Re: [Id-event] WG Last Call for draft-ietf-secevent-token-02
Marius Scurtescu <mscurtescu@google.com> Wed, 02 August 2017 21:46 UTC
Return-Path: <mscurtescu@google.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1888612EA95 for <id-event@ietfa.amsl.com>; Wed, 2 Aug 2017 14:46:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hBDk_C62_LdT for <id-event@ietfa.amsl.com>; Wed, 2 Aug 2017 14:46:03 -0700 (PDT)
Received: from mail-io0-x22f.google.com (mail-io0-x22f.google.com [IPv6:2607:f8b0:4001:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE6D0129B30 for <id-event@ietf.org>; Wed, 2 Aug 2017 14:46:02 -0700 (PDT)
Received: by mail-io0-x22f.google.com with SMTP id o9so202516iod.1 for <id-event@ietf.org>; Wed, 02 Aug 2017 14:46:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=YK9xWQ2SB9Zk3mGjg0IWQ8CCEukficfihoA0PsnB2YY=; b=KpDrZWWji8joKZlygDiSb+n3CTkddjB0ikTGFxQAL5u9WzvMG0JYJnbWPsOjW4pkKg 5oUIAdVudeujOwDgvHCsyygIx0n+frZJsEj9t8nG2CSFoyxr17xcXKfiJYOF+LxmjbUP jbZGTmorndUSY7Ma7ED+dMgj+Qr0wLiRZWyBXEsY8C2zPdIVHc4yMKpSKZ6pVmnV0uAx dXyhE9G8NltaGKLWZOrKpFLw5qFq+oTcluTsid8HnrAu4/ixmpk8m7Vk/cYVknBaIrbU +iXZljCquuRe+Oaw++PPM86y6gyOorr3TyY9m8PsQrVsiVZJmW7fu+VRhL6clsQIml78 Pi4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=YK9xWQ2SB9Zk3mGjg0IWQ8CCEukficfihoA0PsnB2YY=; b=UPoUcoJQBlLwkcgIYdoyvDADKKGPw43MQEez7dNGivpXccFchCp/G5peQhQbJB5Mej jr6gNAJVdBA/9+8tqqVhwAZDWJqcpdpIKRO4sup5dyEBoklPRW5WsWF2x36kJfkFXuYI 9A/blIqH/yWh2BNkL26ECw4kPjEf6P+nAeXbhwcD32rRj4XeUCQRG+LuOl8obT+kl6lf HFU2hzYQshcNqhMwZkEDKMMtVA5eTg0zxBPvyUgId/kYaN/eIl7iZsZanzx8f/SwYoqL JrLFgqDFrb5QePnhbWOc3ZKRg8v1yHTckJFow/zHS+t46l+KLZHaXE2vxQHStqPNoDFU F+ow==
X-Gm-Message-State: AIVw111l169SajkF+/aEiCNaVkmbBahcESiW9HCkDZgLAOnuGcoHbvA0 vYyFmZULYtalklJWeOS0jCn9OJsXmfyo
X-Received: by 10.107.59.69 with SMTP id i66mr27919583ioa.202.1501710361845; Wed, 02 Aug 2017 14:46:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.19.95 with HTTP; Wed, 2 Aug 2017 14:45:41 -0700 (PDT)
In-Reply-To: <e6649728-f94a-93f5-9885-c948a5b0ed49@gmail.com>
References: <e6649728-f94a-93f5-9885-c948a5b0ed49@gmail.com>
From: Marius Scurtescu <mscurtescu@google.com>
Date: Wed, 02 Aug 2017 14:45:41 -0700
Message-ID: <CAGdjJpJtfV9q2iaL-uao1b7XpQjx5uJrX=fnoM36POXLFYrqow@mail.gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Cc: SecEvent <id-event@ietf.org>
Content-Type: multipart/alternative; boundary="001a114f7de4aceea30555cc3092"
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/MqA3n70qMD9YH7DvtEuMZ4DWm7o>
Subject: Re: [Id-event] WG Last Call for draft-ietf-secevent-token-02
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2017 21:46:05 -0000
The abstract mentions "issuer" and "receiver" in the last sentence. "receiver" does not sound right (that should be used in the context of a transmitter), but I don't have a better suggestion. Audience? The last paragraph of section 1 mentions "subscriber". I think it should be either "receiver" or "audience". The explanation for figure 1 states that the issuer denotes the transmitter. If the issuer and the transmitter are assumed to be the same entity, then the transmitter definition in section 1.2 should make that clear. Figure 3, I think the "sub" claim should be nested in the event, next to the issuer that provides the correct context. The "iss" and "sub" definitions in 2.1 also touch on this, providing conflicting advice. Section 2,1, definition of "nbf". The definition says that this is the event time. I see two problems: - the name suggest "not before", not exactly the same as event time - there can be multiple events maybe this claim should be dropped? Section 2.1, definition of "exp". Omitting this claim is the short term solution to the confusion issue. Why not