IETF Logo Mail Archive

Re: [Id-event] "aud" vs. receiver issue raised in WGLC

Marius Scurtescu <mscurtescu@google.com> Tue, 24 October 2017 00:53 UTC

Return-Path: <mscurtescu@google.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2227813AB66 for <id-event@ietfa.amsl.com>; Mon, 23 Oct 2017 17:53:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.45
X-Spam-Level:
X-Spam-Status: No, score=-0.45 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NxEtuR7PtlIM for <id-event@ietfa.amsl.com>; Mon, 23 Oct 2017 17:53:12 -0700 (PDT)
Received: from mail-it0-x235.google.com (mail-it0-x235.google.com [IPv6:2607:f8b0:4001:c0b::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C470B139507 for <id-event@ietf.org>; Mon, 23 Oct 2017 17:53:11 -0700 (PDT)
Received: by mail-it0-x235.google.com with SMTP id l196so8108066itl.4 for <id-event@ietf.org>; Mon, 23 Oct 2017 17:53:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=VA+OON5GLVLp8OqsO5KxmKVsKsDz87guKKkRY5Fo2rQ=; b=EHn5IUTanBrgaLJWluf5ruWjYSxud33YWvgKNjV1D7UIR2kYvUTpn94RNtMkXfiG85 TURgfY8tcqY2/Lf2ui/P/8kBaGCn3l31bUzfokhXm2zCgngk4E/VqGD0iFYgyC9xjLqH y8vtTUjIiS4lULDDsJJDQq5HeQSzE/EHHV+3Uh4HinnCBl1dnmzFQ4ufKbfIUXO0LBKk MUO5M4noUB9g57QkOk29cBrjKyjTaETB+KlPdZg8/U8/RH0z8YEFtnC/IrMeAICxdAcU purj34plXPW7jboF+J4r3xz3e4R5gjPiWy9NAOEzSd4hH/cx3j/FlRxtQHmYiBX7q2NN axnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=VA+OON5GLVLp8OqsO5KxmKVsKsDz87guKKkRY5Fo2rQ=; b=pxTuMWaFV5By0dDhcckloyffHnhI9/cDKc5HzxY10j1hs/0PLbQchQzmK38ihCUOb7 a+jpFiRCO0CzT7uSuLrH/LmKddR7Au920JlGTE8jIStJirk91BE2PdhVLBJUFanVRbIL bjo7CB/G0d2/1NWuXZo6AMBmj+YEwHpyAMuuArvEuMEc6kEObY6BlkQUKGVm09HF8HRW Z0JozNSeNSPtnjzKphqDl8HYcwmlCnxN99TMLodsSFMlGX+2tgq976Ll1JO73PedNs7d Gz9w9Z5F5adaRf1g7IxvvOmE7b53Phs25n6QDKT8cf1z0wQf2DW+yKkTIEs5MXB8lg/4 HODQ==
X-Gm-Message-State: AMCzsaUiMKq4MZ7RIkRmvHVDZcRGGdlPEBX0etVGV+Jtth/xvj5CNVq7 ktwOkm2cq1cImslhHluJl2GlMTHx68DiNaIUYLADkQ==
X-Google-Smtp-Source: ABhQp+SDKRyOrG1FTGWk2I8N7YVCzNmbAzaAMwygPg8HCyLIFCSPo4rK42vUetpnlHExBo75C35V8JD8L188VnN6fK0=
X-Received: by 10.36.120.136 with SMTP id p130mr11439826itc.54.1508806390673; Mon, 23 Oct 2017 17:53:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.34.9 with HTTP; Mon, 23 Oct 2017 17:52:49 -0700 (PDT)
In-Reply-To: <73EA53D2-55F8-46EB-99BA-41516D844559@oracle.com>
References: <e6649728-f94a-93f5-9885-c948a5b0ed49@gmail.com> <CAGdjJpJtfV9q2iaL-uao1b7XpQjx5uJrX=fnoM36POXLFYrqow@mail.gmail.com> <fa06137b-516f-4a57-8ed5-08cd2cc63af6@sit.fraunhofer.de> <71FA69AE-F8F6-45AB-9550-36BC9395DE32@gmail.com> <684D9C6F-C59A-4850-9A1B-24A026278A62@oracle.com> <CAGdjJpLYxzUqOGxZ9oTLiCzZAwffTEqjxBYNtZO09nF6RnzOAA@mail.gmail.com> <7DAF5B83-F6DB-4015-A011-AB6E13C46B81@oracle.com> <CAGdjJpJtP7w-wL3Pj=QODOjc9m15z0Ssd+8bwxX684c-t1bbiQ@mail.gmail.com> <5FF78162-D0FF-4742-90BF-9A12BA299D06@oracle.com> <CAGdjJpLVKveRGp3RSnxjUgqjv2bmgxZWTNcajRDNG0C2wKG1iw@mail.gmail.com> <73EA53D2-55F8-46EB-99BA-41516D844559@oracle.com>
From: Marius Scurtescu <mscurtescu@google.com>
Date: Mon, 23 Oct 2017 17:52:49 -0700
Message-ID: <CAGdjJpJGh0DAMT-ZUGZ8dYy7cqcS8L8NfSbtthUuYhLQCJJzvg@mail.gmail.com>
To: "Phil Hunt (IDM)" <phil.hunt@oracle.com>
Cc: ID Events Mailing List <id-event@ietf.org>
Content-Type: multipart/alternative; boundary="001a114ab8e4f4080c055c405c7e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/DMOwIX0xwvFvojQJ8bCU3_dMF8M>
Subject: Re: [Id-event] "aud" vs. receiver issue raised in WGLC
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Oct 2017 00:53:15 -0000

