Re: [Id-event] Consensus :: Single Event Syntax
Justin Richer <jricher@mit.edu> Sat, 09 December 2017 14:01 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EEC6127136 for <id-event@ietfa.amsl.com>; Sat, 9 Dec 2017 06:01:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id knwwv_x9FA26 for <id-event@ietfa.amsl.com>; Sat, 9 Dec 2017 06:01:16 -0800 (PST)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01EEE126DFF for <id-event@ietf.org>; Sat, 9 Dec 2017 06:01:15 -0800 (PST)
X-AuditID: 1209190c-f29ff70000002e7f-dd-5a2beca84b30
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 72.85.11903.9ACEB2A5; Sat, 9 Dec 2017 09:01:13 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id vB9E16c4018036; Sat, 9 Dec 2017 09:01:07 -0500
Received: from [192.168.1.3] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id vB9E12Zg018432 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sat, 9 Dec 2017 09:01:03 -0500
To: Mike Jones <Michael.Jones@microsoft.com>, Phil Hunt <phil.hunt@oracle.com>, "Richard Backman, Annabelle" <richanna@amazon.com>
Cc: William Denniss <wdenniss@google.com>, Yaron Sheffer <yaronf.ietf@gmail.com>, "M.Lizar@OCG" <m.lizar@openconsentgroup.com>, SecEvent <id-event@ietf.org>, Dick Hardt <dick.hardt@gmail.com>
References: <CAD9ie-s_tmCqwBh0u=89Zx7FZEUMq0-TcPY_t-3t006oTrTbmw@mail.gmail.com> <C7C5A5CC-351F-4F65-9977-19508ECF8A65@oracle.com> <3F588BE5-4644-434F-A252-DDA2964715C4@openconsentgroup.com> <C45832CC-C0F9-4FB2-8884-A4D76AC116C4@openconsentgroup.com> <CAAP42hAkz0MwwWuN8Ych-VkLrzjq2Hm+q98dhOGgWTDwP++eXw@mail.gmail.com> <6788B0D5-94C8-48FF-87F3-F09259127F2B@amazon.com> <CY4PR21MB0504A25EA9A352074CF63ECCF53D0@CY4PR21MB0504.namprd21.prod.outlook.com> <E0F9B4A6-442F-4231-874D-1845E05B8BD3@amazon.com> <0B45222C-C0E0-452F-B7F2-366861031A4D@oracle.com> <CY4PR21MB0504DA35A5A784A281498D06F53D0@CY4PR21MB0504.namprd21.prod.outlook.com>
From: Justin Richer <jricher@mit.edu>
Message-ID: <dd79933d-e70c-f381-d057-c3f89493d88c@mit.edu>
Date: Sat, 09 Dec 2017 09:00:40 -0500
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CY4PR21MB0504DA35A5A784A281498D06F53D0@CY4PR21MB0504.namprd21.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------5CEA279F3BF74AC40A166426"
Content-Language: en-US
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sb0gTYRzHe+7O3W14cU5lj2YUh1lqM0WJS1KKIJcURFDBSPR05zba5rjb zAmB/yt7k6ZLp+ZKSTMrU1orDGqCofiXtBeKpmiKf97UOyOpO5d/3n1/z+f7+32fh+dHoMr5 gHDCaLFxvIU10TIFpsRTI9XP12O18R3OU8xCPc/cdd9HmJZKN8Z8dP7CGHdzMc7cWSCY7sZS nOn4XoefITTtY5UBmveuGVzj7rZrWls3EE25dxPX1H+Ylml+/pjCLuNaxWkdZzLmc/yJ1CyF YXb2icz6t0JRsOIZBkVgZRSrBHICUklwYPkNWgkUhJJqQWD/dBfwF10Arnid/4tJBP7xfEWl lmCKgS+qqhEJhFBOAAebPJhUoNQUgEPDn2T+lnsBsG2jD5daZNQR+KizDJE0SSXDhqESIGmM ioR1a++2PKHUDVg1Nw78niA4UL+4dUM5lQF/e1a3olHqGuycGEX8WgWnFpuRB4By7Wlx7bG5 9tj8+iR83DOP+vUhWPq2QdSEqKPgs3J677Eb4B3goM5cqDazRpPA5aiFHNZi4Xh1QpzZaIvj dPZuIP2ePCzQC4bW032AIgAdSM65YrTKADZfcJh9IIxA6FCSjYzVKvdn5+kcBlYwZPJ2Eyf4 ACRQOoQ0F4uM1LGOQo7P20YHCIxWkWlJIqL0rI27yXFWjt+mEQRBQ9KyJtIgntNzBblGk20X I4RcGh4oDi+RPKRgZc2CUe/ng0BNLNWvFaFKzJJn4cJVZKJkoiSTwW7ZmSNtZtqrVGYVqMRn BZOZkitQ3NudSatiCCKGIA+3QmzsLgovAjVm+lhKij00A59On55M0mf1mnXnqItjfY59V5/e nr+iv/XZS9vjr0dPwYmskfTQo9VCY397o+GlbnA8sbV21mdte72+mZ5b0Xq29rCjt8dU1pJ9 qVwPTEsRX2rOD8YovSrnGL6Q3Dgwttak4+UjM9GJCYtRF2SK5XDt8W+JNCYY2IQYlBfYfwGQ clJ0AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/L5vVkUXtYXkYU9u7-zaOxxZ6BJ8>
Subject: Re: [Id-event] Consensus :: Single Event Syntax
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Dec 2017 14:01:22 -0000
