Re: [Id-event] RFC 9493 on Subject Identifiers for Security Event Tokens
Prachi Jain <prachi.jain1288@gmail.com> Wed, 13 December 2023 19:43 UTC
Return-Path: <prachi.jain1288@gmail.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59144C14F747 for <id-event@ietfa.amsl.com>; Wed, 13 Dec 2023 11:43:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.853
X-Spam-Level:
X-Spam-Status: No, score=-1.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6pxm93QPWt1h for <id-event@ietfa.amsl.com>; Wed, 13 Dec 2023 11:43:20 -0800 (PST)
Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32758C14F736 for <id-event@ietf.org>; Wed, 13 Dec 2023 11:43:20 -0800 (PST)
Received: by mail-lj1-x22a.google.com with SMTP id 38308e7fff4ca-2cb20c82a79so79594821fa.3 for <id-event@ietf.org>; Wed, 13 Dec 2023 11:43:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1702496597; x=1703101397; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/H3Jlqdpskr6nLwlgspKJRwRoDzJXUNg3X6RJ5MSeEI=; b=fOHxNjA5GEj+b4W9mHoVTl5/oDB1zKmHz/PQT/pwxs2yy+R61jTUWbWm17qZhI6ohL F+80y/45DKSB7hmFK+DD38ds7vKXxh5WeW/Ou3R9dCrbXl5VGy9B2eXFXaDH3q2MuJUf ulib8w9JBSP3RzGVS1OYypK2y1Y0TuVmKebaq5urBA4E5+Y7sUI0Y4OYMul/qeZwWVmb UWTmguijs+2J44XHG/seYlzprSXsnyofJaAerchTcvGLHmPzC/GD779sMQrEWMRheHmf p/nvMsiEPlSQNnc/NraN4fmksfqNSLt90mLXimiYDQSzkt1rWKkal4HX8nobtygtO0Hx iSeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702496597; x=1703101397; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/H3Jlqdpskr6nLwlgspKJRwRoDzJXUNg3X6RJ5MSeEI=; b=BBc8DtfQz854pYVUvvNo2/IMyIF3dLuUPBXeDWp3GMAln76/Vtz3MQj0hizEfT7M8t HbC2f08W3eRmI3E23fGkkGZ5CjKlLoMC6GC+2pWx/QsIUv1QOntnF2L440apeBnhOSCM Wy9C1otW5K761QIVdcoghsww6MCL83h9slN8ayDRFiU/T8cR2+BVhL7WFnJFdUTqonk2 JFYVnTb0Q49ElOsvja5pFf5KFg+66NBFM1CtKO7CUppEWC/74fOTBvvvLFaeuNDag5+d 0uSf3wBKI3xEurJYCUuVi9e/3YQnrVYCYJL8mHbBirf/cU8saS3QIi1uIGHCAzRJ9258 5d2A==
X-Gm-Message-State: AOJu0YzGxj0/g6YBT4EaTPcRZykW/c/PGeOKJ1xnuaSM/R0sli4gDxyY Z3mTw4B1GTGFH2cSi0v2WXlyQtCYZHcMDYmlrCmG/kJe
X-Google-Smtp-Source: AGHT+IGIkMIJZnplqek8y79TQHVt+GVd0kk+qmnlKmLB0/z6ij7nC23FOoBbhjqo4JSRrAv+MLSGsr+jMQEr8q7+Ovo=
X-Received: by 2002:a2e:6e13:0:b0:2ca:20ce:8391 with SMTP id j19-20020a2e6e13000000b002ca20ce8391mr3416698ljc.32.1702496597044; Wed, 13 Dec 2023 11:43:17 -0800 (PST)
MIME-Version: 1.0
References: <20231207010618.7B21719073C5@rfcpa.amsl.com> <D41A05EF-7402-456B-8190-7C8EA65575A8@gmail.com> <CAA1-vB3fVQEu=eQbPYFk6DcQqvU3b8mzBYGJzOR9yzFw7WGAbQ@mail.gmail.com> <CANtBS9dvRAyXXUjCHKQtC3nyP+tXhYKmZ=Fb98qgX53er6Z5JQ@mail.gmail.com> <1CEC92EC-B8F1-49C9-9ED1-DD878FCAD1D1@gmail.com> <CANtBS9cQgw4gkfqoUSD73RbCN01u2kgpDVCct=T_O4tS2_vkOQ@mail.gmail.com> <A271E2B1-3DAC-46F6-A8B2-824E65B0B682@gmail.com> <CANtBS9frArcH6RF7d2gQw5DVru_mpsUcWAtvUCbn_AyPmBZO1w@mail.gmail.com>
In-Reply-To: <CANtBS9frArcH6RF7d2gQw5DVru_mpsUcWAtvUCbn_AyPmBZO1w@mail.gmail.com>
From: Prachi Jain <prachi.jain1288@gmail.com>
Date: Wed, 13 Dec 2023 13:43:05 -0600
Message-ID: <CAA1-vB3wmbkG-b1P_+-SVk5vJ3kyKHs6OoM-TC4sc7DcGiEQxQ@mail.gmail.com>
To: Atul Tulshibagwale <atul@sgnl.ai>
Cc: Yaron Sheffer <yaronf.ietf@gmail.com>, id-event@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e60b6c060c696032"
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/j6y7q9zw9cg3VsuRY_nRGPGhEps>
Subject: Re: [Id-event] RFC 9493 on Subject Identifiers for Security Event Tokens
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Dec 2023 19:43:24 -0000
