[Id-event] [Technical Errata Reported] RFC8417 (7175)
RFC Errata System <rfc-editor@rfc-editor.org> Fri, 21 October 2022 01:23 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC5AEC14CF06 for <id-event@ietfa.amsl.com>; Thu, 20 Oct 2022 18:23:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.66
X-Spam-Level:
X-Spam-Status: No, score=-6.66 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cAGDXgD16G81 for <id-event@ietfa.amsl.com>; Thu, 20 Oct 2022 18:23:09 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBC35C1522A2 for <id-event@ietf.org>; Thu, 20 Oct 2022 18:23:09 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id A73B516E4D1; Thu, 20 Oct 2022 18:23:09 -0700 (PDT)
To: phil.hunt@yahoo.com, mbj@microsoft.com, rfc8417@wdenniss.com, morteza.ansari@cisco.com, rdd@cert.org, paul.wouters@aiven.io, dick.hardt@gmail.com, yaronf.ietf@gmail.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: nigel@somerfield.co.nz, id-event@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20221021012309.A73B516E4D1@rfcpa.amsl.com>
Date: Thu, 20 Oct 2022 18:23:09 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/Pqa1q_nhv2j_URjTcbh4IovwAPU>
Subject: [Id-event] [Technical Errata Reported] RFC8417 (7175)
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2022 01:23:14 -0000
The following errata report has been submitted for RFC8417, "Security Event Token (SET)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7175 -------------------------------------- Type: Technical Reported by: Nigel Somerfield <nigel@somerfield.co.nz> Section: 2.1.4 Original Text ------------- { "iss": "https://idp.example.com/", "jti": "756E69717565206964656E746966696572", "iat": 1508184845, "aud": "636C69656E745F6964", "events": { "https://schemas.openid.net/secevent/risc/event-type/account-disabled" : { "subject": { "subject_type": "iss-sub", "iss": "https://idp.example.com/", "sub": "7375626A656374" }, "reason": "hijacking" } } } Figure 4: Example RISC Event Notice that parameters to the event are included in the event payload, in this case, the "reason" and "cause-time" values. The subject of the event is identified using the "subject" payload value, which itself is a JSON object. Corrected Text -------------- { "iss": "https://idp.example.com/", "jti": "756E69717565206964656E746966696572", "iat": 1508184845, "aud": "636C69656E745F6964", "events": { "https://schemas.openid.net/secevent/risc/event-type/account-disabled" : { "subject": { "subject_type": "iss-sub", "iss": "https://idp.example.com/", "sub": "7375626A656374" }, "reason": "hijacking" } } } Figure 4: Example RISC Event Notice that parameters to the event are included in the event payload, in this case, the "reason" value. The subject of the event is identified using the "subject" payload value, which itself is a JSON object. Notes ----- The included RISC event example JSON object does not contain a "cause-time" member, however this is referred to in the explanation following the example. It would be valuable to either include the "cause-time" member, or to remove it from the explanation as per the above. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC8417 (draft-ietf-secevent-token-13) -------------------------------------- Title : Security Event Token (SET) Publication Date : July 2018 Author(s) : P. Hunt, Ed., M. Jones, W. Denniss, M. Ansari Category : PROPOSED STANDARD Source : Security Events Area : Security Stream : IETF Verifying Party : IESG
- [Id-event] [Technical Errata Reported] RFC8417 (7… RFC Errata System
- Re: [Id-event] [Technical Errata Reported] RFC841… Yaron Sheffer
- Re: [Id-event] [Technical Errata Reported] RFC841… Phil Hunt