I raised a wording issue, not sure if it still applies:

"The abstract mentions "issuer" and "receiver" in the last sentence.
"receiver" does not sound right (that should be used in the context of a
transmitter), but I don't have a better suggestion. Audience?
The last paragraph of section 1 mentions "subscriber". I think it should be
either "receiver" or "audience"."



Marius

On Mon, Oct 23, 2017 at 5:49 PM, Phil Hunt (IDM) <phil.hunt@oracle.com>
wrote:

> Ok. But you raised the concern. Are you withdrawing it?
>
> Phil
>
> On Oct 23, 2017, at 5:47 PM, Marius Scurtescu <mscurtescu@google.com>
> wrote:
>
> On Mon, Oct 23, 2017 at 4:15 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>
>> It’s quite relevant to those with distributed architectures.
>>
>> If an Event Stream requires that SETs need to be encrypted (using JWE),
>> the SETs needs to be encrypted so the “receiver" can read it.  Regardless,
>> “aud” should be interpreted by the traditional JWT method which suggests
>> the security domain the event is for.  For example, a web site relying
>> party does not have the capability to process (or issue) events itself (eg.
>> because of a distributed architecture). The relying party assigns another
>> entity the role of Event Receiver (or Transmitter).
>>
>> The problem being that If the “set” is encrypted for “aud” then only the
>> “aud” entity can read the SET which will make it impossible to for another
>> server to handle or worse, it would require sharing of private keys.
>>
>
> The RP controls the configuration of the stream, so they can specify an
> endpoint that belongs to the outsourced receiver and they can also specify
> an encryption key that is controlled by the outsourced receiver. The RP
> does not need access to the private key at all.
>
> I still think it is irrelevant to the transmitter, or to this spec. I
> agree it is totally relevant for the RP,
>
>
>
>> Phil
>>
>> Oracle Corporation, Identity Cloud Services Architect
>> @independentid
>> www.independentid.com
>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.independentid.com&d=DwMFaQ&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=CB-Hkcxglh-YNhXysOrrok_4zCGDYpxX49Xsuqtk5xM&s=yLs1cTxnvZUXAqt72qLGSJmz0X3EKVE6yNBJ0nsVUgo&e=>
>> phil.hunt@oracle.com
>>
>> On Oct 23, 2017, at 3:58 PM, Marius Scurtescu <mscurtescu@google.com>
>> wrote:
>>
>> I think "aud" should point to the Receiver, the outsourcing is irrelevant.
>>
>> Nothing needs to change here IMO.
>>
>> Marius
>>
>> On Mon, Oct 23, 2017 at 3:55 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
>>
>>> It seems reasonable to further clarify that the definition of a receiver
>>> could be improved.
>>>
>>> I propose to change from:
>>>
>>>    Event Receiver
>>>       An Event Receiver is an entity that receives SETs through some
>>>       distribution method.
>>>
>>>
>>> To:
>>>
>>>    Event Receiver
>>>       An Event Receiver is an entity that receives SETs through some
>>>       distribution method. An Event Receiver MAY be a different
>>>
>>>       entity than that described by the “aud” claim.
>>>
>>>
>>> Phil
>>>
>>> Oracle Corporation, Identity Cloud Services Architect
>>> @independentid
>>> www.independentid.com
>>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.independentid.com&d=DwMFaQ&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=fDB9pNmWNg5BPXoRtaXXB1Iz_tq5wICJLi5itJHRai0&s=Ee7RsPFKzheWNvOz1Ut9gCvs_2bw0DE6GEeg-S0KMyE&e=>
>>> phil.hunt@oracle.com
>>>
>>> On Oct 23, 2017, at 2:38 PM, Marius Scurtescu <mscurtescu@google.com>
>>> wrote:
>>>
>>> I think "aud" is perfectly fine.
>>>
>>> IMO it should make no difference for the Transmitter that the event is