If you can carry multiple profiled payloads together, which profile gets to decide the semantics of the combination? Answering this question in any reasonable fashion is exactly why I favor the new format over the current, and it gets at what I was attempting with the current format. -- Justin On 12/5/2017 4:30 PM, Mike Jones wrote: > > Hi Annabelle, > > The data contained in a SET and the semantics of that data will > **always** be profile-specific. That’s a feature – not a bug. It’s > what makes SETs general-purpose, rather than being suited only for a > narrow set of use cases. > > An analogy with JWTs is applicable. JWTs have no required claims, so > their usage is always profile-specific. That has enabled them to be > adopted by numerous diverse applications. SETs currently have that > same level of flexibility – by design. > > -- Mike > > *From:* Phil Hunt [mailto:phil.hunt@oracle.com] > *Sent:* Tuesday, December 5, 2017 1:22 PM > *To:* Richard Backman, Annabelle <richanna@amazon.com> > *Cc:* Mike Jones <Michael.Jones@microsoft.com>; William Denniss > <wdenniss@google.com>; M.Lizar@OCG <m.lizar@openconsentgroup.com>; > Yaron Sheffer <yaronf.ietf@gmail.com>; Dick Hardt > <dick.hardt@gmail.com>; SecEvent <id-event@ietf.org> > *Subject:* Re: [Id-event] Consensus :: Single Event Syntax > > I would disagree strongly with the notion of inter-operability > requirements on expected outcomes or actions by receivers. > > SETs are statements of changes in state of security objects by > transmitters. SETs do not indicate any specific actions that should be > taken by receivers. > > I believe I’ve covered this issue during the informal BOF (at the SCIM > WG meeting Argentina) and several times during IETF WG meeting > presentations. I did so, because within the IETF community many people > have vastly different notions of what an event is. > > Phil > > Oracle Corporation, Identity Cloud Services Architect > > @independentid > > www.independentid.com <http://www.independentid.com> > > phil.hunt@oracle.com <mailto:phil.hunt@oracle.com> > > > > On Dec 5, 2017, at 12:57 PM, Richard Backman, Annabelle > <richanna@amazon.com <mailto:richanna@amazon.com>> wrote: > > Mike, > > This isn’t simply an issue of “single vs multiple” – the current > draft is fundamentally broken from an interoperability standpoint, > because the correct interpretation of the “events” claim is at > best profile-specific, at worst implementation-specific. > > -- > > Annabelle Richard Backman > > Amazon – Identity Services > > *From:*Mike Jones <Michael.Jones@microsoft.com > <mailto:Michael.Jones@microsoft.com>> > *Date:*Tuesday, December 5, 2017 at 12:22 PM > *To:*"Richard Backman, Annabelle" <richanna@amazon.com > <mailto:richanna@amazon.com>>, William Denniss > <wdenniss@google.com <mailto:wdenniss@google.com>>, "M.Lizar@OCG > <mailto:M.Lizar@OCG>" <m.lizar@openconsentgroup.com > <mailto:m.lizar@openconsentgroup.com>> > *Cc:*Yaron Sheffer <yaronf.ietf@gmail.com > <mailto:yaronf.ietf@gmail.com>>, Phil Hunt <phil.hunt@oracle.com > <mailto:phil.hunt@oracle.com>>, SecEvent <id-event@ietf.org > <mailto:id-event@ietf.org>>, Dick Hardt <dick.hardt@gmail.com > <mailto:dick.hardt@gmail.com>> > *Subject:*RE: [Id-event] Consensus :: Single Event Syntax > > Morteza already pointed out > <https://urldefense.proofpoint.com/v2/url?u=https-3A__mailarchive.ietf.org_arch_msg_id-2Devent_KPaK5aN3EeIybWJmQOJiqdHXQzg&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=ZClAgy65x4a1O93YYenj_z_6Bxd_6sMzPOs8PLi06XA&e=>a > simple solution to enabling SETs to contain only a single event > description for profiles that want that –a solution proposed by > Yaron > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00736.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=tac2j_cTgyBwnnfHNTPzlRUwOCjxvascShR4JfccwMg&e=>that > doesn’t involve making any breaking changes: Explicitly specify > that profiles can restrict the number of elements in the “events” > data structure – including limiting them to one element, when > desired. Then profiles that want this can have it and profiles > that need to enable multiple aspects of an event to be easily > represented can have that too. Hopefully people can rally around > that straightforward solution, enabling us to move on and finish > the SET spec in as timely a fashion as possible. > > -- Mike > > *From:*Id-event [mailto:id-event-bounces@ietf.org]*On Behalf > Of*Richard Backman, Annabelle > *Sent:*Tuesday, December 5, 2017 11:40 AM > *To:*William Denniss <wdenniss@google.com > <mailto:wdenniss@google.com>>; M.Lizar@OCG <mailto:M.Lizar@OCG> > <m.lizar@openconsentgroup.com <mailto:m.lizar@openconsentgroup.com>> > *Cc:*Yaron Sheffer <yaronf.ietf@gmail.com > <mailto:yaronf.ietf@gmail.com>>; Phil Hunt <phil.hunt@oracle.com > <mailto:phil.hunt@oracle.com>>; SecEvent <id-event@ietf.org > <mailto:id-event@ietf.org>>; Dick Hardt <dick.hardt@gmail.com > <mailto:dick.hardt@gmail.com>> > *Subject:*Re: [Id-event] Consensus :: Single Event Syntax > > William’s email analogy demonstrates the problem with the current > syntax: imagine if the text part of a multi-part email could be > any of the following, with no explicit indication which one it is: > > * A plaintext representation of the same content in the HTML part. > * The CSS to use when rendering the HTML part. > * Annotations on the contents of the HTML part. > * A vCard for the sender of the message. > * A completely separate message with a separate subject line > embedded in the text. > > How would a mail reader know what to do with this? It couldn’t, > not in any scalable way. Yet is exactly the situation we will > have, given the current draft and the way people are proposing > using its multi-part capability: > > * William wants to use it to send different independent > representations of the same event. > * Phil wants to use it to send different aspects of the same > event, intended to be processed together. > * Tony wants to use it for directory synchronization. > * Marius wants to use it to send the same event under both > standard and deprecated names. > * et cetera, et cetera… > > This confusion is going to limit reusability and interoperability, > and hinder adoption. If the WG consensus is that all these use > cases are in scope for SET, that’s fine, we can support them – but > we need to do so in a way that doesn’t create complete chaos. > > At risk of repeating myself, maybe we need to have a consensus > discussion on which multi-part use cases are in scope for SET > before we continue with this discussion? > > -- > > Annabelle Richard Backman > > Amazon – Identity Services > > *From:*Id-event <id-event-bounces@ietf.org > <mailto:id-event-bounces@ietf.org>> on behalf of William Denniss > <wdenniss@google.com <mailto:wdenniss@google.com>> > *Date:*Monday, December 4, 2017 at 7:20 PM > *To:*"M.Lizar@OCG <mailto:M.Lizar@OCG>" > <m.lizar@openconsentgroup.com <mailto:m.lizar@openconsentgroup.com>> > *Cc:*Yaron Sheffer <yaronf.ietf@gmail.com > <mailto:yaronf.ietf@gmail.com>>, Dick Hardt <dick.hardt@gmail.com > <mailto:dick.hardt@gmail.com>>, SecEvent <id-event@ietf.org > <mailto:id-event@ietf.org>>, Phil Hunt <phil.hunt@oracle.com > <mailto:phil.hunt@oracle.com>> > *Subject:*Re: [Id-event] Consensus :: Single Event Syntax > > I would prefer to keep the format in the current working group draft. > > Based on the requirement that events may be represented in > multiple ways, I believe having both formats carried in a single > SET is superior as it avoids complex linking logic. The best > analogy I can think of is email, where MIME allows for text and > html versions *of the same content* to be carried in a single > email (much like how SET allows for multiple representations *of > the same event* in a SET). With email, the recipient's client is > then able to display the version it prefers from those available. > Imagine the additional logic if every email was sent twice – e.g. > what if the plain text version arrives, the HTML one is delayed? > How should the client react if the HTML version arrives later, > would it replace the version it had? What if you were already > viewing and/or replying? > > Time-wise I'm really concerned if we don't lock this down soon, > the people who are waiting on us to profile SET will walk away and > do their own thing (I was worried about that a year ago… and I > think we've waited long enough). I think we should keep this in > mind and choose the path that will have the fastest resolution. > If the decision was to change the format at this late stage, I > would like to hear what steps can