[Id-event] Push delivery - shepherd review
Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 12 April 2019 12:44 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF15D12047B for <id-event@ietfa.amsl.com>; Fri, 12 Apr 2019 05:44:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.276
X-Spam-Level:
X-Spam-Status: No, score=-1.276 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vkOQh7xspcGX for <id-event@ietfa.amsl.com>; Fri, 12 Apr 2019 05:44:46 -0700 (PDT)
Received: from mail-wr1-x42a.google.com (mail-wr1-x42a.google.com [IPv6:2a00:1450:4864:20::42a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AA76120373 for <id-event@ietf.org>; Fri, 12 Apr 2019 05:44:46 -0700 (PDT)
Received: by mail-wr1-x42a.google.com with SMTP id r4so11738073wrq.8 for <id-event@ietf.org>; Fri, 12 Apr 2019 05:44:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:from:subject:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=xEiMEAxkguK7RYKiXMXPYH4IVrlvc9gDu6MQz2EQqDw=; b=dJVPLlQ1+YnvYiSQyYUfEz6AulZjx6rW7JS9FKQ3EpwaMFPzYHXBXufJ1+jMHOU5Ps N01lGXafF0W3E7kZfwOKlv/WglBUOjWrROWOC8O8UgiHGkTNavyNNPhHceiMWIh/YJUK Rny56tRMVqvcI7F9q0SV8wrvULrYVGOg0Np2fwkzzD44dxJT8ADkvotR4d4lRrK89nAa V3CgBAFw66Qhs1IGZ2unD9QlR+Jh6rI7a6YuQ9mFVfMp6vdf9Rb+tT+xFD3Wfe3Tunpd stp/CgDj3XcfOS2ZERqSomcsfVQAGtEzf246LiS5sss1510P/vTq/YELkQhxN0qVaLfa izXA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=xEiMEAxkguK7RYKiXMXPYH4IVrlvc9gDu6MQz2EQqDw=; b=TvmpB4Co6kJWpESwXfuqgNcPPzGhJrzbEPZjjg4tioPm57MzpmmXWPcBkybGs9KS7u R0pATdlMihc4bIhb1bHugMKJN8dfEhVDX75DbL8X95PYz7MCs49VPIJdaJ/mPtT494tS ufOnH6qB/nnUMnH9NWyxl8pS5Z5Ps0M+/a8XcnSAVm/7Wmzpi1FocL9pE7J4jgAld58s ctJtC073ZuVqnN39ay9VRYQ42YsCWqCzlKxTiwUXglk4ZwJqXU+o4mRxKhlthQq93Utr 0Ko89ixlkz9FAVddg/YMjv0yh02VGEU8ZOrFRNIJqNWUEke+a0fHJtyeVY/ypZuNK6Ku u3zw==
X-Gm-Message-State: APjAAAXHM5+7kn9rGAJ2Ha4hSJ3guSwmW8o5xae5JYlQ5OxCiJTIXsN8 Q/HMNEEL3rphO/jCS03ObDO+gcz8
X-Google-Smtp-Source: APXvYqxDVpJ4scQH1NQOA32Iclnk+u+1EVTqKe6LTMGnWEEx/WXevVdwOPAcIPtAiXQSwm/2HCit/A==
X-Received: by 2002:adf:eed1:: with SMTP id a17mr36815220wrp.268.1555073084361; Fri, 12 Apr 2019 05:44:44 -0700 (PDT)
Received: from [10.0.0.147] (bzq-109-66-94-12.red.bezeqint.net. [109.66.94.12]) by smtp.gmail.com with ESMTPSA id s203sm12670117wmf.14.2019.04.12.05.44.43 for <id-event@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Apr 2019 05:44:43 -0700 (PDT)
To: SecEvent <id-event@ietf.org>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
Message-ID: <40c0d06d-2df5-e776-0ec3-142358d91086@gmail.com>
Date: Fri, 12 Apr 2019 15:44:42 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/a7ikHnrCjl8mjdce3nJBuMUGvS8>
Subject: [Id-event] Push delivery - shepherd review
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2019 12:44:48 -0000
There's always one more nit...
- 1.1: this documents -> this document
- 2: i.e., return an "access_denied" error response -> i.e., return an error response such as "access_denied" [because rejection can result in other responses]
- 2.3: detects an error parsing or validating a SET transmitted in a SET Transmission Request -> detects an error parsing, validating or authenticating a SET transmitted in a SET Transmission Request [because all later examples use status code 400 for this rather than 401, and this is an important enough case to be stated normatively].
- 5.2: PII: expand the acronym.
- 5.4: "then the SET Transmitter SHOULD sign the SET in accordance with [RFC7515] and/or encrypt it using authenticated encryption in accordance with [RFC7516]." The second half of this sentence is incorrect. JWE with RSA (encrypted to the Recipient) and AES-GCM does NOT authenticate the Transmitter. It ensures message integrity but not authenticity.
- 7.1.1: error_code: please review again the ASCII ranges, or better yet, spell out the allowed characters. For example, 0x20 is "space" which we probably don't want.
Thanks,
Yaron
- [Id-event] Push delivery - shepherd review Yaron Sheffer
- Re: [Id-event] Push delivery - shepherd review Marius Scurtescu