>>> actually handled by an outsourced entity, the RP trusts that entity and the
>>> event is generated and targeted to the RP and not to the current outsourced
>>> processor.
>>>
>>> Marius
>>>
>>> On Mon, Oct 23, 2017 at 10:57 AM, Phil Hunt <phil.hunt@oracle.com>
>>> wrote:
>>>
>>>>
>>>> All,
>>>>
>>>> I am reviewing the previous feedback from WGLC and will be bringing up
>>>> any unresolved issues for quick discussion/confirmation…
>>>>
>>>> Following up on Marius and Henk’s comment, I am concerned that “aud”
>>>> has a very specific meaning and is often tied to a security domain
>>>> definition. We should not necessarily say this is the receiver though it
>>>> often turns out to be. For example a RP (“aud”) has outsourced events
>>>> processing to a third party (the so called receiver).
>>>>
>>>> I am happy with the current claim set, but maybe some text explaining
>>>> that a receiver does not have to be the aud is appropriate?  I don’t see
>>>> any benefit to having a receiver claim as this could complicate processing
>>>> more than its worth.
>>>>
>>>> There are a few other comments in this thread, but this one seemed the
>>>> most unresolved.
>>>>
>>>> Phil
>>>>
>>>>
>>>> On Aug 3, 2017, at 8:03 AM, Henk Birkholz <
>>>> henk.birkholz@sit.fraunhofer.de> wrote:
>>>>
>>>> Hello,
>>>>
>>>> to me, the "audience" claim seems to be a good choice here.
>>>>
>>>> Viele Grüße,
>>>>
>>>> Henk
>>>>
>>>> On 08/02/2017 11:45 PM, Marius Scurtescu wrote:
>>>>
>>>> The abstract mentions "issuer" and "receiver" in the last sentence.
>>>> "receiver" does not sound right (that should be used in the context of a
>>>> transmitter), but I don't have a better suggestion. Audience?
>>>> The last paragraph of section 1 mentions "subscriber". I think it
>>>> should be either "receiver" or "audience".
>>>> The explanation for figure 1 states that the issuer denotes the
>>>> transmitter. If the issuer and the transmitter are assumed to be the same
>>>> entity, then the transmitter definition in section 1.2 should make that
>>>> clear.
>>>> Figure 3, I think the "sub" claim should be nested in the event, next
>>>> to the issuer that provides the correct context. The "iss" and "sub"
>>>> definitions in 2.1 also touch on this, providing conflicting advice.
>>>> Section 2,1, definition of "nbf". The definition says that this is the
>>>> event time. I see two problems:
>>>> - the name suggest "not before", not exactly the same as event time
>>>> - there can be multiple events
>>>> maybe this claim should be dropped?
>>>> Section 2.1, definition of "exp". Omitting this claim is the short term
>>>> solution to the confusion issue. Why not mention that and that it SHOULD
>>>> NOT be used?
>>>> Section 2.1, definition of "events". It states that all events must
>>>> refer to the same logical event. Lately in discussions we reached the
>>>> conclusion that all events in a SET should be defined in the same profile,
>>>> which is a stronger requirement. I think this definition should mention
>>>> that.
>>>> Regarding events and profiles. There was a proposal to add a new claim
>>>> to uniquely identify the profile. I think we need to discuss that.
>>>> Figure 5. Maybe a signed example would be better, especially that the
>>>> next paragraph mentions that signatures or encryption should be used.
>>>> Section 4.5, second paragraph. Mentions that "nonce" is also required,
>>>> but that is not actually true. Id Tokens issued at the token endpoint for
>>>> example will not have it. I suggest we drop the whole paragraph.
>>>> Marius
>>>> On Mon, Jul 31, 2017 at 1:40 PM, Yaron Sheffer <yaronf.ietf@gmail.com <
