IETF Logo Mail Archive

Re: [Id-event] Making SETs distinct as JWTs

Benjamin Kaduk <bkaduk@akamai.com> Fri, 03 March 2017 17:00 UTC

Return-Path: <bkaduk@akamai.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E00A3129962 for <id-event@ietfa.amsl.com>; Fri, 3 Mar 2017 09:00:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 70nUteznX0vi for <id-event@ietfa.amsl.com>; Fri, 3 Mar 2017 09:00:32 -0800 (PST)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [23.79.238.175]) by ietfa.amsl.com (Postfix) with ESMTP id 31929129958 for <id-event@ietf.org>; Fri, 3 Mar 2017 09:00:32 -0800 (PST)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 9C234433425; Fri, 3 Mar 2017 17:00:31 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 77BF0433407; Fri, 3 Mar 2017 17:00:31 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1488560431; bh=h1doJmneTbVAuAGSDgUkf7C39OoqN28HTHC2JV18wrE=; l=2229; h=To:References:Cc:From:Date:In-Reply-To:From; b=oMqEcq0ei+8EDLmQ2qCFG6YjhoQjnYe14md+Y/zw5Cu+v1gN5aRXtG/ZAI/YuerrZ BPHSG2OfURIHEdxSvY3xU5pImMSlAjguKJrdW+9ktU8cHKJhiDE6pTUi+Isu+8xiff ey8sjjE8Q9CksVQKphirKs4Zutqr/7TDwbedibKE=
Received: from [172.19.17.86] (bos-lpczi.kendall.corp.akamai.com [172.19.17.86]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id EC7F31FCBB; Fri, 3 Mar 2017 17:00:30 +0000 (GMT)
To: Brian Campbell <bcampbell@pingidentity.com>, Marius Scurtescu <mscurtescu@google.com>
References: <4611E3C8-9772-44EA-940D-077E1EA6247F@oracle.com> <CY4PR21MB050423283AFC0A890DEC696EF5280@CY4PR21MB0504.namprd21.prod.outlook.com> <CAGdjJp+kwyw3T7MBKyWyXjewaGrOUVR5=WADu74hGudj_zYqAw@mail.gmail.com> <CAGdjJp+pS+RLKm8fGpv9XO1gz4jYfCPUF+pqgE1KpWJ6dnbheg@mail.gmail.com> <CAAP42hDbdwQfYQ13ksYnO0N89uWo1F1Muu=Rih7n3w++8omfwg@mail.gmail.com> <CAGdjJpLgtSOyNCjsJS7h7vnPBdjN8uHZZZpMuBQ0X4o12WJ_Jw@mail.gmail.com> <CAAP42hCAEPExj=F1ub4upRJwmNaWoKmJJxwgj6MTyPB0CCyNWA@mail.gmail.com> <CA+k3eCS_EHFUd2Vwhdqjp53AtfUBYnz+Hmpj-V7tR7d5uUGX9A@mail.gmail.com> <8756C464-C727-48FD-9486-7183BA04DD7B@oracle.com> <A54424D8-6B80-45F0-80B5-A442F07FFB31@oracle.com> <CAGdjJpKZZ1EJ+a0ohS+gHGegkDAb8Fxi7J_UJCkgDo05M4uy0w@mail.gmail.com> <CY4PR21MB0504818A385D6910BCAD913CF52B0@CY4PR21MB0504.namprd21.prod.outlook.com> <CAGdjJpJ6KciN2VRGg3KejAK7-jdhz1i_b6P3pzTk7f6Abnb5Jg@mail.gmail.com> <CA+k3eCRNdWHugZWcMnRAHkpEWMV65BNngMrqU4=UO7QPsSRugQ@mail.gmail.com>
From: Benjamin Kaduk <bkaduk@akamai.com>
Message-ID: <87184428-3c34-91d3-d33d-9a2f01cec7ea@akamai.com>
Date: Fri, 03 Mar 2017 11:00:30 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <CA+k3eCRNdWHugZWcMnRAHkpEWMV65BNngMrqU4=UO7QPsSRugQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------2A82D3927A23673CB0C91053"
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/LXIwbezSl3DtrWwC-qkYtYEVd6U>
Cc: William Denniss <wdenniss@google.com>, Mike Jones <Michael.Jones@microsoft.com>, ID Events Mailing List <id-event@ietf.org>, Phil Hunt <phil.hunt@oracle.com>
Subject: Re: [Id-event] Making SETs distinct as JWTs
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Mar 2017 17:00:34 -0000

On 03/03/2017 08:03 AM, Brian Campbell wrote:
> How much should theoretical (but likely) implementation defects play
> into protocol design? I don't know the answer. It would be nice to
> rely on the requirements of the RFC 7515-7519 group and, as Mike
> suggests, push to get deficient implementations fixed. But practically
> speaking that might amount to willful ignorance.

When possible, protocol designs can allow for well-behaved ecosystem
participants to enforce the behavior in question, as in TLS's GREASE to
detect intolerance to adding new codepoints in various fields.
And of course, making the required behavior critical for normal
functionality is a good way to get it implemented everywhere, but that's
not really an answer so much as an observation.

-Ben

v2.23.0 | Report a Bug | By Email