IETF Logo Mail Archive

Re: [Id-event] WG Last Call for draft-ietf-secevent-http-poll-03 - until Aug. 28

"Richard Backman, Annabelle" <richanna@amazon.com> Wed, 28 August 2019 23:44 UTC

Return-Path: <prvs=136e11903=richanna@amazon.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 877D31200B7 for <id-event@ietfa.amsl.com>; Wed, 28 Aug 2019 16:44:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.799
X-Spam-Level:
X-Spam-Status: No, score=-11.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 079Df0JREE7Z for <id-event@ietfa.amsl.com>; Wed, 28 Aug 2019 16:44:32 -0700 (PDT)
Received: from smtp-fw-6002.amazon.com (smtp-fw-6002.amazon.com [52.95.49.90]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60C21120227 for <id-event@ietf.org>; Wed, 28 Aug 2019 16:44:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1567035872; x=1598571872; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=zB/ITLgOPiNoRp8Ghk+VYlLqEfx0lG35GxDTeo/EA+E=; b=e+fQ/EP03JY/x4xgNqSMOrf5Y+aBEXtQ14JDVug/HJWaSauh3mgwAcPs kBilDR86nv8g4BxsrcdPmuFyt+WGa+mMOr+3Z2+KuCxtoJx/tB/WCYrQJ T9SXa00S+/1Z0nSwOPiKCyfgv0HKtlLP5c/uWfDSqFC8g6UBQ9ehrz0lg M=;
X-IronPort-AV: E=Sophos;i="5.64,442,1559520000"; d="scan'208,217";a="418330928"
Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-1a-821c648d.us-east-1.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-6002.iad6.amazon.com with ESMTP; 28 Aug 2019 23:44:30 +0000
Received: from EX13MTAUWC001.ant.amazon.com (iad55-ws-svc-p15-lb9-vlan3.iad.amazon.com [10.40.159.166]) by email-inbound-relay-1a-821c648d.us-east-1.amazon.com (Postfix) with ESMTPS id 9EB70A1BDE; Wed, 28 Aug 2019 23:44:28 +0000 (UTC)
Received: from EX13D11UWC003.ant.amazon.com (10.43.162.162) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 28 Aug 2019 23:44:27 +0000
Received: from EX13D11UWC004.ant.amazon.com (10.43.162.101) by EX13D11UWC003.ant.amazon.com (10.43.162.162) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 28 Aug 2019 23:44:27 +0000
Received: from EX13D11UWC004.ant.amazon.com ([10.43.162.101]) by EX13D11UWC004.ant.amazon.com ([10.43.162.101]) with mapi id 15.00.1367.000; Wed, 28 Aug 2019 23:44:27 +0000
From: "Richard Backman, Annabelle" <richanna@amazon.com>
To: Dick Hardt <dick.hardt@gmail.com>, Yaron Sheffer <yaronf.ietf@gmail.com>
CC: Adam Dawes <adawes=40google.com@dmarc.ietf.org>, Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>, "Morteza Ansari (moransar)" <moransar@cisco.com>, SecEvent <id-event@ietf.org>, Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
Thread-Topic: [Id-event] WG Last Call for draft-ietf-secevent-http-poll-03 - until Aug. 28
Thread-Index: AQHVTSQqqZxZ8E2cfkmcn09xLzm8Aab8q4iAgAACRwCAAALrAIAAIK2AgABvkwCAC+lcgIAHuxYA
Date: Wed, 28 Aug 2019 23:44:27 +0000
Message-ID: <E752FE11-2B25-41D1-863F-9104099A6B08@amazon.com>
References: <8ea1d476-f5b4-f21c-f3d7-c01d699a1510@gmail.com> <BYAPR00MB0567FAC45376CAA9F74E58E2F5AC0@BYAPR00MB0567.namprd00.prod.outlook.com> <CAOJhRMbmkfuZCGqzJMVUNRfEeeJQvu77At6P1S3HscNidVgwuA@mail.gmail.com> <CA+k3eCSCPFYzHiBkdrrv6T_tHRtBL9ioB+fcN-2-0Nx0kasrVA@mail.gmail.com> <FC1372C9-5FD0-4A16-B643-10856001DC56@cisco.com> <fe91d016-b1ad-6793-039e-3e680bf38666@gmail.com> <CAD9ie-s0Y0UJRP6=mMnusLuMstZ89bZiVtHRXs9LYii8qA3UQA@mail.gmail.com>
In-Reply-To: <CAD9ie-s0Y0UJRP6=mMnusLuMstZ89bZiVtHRXs9LYii8qA3UQA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.0.180812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.43.161.244]
Content-Type: multipart/alternative; boundary="_000_E752FE112B2541D1863F9104099A6B08amazoncom_"
MIME-Version: 1.0
Precedence: Bulk
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/Bm3qLEBUyhTczWlIQxcVWlt9qTs>
Subject: Re: [Id-event] WG Last Call for draft-ietf-secevent-http-poll-03 - until Aug. 28
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2019 23:44:37 -0000

On my latest read-through I noticed a couple items that need to be addressed prior to publication:


  1.  The draft currently forbids static Bearer tokens (§4.4.1: “Bearer tokens MUST have a limited lifetime…). There are legitimate use cases for static tokens when dealing with less sophisticated clients/services. I suggest changing the MUST to a SHOULD, or indicating the guidance applies to dynamically generated tokens.