be done to avoid additional delay. > > I really respect the work Annabelle has done in leading the > alternative representation, and I do think it’s a viable > alternative. If we choose to change the spec and go with the > singular option, then I think the requirement of multiple > representations should be dropped, or at a minimum de-emphasized > as this (along with expediency) is the main reason I believe the > existing format is better. > > On Mon, Dec 4, 2017 at 1:08 PM,M.Lizar@OCG > <mailto:M.Lizar@OCG><m.lizar@openconsentgroup.com > <mailto:m.lizar@openconsentgroup.com>> wrote: > > Small typo, - should be a ‘.’ Not a ‘?’ > > The spec works well for the consent a privacy syntax use cases > we are aware of (full stop) > > - Mark > > On 4 Dec 2017, at 20:46,M.Lizar@OCG > <mailto:M.Lizar@OCG><m.lizar@openconsentgroup.com > <mailto:m.lizar@openconsentgroup.com>> wrote: > > I concur with Mike and Justin, we had the same issue with > primary and secondary in the Consent Receipt spec. > > We are also opposed to making breaking changes at this > late date and that the existing working group spec already > works well for the consent and privacy use cases we are > aware of? > > Mark Lizar | CEO Open Consent | Co-Char CISWG at Kantara > > On 1 Dec 2017, at 18:35, Phil Hunt > <phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>> > wrote: > > For historical purposes, this has been discussed twice > before (once at the request of Annabelle). > > I think it would be helpful, why, after WGLC, this > issue is being brought forward yet again. Dick has > stated that Annabelle’s concern that she finds it > difficult to implement is sufficient. Yet, I’m not > sure we are entertaining a new concern here. No new > information was provided. > > I note that at the time, the chairs did not feel there > was a lack of consensus in order to call for one in > the past. > > On some of these matters, the choice may be arbitrary, > and that is why I think keeping track of prior > discussion is important so that we can clearly move > forward and not repeat discussion of the past further > confusing consensus. > > While I advocated for singular events as a possibility > in the past, I now have much more stronger technical > reasons for the WG draft design, which have > strengthened rather than weakened in the past week. I > will share these later, after the minutes have been > published. > > On Dec 10, 2016, Yaron while reviewing the ID > draft-hunt-idevent-token-07 [1]: > > * Why "events" and not "event"? We don't really have support for > > multiple events. Certainly not if they are all of the same type. > > The current text is confusing: "events" is not the same as "a > > primary event and its extensions”. > > [MIKE] Reflects your earlier comment re: primary vs. extensions. "events” is > > plural to reflect the fact that the attribute is multi-valued. I agree, > > given that only one primary event can be included, the naming is misleading. > > From later in the thread [2]: > > * 2: "first value" is meaningless. > JSON objects are unordered (4th > paragraph of RFC 7159). If order > /is/ important, we could make > "events" into an array. > > _[Phil] _Yup. How would the group like > to fix this? We could make “events” > singular and have an extensions attribute > to hold the extensions. Or we > could go to a more complex JSON structure > (not personally a fan). > > > _[Yaron]_ I'm personally fine with a main > "event" object and an "extensions" attribute. > I can even live with "event" being called > "events", per Mike's proposal. But the > structure needs to make sense as a JSON object > if we want it implemented. > > [PH] Thread: Should the primary event be a > separate attribute? > > We had this broken out before. If there is > sufficient desire to break it out again, I have no > objection. > > Then following WG adoption, I re-reraised the issue > after discussion with Annabelle > draft-secevent-token-00 [3]: > > On this topic, following Yaron’s comments Mike > Jones raised some points that