>>>> mailto:yaronf.ietf@gmail.com <yaronf.ietf@gmail.com>>> wrote:
>>>>    This is to announce working group last call on this draft
>>>>    (https://urldefense.proofpoint.com/v2/url?u=https-3A__dat
>>>> atracker.ietf.org_doc_draft-2Dietf-2Dsecevent-2Dtoken_&d=DwI
>>>> GaQ&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRr
>>>> KugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=UUydIFEV9SQ_lw_LNE4lvS
>>>> 7pQLXEZEWA2F1i7bfAuUY&s=9SIT98RlAb1C9Md1W54IRl6cxjlKfjqT99u5-Ojw4Fw&e=
>>>>     <https://urldefense.proofpoint.com/v2/url?u=
>>>> https-3A__datatracker.ietf.org_doc_draft-2Dietf-2Dsecevent-2
>>>> Dtoken_&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK
>>>> 10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=UUydIFEV9
>>>> SQ_lw_LNE4lvS7pQLXEZEWA2F1i7bfAuUY&s=9SIT98RlAb1C9Md1W54IRl6
>>>> cxjlKfjqT99u5-Ojw4Fw&e= >).
>>>>    Please send your comments to the list. Even if you are perfectly
>>>>    happy with the draft, please let us know that you support its
>>>>    publication as-is by posting to the list.
>>>>    Because of the summer holidays, this last call is open for 3 weeks,
>>>>    until Aug. 21.
>>>>    Thanks,
>>>>         Dick and Yaron
>>>>    _______________________________________________
>>>>    Id-event mailing list
>>>>    Id-event@ietf.org <mailto:Id-event@ietf.org <Id-event@ietf.org>>
>>>>    https://urldefense.proofpoint.com/v2/url?u=https-3A__www.
>>>> ietf.org_mailman_listinfo_id-2Devent&d=DwIGaQ&c=RoP1YumCXCga
>>>> WHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEi
>>>> vzjWwlNKe4C_lLIGk&m=UUydIFEV9SQ_lw_LNE4lvS7pQLXEZEWA2F1i7bfA
>>>> uUY&s=jX1QgcFI8umtt8pEkthXa3uL_TsJINLVTXORUpSDnvA&e=     <ht
>>>> tps://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.
>>>> org_mailman_listinfo_id-2Devent&d=DwIGaQ&c=RoP1YumCXCgaWHvlZ
>>>> YR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjW
>>>> wlNKe4C_lLIGk&m=UUydIFEV9SQ_lw_LNE4lvS7pQLXEZEWA2F1i7bfAuU
>>>> Y&s=jX1QgcFI8umtt8pEkthXa3uL_TsJINLVTXORUpSDnvA&e= >
>>>> _______________________________________________
>>>> Id-event mailing list
>>>> Id-event@ietf.org
>>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.iet
>>>> f.org_mailman_listinfo_id-2Devent&d=DwIGaQ&c=RoP1YumCXCgaWHv
>>>> lZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzj
>>>> WwlNKe4C_lLIGk&m=UUydIFEV9SQ_lw_LNE4lvS7pQLXEZEWA2F1i7bfAuUY
>>>> &s=jX1QgcFI8umtt8pEkthXa3uL_TsJINLVTXORUpSDnvA&e=
>>>>
>>>>
>>>> _______________________________________________
>>>> Id-event mailing list
>>>> Id-event@ietf.org
>>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.iet
>>>> f.org_mailman_listinfo_id-2Devent&d=DwIGaQ&c=RoP1YumCXCgaWHv
>>>> lZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzj
>>>> WwlNKe4C_lLIGk&m=UUydIFEV9SQ_lw_LNE4lvS7pQLXEZEWA2F1i7bfAuUY
>>>> &s=jX1QgcFI8umtt8pEkthXa3uL_TsJINLVTXORUpSDnvA&e=
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Id-event mailing list
>>>> Id-event@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/id-event
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_id-2Devent&d=DwMFaQ&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=qgzi6hIQUdXUCZu3X2lrQFAdGZO2O9szzwPah2M8LX0&s=kr9e2Ob_q0g5BinjBOLJAjrZeWIcrCNx9O1jax-Bs8o&e=>
>>>>
>>>>
>>>
>>>
>> _______________________________________________
>> Id-event mailing list
>> Id-event@ietf.org
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.iet
>> f.org_mailman_listinfo_id-2Devent&d=DwICAg&c=RoP1YumCXCgaWHv
>> lZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivz
>> jWwlNKe4C_lLIGk&m=fDB9pNmWNg5BPXoRtaXXB1Iz_tq5wICJLi5itJHRai
>> 0&s=7M0OleTd4BpCbNMHkA9Vif8ucznK2XkdYp7wB0zI3N0&e=
>>
>>
>>
>

v2.23.0 | Report a Bug | By Email