event] Thread - Should Primary Event Be a Sep… Phil Hunt
- Re: [Id-event] Thread - Should Primary Event Be a… Mike Jones
- Re: [Id-event] Thread - Should Primary Event Be a… William Denniss
- Re: [Id-event] Thread - Should Primary Event Be a… Phil Hunt
- Re: [Id-event] Thread - Should Primary Event Be a… Mike Jones
- Re: [Id-event] Thread - Should Primary Event Be a… Phil Hunt
- Re: [Id-event] Thread - Should Primary Event Be a… Marius Scurtescu
- Re: [Id-event] Thread - Should Primary Event Be a… Justin Richer