there should be no > distinction between primary events and extensions > (https://mailarchive.ietf.org/arch/msg/id-event/0Hhg46ROcidQDLL7OnXUs88TJ9U > <https://urldefense.proofpoint.com/v2/url?u=https-3A__mailarchive.ietf.org_arch_msg_id-2Devent_0Hhg46ROcidQDLL7OnXUs88TJ9U&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=8DBZ5hsA4WNFez3mJr2W9TW0WCYTWMbY1Vs5sgcIauQ&e=>). > Summarizing: > > * Processors will run through all of them > regardless. It is not necessarily helpful to > understand which is a primary vs. extension > > * Let’s drop distinction between primary vs. > extension. You can simply express one or more sets > of event attributes in a single JWT > > My proposal is to drop this terminology in the > text and keep the attribute multi-valued. The > purpose of the attribute is to inform the reader > what events are being asserted and what additional > data may be present. It is up to the reader to > ultimately infer meaning when one or more URIs are > present. Further, when multiple URIs are present > it must still to make a combined statement about a > single state change about a subject. It must not > be used to convey multiple distinct (e.g. > transactions) events about a subject. > > Assuming everyone agrees, I will plan to remove > these distinctions in the next update with some > new text. Please comment if you have concerns. > > To which Mike Jones responded [4] > > I believe we already had consensus to drop the > primary/secondary distinction, which we > intentionally did before adoption of the working > group draft. I believe any such distinction will > both be unhelpful and result in syntactic > complexity. Please let’s finish stamping out the > notion that any of the events in a SET are somehow > different than the others. > > William Denniss wrote [5]: > > I agree with your proposal. > > They're all just events. Up to implementors to > define & categorize their events how they like. > > Marius also agreed (he may have switched positions > now) [6]: > > I also think it makes sense to remove the > primary/secondary distinction. > > > Marius > > Justin also agreed (and may have switched positions) [7] > > +1, drop "primary" and keep it an object > > -- Justin > > References: > > [1] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00298.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00298.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=rG_9NWsC86NC5EDI8paY2lIrUkHUirGG3jfmoHhYAw8&e=> > > [2] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00299.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00299.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=wE8wEkrp-0wxrzKFqozLAsjsD2qgA2mCoDZQp5lwqdA&e=> > > [3] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00345.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00345.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=QEGxsGOAn3D6pmmzeLtQ_gkOSgxpq-8ce2CbXfe2Zk8&e=> > > [4] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00347.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00347.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=IcdLUKGzpKm8QwfE2mo-NufvoiWgjsj__BKRvGGod8c&e=> > > [5] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00349.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00349.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=d0uNsjizWSlLYksDHdqZaYC6Ix0OMDltFs2e4QjTJJE&e=> > > [6] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00365.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00365.