Re: [Id-event] Review: Subject Identifiers
"Richard Backman, Annabelle" <richanna@amazon.com> Tue, 14 July 2020 23:59 UTC
Return-Path: <prvs=4570b4e1b=richanna@amazon.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 391373A08FA
for <id-event@ietfa.amsl.com>; Tue, 14 Jul 2020 16:59:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=amazon.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id phTPxN_P1uFO for <id-event@ietfa.amsl.com>;
Tue, 14 Jul 2020 16:59:35 -0700 (PDT)
Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com
[207.171.184.29])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id BEAFC3A08DB
for <id-event@ietf.org>; Tue, 14 Jul 2020 16:59:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209;
t=1594771176; x=1626307176;
h=from:to:date:message-id:references:in-reply-to:
mime-version:subject;
bh=1nKHtSuX+U5CtoSdWBYPwnH3BYw2C6SjFwHU/aTtD14=;
b=Wo8FRELH+HIkpC/tXM5unw1O2YV9rju9RdZgUkCRbkeeFK05thfKosqp
E5n71shhzIPyh6o7OSF5QT9BXAfRk1ZXhpnCaRLx9MWfcjkrNcBCLlMQu
Pkgy6uuxWWAA2o2/yKrgoGX5OiQhWebig1FinvzKxxg7TOHHsBO4B0Pxy s=;
IronPort-SDR: vaWL929BUZkqnYZ8xfVkvAzMed3WEMiMA0/ZN/69ZTxy8J7n1XlHVPV+QS4TgdcvLjmup5EJcv
/9Pk102KhPnQ==
X-IronPort-AV: E=Sophos; i="5.75,353,1589241600"; d="scan'208,217";
a="59876416"
Thread-Topic: [Id-event] Review: Subject Identifiers
Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO
email-inbound-relay-2c-c6afef2e.us-west-2.amazon.com) ([10.47.23.38])
by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP;
14 Jul 2020 23:59:36 +0000
Received: from EX13MTAUWC001.ant.amazon.com
(pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162])
by email-inbound-relay-2c-c6afef2e.us-west-2.amazon.com (Postfix) with ESMTPS
id 4EA3CA1BF7; Tue, 14 Jul 2020 23:59:35 +0000 (UTC)
Received: from EX13D11UWC004.ant.amazon.com (10.43.162.101) by
EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS)
id 15.0.1497.2; Tue, 14 Jul 2020 23:59:34 +0000
Received: from EX13D11UWC004.ant.amazon.com (10.43.162.101) by
EX13D11UWC004.ant.amazon.com (10.43.162.101) with Microsoft SMTP Server (TLS)
id 15.0.1497.2; Tue, 14 Jul 2020 23:59:34 +0000
Received: from EX13D11UWC004.ant.amazon.com ([10.43.162.101]) by
EX13D11UWC004.ant.amazon.com ([10.43.162.101]) with mapi id 15.00.1497.006;
Tue, 14 Jul 2020 23:59:34 +0000
From: "Richard Backman, Annabelle" <richanna@amazon.com>
To: Justin Richer <jricher@mit.edu>, "id-event@ietf.org" <id-event@ietf.org>
Thread-Index: AQHWWgacR9uiWq3tpEChXX+siSJ6W6kHTD2A
Date: Tue, 14 Jul 2020 23:59:34 +0000
Message-ID: <AE15B3F6-7CD3-4C3F-BEDC-63C524ACF0C5@amazon.com>
References: <272E9638-3FBC-45DF-8203-B52F86D3E211@mit.edu>
In-Reply-To: <272E9638-3FBC-45DF-8203-B52F86D3E211@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.36.20041300
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.43.162.85]
Content-Type: multipart/alternative;
boundary="_000_AE15B3F67CD34C3FBEDC63C524ACF0C5amazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/b_f54MYDHBcSU7orwtPkpsQwDTg>
Subject: Re: [Id-event] Review: Subject Identifiers
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common
identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>,
<mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>,
<mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jul 2020 23:59:37 -0000
Thanks for the review, Justin! Replies are [richanna] inline [/richanna]. – Annabelle Backman (she/her) AWS Identity https://aws.amazon.com/identity/ On 7/14/20, 10:45 AM, "Id-event on behalf of Justin Richer" <id-event-bounces@ietf.org on behalf of jricher@mit.edu> wrote: CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. I’ve read through draft-ietf-secevent-subject-identifiers and for the most part it’s in good shape. Apologies if any of these points have been thoroughly covered in other reviews. §1: While this is a SET-focused spec, I would like to see more discussion about how this identifier structure can be used outside of a SET or a JWT in general. [richanna] Agreed. [/richanna] §3.3: small typo, “email” should be “phone number” in introducing example. §3: I’m wondering if there’s worth in defining semantic flags that can be used across types. Like “pseudonymous” or “per-provider-id” or the like? That might be a step beyond what this is trying to do, though the current definitions do not allow extension of existing types with new fields. [richanna] The OIDF SSE working group has proposed a couple of properties like this. I think it’s worth discussing, provided there are use cases for them. [/richanna] I’d also like to see a note that multiple subject types could be presented together without using the “aliases” structure. This mostly would apply outside of SET which defines a single “sub-id” container, but as above I think this can be more generally used. [richanna] Agreed. [/richanna] Overall, I think it’s a pretty simple and straightforward spec and should go forward. Thanks, — Justin _______________________________________________ Id-event mailing list Id-event@ietf.org https://www.ietf.org/mailman/listinfo/id-event
- [Id-event] Review: Subject Identifiers Justin Richer
- Re: [Id-event] Review: Subject Identifiers Richard Backman, Annabelle