Re: [Id-event] I-D Action: draft-ietf-secevent-http-push-05.txt
"Richard Backman, Annabelle" <richanna@amazon.com> Mon, 11 March 2019 20:02 UTC
Return-Path: <prvs=9667c2ea0=richanna@amazon.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80747131163; Mon, 11 Mar 2019 13:02:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.801
X-Spam-Level:
X-Spam-Status: No, score=-11.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ic51seN5go5; Mon, 11 Mar 2019 13:02:47 -0700 (PDT)
Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 385B0131135; Mon, 11 Mar 2019 13:02:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1552334567; x=1583870567; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=BjNJIOMSSvYEKrgPncEzshdsO+L33fhlqENzgVLadkE=; b=HPPMjLUT1eF6bngnm+XaSIcsSJ+UyVce6eP/GpuWSVLhiuMex2adDtpp R2Mh5DmEfvo4VrTE4gVV7wOut73BZhrrwUhnqIwCzQPl0v360sPvUERDl pUjQ2sM1qbztIUkwKXClLUDWgKx4g8yZv58FUjM69PaWFWCZLnvlMkEkV k=;
X-IronPort-AV: E=Sophos;i="5.58,468,1544486400"; d="scan'208";a="384883217"
Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-1a-821c648d.us-east-1.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-6001.iad6.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 11 Mar 2019 20:02:45 +0000
Received: from EX13MTAUWC001.ant.amazon.com (iad55-ws-svc-p15-lb9-vlan2.iad.amazon.com [10.40.159.162]) by email-inbound-relay-1a-821c648d.us-east-1.amazon.com (8.14.7/8.14.7) with ESMTP id x2BK2fHs095170 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 11 Mar 2019 20:02:44 GMT
Received: from EX13D11UWC002.ant.amazon.com (10.43.162.174) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 11 Mar 2019 20:02:43 +0000
Received: from EX13D11UWC004.ant.amazon.com (10.43.162.101) by EX13D11UWC002.ant.amazon.com (10.43.162.174) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 11 Mar 2019 20:02:43 +0000
Received: from EX13D11UWC004.ant.amazon.com ([10.43.162.101]) by EX13D11UWC004.ant.amazon.com ([10.43.162.101]) with mapi id 15.00.1367.000; Mon, 11 Mar 2019 20:02:43 +0000
From: "Richard Backman, Annabelle" <richanna@amazon.com>
To: "id-event@ietf.org" <id-event@ietf.org>, "i-d-announce@ietf.org" <i-d-announce@ietf.org>
Thread-Topic: [Id-event] I-D Action: draft-ietf-secevent-http-push-05.txt
Thread-Index: AQHU2Do4sHvht9MWG0Cx4YcEEIW5TKYGZPmA
Date: Mon, 11 Mar 2019 20:02:43 +0000
Message-ID: <254F06C6-91A0-408F-AC71-3D5BA51BCC77@amazon.com>
References: <155232969370.23211.36987262825052389@ietfa.amsl.com>
In-Reply-To: <155232969370.23211.36987262825052389@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.0.180812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.43.161.117]
Content-Type: text/plain; charset="utf-8"
Content-ID: <46098F9EBDA2FC4A90C17C87A36E171F@amazon.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Precedence: Bulk
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/dHrUPIexqCYswXftEYxFELNvWaw>
Subject: Re: [Id-event] I-D Action: draft-ietf-secevent-http-push-05.txt
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 20:02:54 -0000
Hello all, This update contains the corrections and suggestions provided during WGLC, plus those Mike shared with the list this past weekend. Here is the change log from -02 to -03: o Made minor editorial corrections. o Updated example request with a correct SET header and signature. o Revised TLS guidance to allow implementers to provide confidentiality protection via JWE. o Revised TLS guidance to require *at least* TLS 1.2. o Revised TLS guidance to recommend supporting the newest version of TLS that meets security requirements. o Revised SET Delivery Error Code format to allow the same set of characters as is allowed in error codes in RFC6749. o Added mention of HTTP Poll spec to list of other streaming specs in appendix. o Added validation step requiring SET Recipient to verify that the SET is one which the SET Transmitter is expected to send to the SET Recipient. o Changed responding to errors with an appropriate HTTP status code from optional to recommended. o Changed Error Codes registry change policy from Expert Review to First Come First Served; added guidance that error codes are meant to be consumed by automated systems. o Added text making clear that it is up to SET Recipients whether or not they will accept SETs where the SET Issuer is different from the SET Transmitter. o Reworded guidance around signing and/or encrypting SETs for integrity protection. o Renamed TLS "Support Considerations" section to "Confidentiality of SETs". o Reworded guidance around subject identifier selection and privacy concerns. -- Annabelle Richard Backman AWS Identity On 3/11/19, 11:42 AM, "Id-event on behalf of internet-drafts@ietf.org" <id-event-bounces@ietf.org on behalf of internet-drafts@ietf.org> wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Security Events WG of the IETF. Title : Push-Based Security Event Token (SET) Delivery Using HTTP Authors : Annabelle Backman Michael B. Jones Marius Scurtescu Morteza Ansari Anthony Nadalin Filename : draft-ietf-secevent-http-push-05.txt Pages : 20 Date : 2019-03-11 Abstract: This specification defines how a Security Event Token (SET) may be delivered to an intended recipient using HTTP POST. The SET is transmitted in the body of an HTTP POST request to an endpoint operated by the recipient, and the recipient indicates successful or failed transmission via the HTTP response. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-secevent-http-push/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-secevent-http-push-05 https://datatracker.ietf.org/doc/html/draft-ietf-secevent-http-push-05 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-secevent-http-push-05 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ Id-event mailing list Id-event@ietf.org https://www.ietf.org/mailman/listinfo/id-event
- [Id-event] I-D Action: draft-ietf-secevent-http-p… internet-drafts
- Re: [Id-event] I-D Action: draft-ietf-secevent-ht… Richard Backman, Annabelle