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=_FtWiNomXopU9A9_k7A1nsjMQfaXZ_ZjxgBxNrhUBIQ&e=> > > [7] - > https://www.ietf.org/mail-archive/web/id-event/current/msg00406.html > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_id-2Devent_current_msg00406.html&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=k5JC5HYCfm0BtQJar8_ZAKRUzgUsJYaCbtiLWOkWxJc&e=> > > Phil > > Oracle Corporation, Identity Cloud Services Architect > > @independentid > > www.independentid.com > <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.independentid.com_&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=zQiT4vu41M1sH4KXtpfMbiC5yDIIPxJ8Vp35knc8EHk&e=> > > phil.hunt@oracle.com <mailto:phil.hunt@oracle.com> > > On Dec 1, 2017, at 8:50 AM, Dick Hardt > <dick.hardt@gmail.com > <mailto:dick.hardt@gmail.com>> wrote: > > Is it important to syntactically ensure that only > one event is in a SET? > For privacy reasons, some use cases want to ensure > that only one signal is in a SET. > This adds some additional complexity for use cases > that want to include multiple signals in a SET. > > See > https://tools.ietf.org/html/draft-backman-secevent-token-02 > <https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dbackman-2Dsecevent-2Dtoken-2D02&d=DwMFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=p986FFBYCnXfbWjoBBpAe4IarEj1m7ezmVE3DPSQzwY&s=P-rrbMomS-aMBQQ0HPfPzvNPkWHLDYs8SsugRHx-eLM&e=> for > an proposed syntax that ensures one event per SET, > and enables multiple events per SET when desired > > We will track results > here:https://github.com/IETF-SecEvent/Drafts/issues/1 > <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_IETF-2DSecEvent_Drafts_issues_1&d=DwMFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=p986FFBYCnXfbWjoBBpAe4IarEj1m7ezmVE3DPSQzwY&s=3f7fFs9ZKZrg1ScI3Ml2r8ykvHGuBbup831kDUNklfw&e=> > > Discussion to be on the mail list as usual, not in > the issue tracker! > > /Dick > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_id-2Devent&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=p986FFBYCnXfbWjoBBpAe4IarEj1m7ezmVE3DPSQzwY&s=YnAKATJz3qVYniVaDUIMtQb9L-vMocgsYARzV6axzq4&e= > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://www.ietf.org/mailman/listinfo/id-event > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_id-2Devent&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=oLqIO9IaQ6D37NOtw81qGSXjq-PmKhkF_tUZSc2sXBw&e=> > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://www.ietf.org/mailman/listinfo/id-event > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_id-2Devent&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=oLqIO9IaQ6D37NOtw81qGSXjq-PmKhkF_tUZSc2sXBw&e=> > > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://www.ietf.org/mailman/listinfo/id-event > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_id-2Devent&d=DwMGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=oLqIO9IaQ6D37NOtw81qGSXjq-PmKhkF_tUZSc2sXBw&e=> > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_id-2Devent&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=64Sgt5nlxmOs0NbkKq3UqYItitj7fiunLlki9iJlcEk&s=oLqIO9IaQ6D37NOtw81qGSXjq-PmKhkF_tUZSc2sXBw&e= > > > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org > https://www.ietf.org/mailman/listinfo/id-event
- [Id-event] Consensus :: Single Event Syntax Dick Hardt
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Morteza Ansari (moransar)
- Re: [Id-event] Consensus :: Single Event Syntax John Bradley
- Re: [Id-event] Consensus :: Single Event Syntax John Bradley
- Re: [Id-event] Consensus :: Single Event Syntax Nat Sakimura
- Re: [Id-event] Consensus :: Single Event Syntax M.Lizar@OCG
- Re: [Id-event] Consensus :: Single Event Syntax M.Lizar@OCG
- Re: [Id-event] Consensus :: Single Event Syntax William Denniss
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Morteza Ansari (moransar)
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax John Wunderlich
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Anthony Nadalin
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Benjamin Kaduk
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Marius Scurtescu
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Mike Jones
- Re: [Id-event] Consensus :: Single Event Syntax Justin Richer
- Re: [Id-event] Consensus :: Single Event Syntax Phil Hunt
- Re: [Id-event] Consensus :: Single Event Syntax Anthony Nadalin
- Re: [Id-event] Consensus :: Single Event Syntax Richard Backman, Annabelle
- Re: [Id-event] Consensus :: Single Event Syntax Adam Dawes
- Re: [Id-event] Consensus :: Single Event Syntax Leif Johansson