[Id-event] Push-Based SET Delivery over HTTP draft updated to 06
"Richard Backman, Annabelle" <richanna@amazon.com> Thu, 09 May 2019 22:16 UTC
Return-Path: <prvs=025d7c656=richanna@amazon.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3FE71200EC for <id-event@ietfa.amsl.com>; Thu, 9 May 2019 15:16:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OGKtE54G7dOI for <id-event@ietfa.amsl.com>; Thu, 9 May 2019 15:16:10 -0700 (PDT)
Received: from smtp-fw-9101.amazon.com (smtp-fw-9101.amazon.com [207.171.184.25]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B757F120151 for <id-event@ietf.org>; Thu, 9 May 2019 15:16:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1557440170; x=1588976170; h=from:to:subject:date:message-id:mime-version; bh=vUb5D+tzskiXywk6hpLSMlpmVZJkxBXtzKAspcMMWkQ=; b=j3IObBwZeE4XI9FIMq5W1PIOF2zbTnpOgutdTN8P/vlZtYztUhecj4e7 9AVKGHDkGeqJInhyLK4esHO99/iZqE+YduC3k0vF4aZw0SuZcF4WdH0EI 3TJvYDr+d5Bv/pn2Dlbam+YLIMFXArhyel6K6+tisqR9rwyGohON/Pl2L 0=;
X-IronPort-AV: E=Sophos;i="5.60,450,1549929600"; d="scan'208,217";a="803870434"
Received: from sea3-co-svc-lb6-vlan3.sea.amazon.com (HELO email-inbound-relay-1e-62350142.us-east-1.amazon.com) ([10.47.22.38]) by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 09 May 2019 22:16:08 +0000
Received: from EX13MTAUWC001.ant.amazon.com (iad55-ws-svc-p15-lb9-vlan2.iad.amazon.com [10.40.159.162]) by email-inbound-relay-1e-62350142.us-east-1.amazon.com (8.14.7/8.14.7) with ESMTP id x49MG6xO090375 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <id-event@ietf.org>; Thu, 9 May 2019 22:16:07 GMT
Received: from EX13D11UWC003.ant.amazon.com (10.43.162.162) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 9 May 2019 22:16:07 +0000
Received: from EX13D11UWC004.ant.amazon.com (10.43.162.101) by EX13D11UWC003.ant.amazon.com (10.43.162.162) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 9 May 2019 22:16:06 +0000
Received: from EX13D11UWC004.ant.amazon.com ([10.43.162.101]) by EX13D11UWC004.ant.amazon.com ([10.43.162.101]) with mapi id 15.00.1367.000; Thu, 9 May 2019 22:16:06 +0000
From: "Richard Backman, Annabelle" <richanna@amazon.com>
To: "id-event@ietf.org" <id-event@ietf.org>
Thread-Topic: Push-Based SET Delivery over HTTP draft updated to 06
Thread-Index: AQHVBrTMO6lCcYeIL0CoCiBPr3tdQA==
Date: Thu, 09 May 2019 22:16:06 +0000
Message-ID: <1F8574BC-3F31-4C67-AF42-C0338A68B7EC@amazon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.0.180812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.43.162.38]
Content-Type: multipart/alternative; boundary="_000_1F8574BC3F314C67AF42C0338A68B7ECamazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/bGmNf4BIOooYNXSNzOpfDwnZ95I>
Subject: [Id-event] Push-Based SET Delivery over HTTP draft updated to 06
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2019 22:16:13 -0000
We just published an update to Push-Based SET Delivery over HTTP, containing fixes for issues identified in the shepherd review: * 1.1: this documents -> this document * 2: i.e., return an "access_denied" error response -> i.e., return an error response such as "access_denied" [because rejection can result in other responses] * 2.3: detects an error parsing or validating a SET transmitted in a SET Transmission Request -> detects an error parsing, validating or authenticating a SET transmitted in a SET Transmission Request [because all later examples use status code 400 for this rather than 401, and this is an important enough case to be stated normatively]. * 5.2: PII: expand the acronym. * 5.4: "then the SET Transmitter SHOULD sign the SET in accordance with [RFC7515] and/or encrypt it using authenticated encryption in accordance with [RFC7516]." The second half of this sentence is incorrect. JWE with RSA (encrypted to the Recipient) and AES-GCM does NOT authenticate the Transmitter. It ensures message integrity but not authenticity. * 7.1.1: error_code: please review again the ASCII ranges, or better yet, spell out the allowed characters. For example, 0x20 is "space" which we probably don't want. The latest version can be found at the IETF DataTracker page for the document: https://datatracker.ietf.org/doc/draft-ietf-secevent-http-push/ -- Annabelle Richard Backman AWS Identity
- [Id-event] Push-Based SET Delivery over HTTP draf… Richard Backman, Annabelle