  2.  The draft does not describe error responses from the SET Transmitter, e.g., in response to a malformed poll request. This requires a separate set of error codes, since the existing ones are specific to SET reception/processing errors. Additionally, §2.5 must be amended to allow the SET Transmitter to immediately return an error response even when long polling is requested by the SET Receiver.

--
Annabelle Richard Backman
AWS Identity


From: Id-event <id-event-bounces@ietf.org> on behalf of Dick Hardt <dick.hardt@gmail.com>
Date: Friday, August 23, 2019 at 11:41 AM
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Cc: Adam Dawes <adawes=40google.com@dmarc.ietf.org>, Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>, "Morteza Ansari (moransar)" <moransar@cisco.com>, SecEvent <id-event@ietf.org>, Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
Subject: Re: [Id-event] WG Last Call for draft-ietf-secevent-http-poll-03 - until Aug. 28

Reminder per Yaron's note below.

On Thu, Aug 15, 2019 at 9:47 PM Yaron Sheffer <yaronf.ietf@gmail.com<mailto:yaronf.ietf@gmail.com>> wrote:
Thank you all for your support, but please use this opportunity to
actually review the draft (even if you've read it in the past) and
provide comments. Even if the draft is very good, it is probably not
perfect.

Thanks,
        Yaron

On 15/08/2019 15:07, Morteza Ansari (moransar) wrote:
> I support publishing this draft.
>
> *From: *Id-event <id-event-bounces@ietf.org<mailto:id-event-bounces@ietf.org>> on behalf of Brian Campbell
> <bcampbell=40pingidentity.com@dmarc.ietf.org<mailto:40pingidentity.com@dmarc.ietf.org>>
> *Date: *Thursday, August 15, 2019 at 1:11 PM
> *To: *Adam Dawes <adawes=40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf.org>>
> *Cc: *Yaron Sheffer <yaronf.ietf@gmail.com<mailto:yaronf.ietf@gmail.com>>, Mike Jones
> <Michael.Jones=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>>, SecEvent <id-event@ietf.org<mailto:id-event@ietf.org>>
> *Subject: *Re: [Id-event] WG Last Call for
> draft-ietf-secevent-http-poll-03 - until Aug. 28
>
> +1
>
> On Thu, Aug 15, 2019 at 2:00 PM Adam Dawes
> <adawes=40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf.org>
> <mailto:40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf.org>>> wrote:
>
>     I support the publication of this draft.
>
>     On Thu, Aug 15, 2019 at 12:52 PM Mike Jones
>     <Michael.Jones=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>
>     <mailto:40microsoft..com@dmarc.ietf.org<mailto:40microsoft..com@dmarc..ietf.org>>> wrote:
>
>         I support the publication of this draft.
>
>                                          -- Mike
>
>         -----Original Message-----
>         From: Id-event <id-event-bounces@ietf.org<mailto:id-event-bounces@ietf.org>
>         <mailto:id-event-bounces@ietf.org<mailto:id-event-bounces@ietf.org>>> On Behalf Of Yaron Sheffer
>         Sent: Wednesday, August 7, 2019 6:29 AM
>         To: SecEvent <id-event@ietf.org<mailto:id-event@ietf.org> <mailto:id-event@ietf.org<mailto:id-event@ietf.org>>>
>         Subject: [Id-event] WG Last Call for
>         draft-ietf-secevent-http-poll-03 - until Aug. 28
>
>         This is to announce working group last call on this draft
>         (https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-secevent-http-poll%2F&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C21e8c49267744dff8acd08d71b3b4550%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637007813697234665&amp;sdata=GpeOhfKoVYD5I%2F1n9ebDVKV%2F%2Bl0xNp9c%2BRfddOaxUuM%3D&amp;reserved=0).
>
>
>         Please send your comments to the list.. Even if you are perfectly
>         happy
>         with the draft, please let us know that you support its publication
>         as-is by posting to the list.
>
>
>         Because of the summer holidays, this last call is open for 3 weeks,
>         until Aug. 28.
>
>
>         Thanks,
>
>
>               Dick and Yaron
>
>         _______________________________________________
>         Id-event mailing list
>         Id-event@ietf.org<mailto:Id-event@ietf.org> <mailto:Id-event@ietf.org<mailto:Id-event@ietf.org>>
>         https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fid-event&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C21e8c49267744dff8acd08d71b3b4550%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637007813697234665&amp;sdata=rEcwirRhx4WvVxkdFHEAuoXME58ycYxQWod0tAzlT50%3D&amp;reserved=0
>         _______________________________________________
>         Id-event mailing list
>         Id-event@ietf.org<mailto:Id-event@ietf.org> <mailto:Id-event@ietf.org<mailto:Id-event@ietf.org>>
>         https://www.ietf..org/mailman/listinfo/id-event<https://www.ietf.org/mailman/listinfo/id-event>
>
>     _______________________________________________
>     Id-event mailing list
>     Id-event@ietf.org<mailto:Id-event@ietf.org> <mailto:Id-event@ietf.org<mailto:Id-event@ietf.org>>
>     https://www.ietf.org/mailman/listinfo/id-event
>
>
> */CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly
> prohibited..  If you have received this communication in error, please
> notify the sender immediately by e-mail and delete the message and any
> file attachments from your computer. Thank you./*
>

_______________________________________________
Id-event mailing list
Id-event@ietf.org<mailto:Id-event@ietf.org>
https://www.ietf.org/mailman/listinfo/id-event

v2.23.0 | Report a Bug | By Email