mention that and that it SHOULD NOT be used? Section 2.1, definition of "events". It states that all events must refer to the same logical event. Lately in discussions we reached the conclusion that all events in a SET should be defined in the same profile, which is a stronger requirement. I think this definition should mention that. Regarding events and profiles. There was a proposal to add a new claim to uniquely identify the profile. I think we need to discuss that. Figure 5. Maybe a signed example would be better, especially that the next paragraph mentions that signatures or encryption should be used. Section 4.5, second paragraph. Mentions that "nonce" is also required, but that is not actually true. Id Tokens issued at the token endpoint for example will not have it. I suggest we drop the whole paragraph. Marius On Mon, Jul 31, 2017 at 1:40 PM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote: > This is to announce working group last call on this draft ( > https://datatracker.ietf.org/doc/draft-ietf-secevent-token/). > > Please send your comments to the list. Even if you are perfectly happy > with the draft, please let us know that you support its publication as-is > by posting to the list. > > Because of the summer holidays, this last call is open for 3 weeks, until > Aug. 21. > > Thanks, > Dick and Yaron > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org > https://www.ietf.org/mailman/listinfo/id-event > >
- [Id-event] WG Last Call for draft-ietf-secevent-t… Yaron Sheffer
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Mike Jones
- Re: [Id-event] WG Last Call for draft-ietf-seceve… John Bradley
- Re: [Id-event] WG Last Call for draft-ietf-seceve… William Denniss
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Phil Hunt
- Re: [Id-event] WG Last Call for draft-ietf-seceve… M.Lizar@OCG
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Nat Sakimura
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Phil Hunt
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Adam Dawes
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Richard Backman, Annabelle
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Phil Hunt
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Richard Backman, Annabelle
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Phil Hunt
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Richard Backman, Annabelle
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Marius Scurtescu
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Henk Birkholz
- [Id-event] "aud" vs. receiver issue raised in WGLC Phil Hunt
- Re: [Id-event] "aud" vs. receiver issue raised in… Mike Jones
- Re: [Id-event] "aud" vs. receiver issue raised in… Marius Scurtescu
- Re: [Id-event] "aud" vs. receiver issue raised in… Phil Hunt
- Re: [Id-event] "aud" vs. receiver issue raised in… Marius Scurtescu
- Re: [Id-event] "aud" vs. receiver issue raised in… Phil Hunt
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Mike Jones
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Mike Jones
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Mike Jones
- Re: [Id-event] "aud" vs. receiver issue raised in… Marius Scurtescu
- Re: [Id-event] "aud" vs. receiver issue raised in… Phil Hunt (IDM)
- Re: [Id-event] "aud" vs. receiver issue raised in… Marius Scurtescu
- Re: [Id-event] "aud" vs. receiver issue raised in… Phil Hunt (IDM)
- Re: [Id-event] "aud" vs. receiver issue raised in… Mike Jones
- Re: [Id-event] "aud" vs. receiver issue raised in… Phil Hunt
- Re: [Id-event] WG Last Call for draft-ietf-seceve… Benjamin Kaduk
- Re: [Id-event] "aud" vs. receiver issue raised in… Mike Jones
- Re: [Id-event] "aud" vs. receiver issue raised in… Phil Hunt