This does seem like an error and should be fixed. On Tue, Dec 12, 2023 at 2:58 PM Atul Tulshibagwale <atul@sgnl.ai> wrote: > Hi Yaron, > I was referring to the use of the term "Security Event Identifier Formats > Repository" in the rest of the document. The errata has been updated to > reflect this now. > > https://www.rfc-editor.org/errata/eid7727 > > Thanks, > Atul > > On Tue, Dec 12, 2023 at 10:59 AM Yaron Sheffer <yaronf.ietf@gmail.com> > wrote: > >> Hi Atul, >> >> >> >> Back to your original mail, “there are a few more changes that will flow >> from there, if this is considered to be an error.” Could you say what >> these changes are, so we can deal with this all in one go? >> >> >> >> Thanks, >> >> Yaron >> >> >> >> *From: *Atul Tulshibagwale <atul@sgnl.ai> >> *Date: *Tuesday, 12 December 2023 at 0:32 >> *To: *Yaron Sheffer <yaronf.ietf@gmail.com> >> *Cc: *Prachi Jain <prachi.jain1288@gmail.com>, <id-event@ietf.org> >> *Subject: *Re: [Id-event] RFC 9493 on Subject Identifiers for Security >> Event Tokens >> >> >> >> Hi Yaron, >> >> I believe it is an error, because what is described in the RFC is not >> "Security Event Identifiers", they are "Subject Identifiers" within >> Security Event Tokens. >> >> >> >> I agree that the content of the registry matters more, but I am writing a >> draft that relies on this RFC and this registry in particular. It uses the >> same Subject Identifier formats, but not within SETs, and the API I'm >> defining in my draft has nothing to do with Security Events. Therefore it >> becomes confusing to the readers of my draft to be referencing an IANA >> registry named "Security Event Identifier Format Registry". >> >> >> >> I've filed an errata now: https://www.rfc-editor.org/errata/eid7727. I'm >> happy to discuss with the WG. >> >> >> >> Thanks, >> >> Atul >> >> >> >> >> >> On Mon, Dec 11, 2023 at 1:51 PM Yaron Sheffer <yaronf.ietf@gmail.com> >> wrote: >> >> Hi Atul, >> >> >> >> I am personally on the fence here because the original context is >> identifiers used in security events. See the RFC’s Introduction, where we >> start with security events and then slowly broaden the scope. However, if >> you think this is in error and should be fixed, feel free to file an errata >> [1] and we will discuss it. >> >> >> >> Ultimately what counts is the IANA registry [2] and whether it is >> comprehensible and useful. >> >> >> >> Thanks, >> >> Yaron >> >> >> >> [1] https://www.rfc-editor.org/errata.php#reportnew >> >> [2] https://www.iana.org/assignments/secevent/secevent.xhtml >> >> >> >> *From: *Atul Tulshibagwale <atul@sgnl.ai> >> *Date: *Monday, 11 December 2023 at 21:54 >> *To: *Prachi Jain <prachi.jain1288@gmail.com> >> *Cc: *Yaron Sheffer <yaronf.ietf@gmail.com>, <id-event@ietf.org> >> *Subject: *Re: [Id-event] RFC 9493 on Subject Identifiers for Security >> Event Tokens >> >> >> >> Thanks Yaron, >> >> >> >> I think I discovered an issue with the spec, just as I was trying to >> refer to it: >> >> >> >> Section 8.1 is named "Security Event Identifier Formats Registry". Should >> it be named "Subject Identifier Formats Registry"? There are a few more >> changes that will flow from there, if this is considered to be an error. >> >> >> >> Atul >> >> >> >> >> >> On Thu, Dec 7, 2023 at 3:51 AM Prachi Jain <prachi.jain1288@gmail.com> >> wrote: >> >> Thanks Yaron. Truly appreciate the guidance and support in getting this >> past the finish line. >> >> >> >> On Thu, Dec 7, 2023 at 5:04 AM Yaron Sheffer <yaronf.ietf@gmail.com> >> wrote: >> >> Congratulations on this last deliverable of the Security Events working >> group. Thanks to Annabelle and Prachi who drove this document to completion! >> >> Yaron >> >> On 07/12/2023, 3:06, "id-event-bounces@ietf.org <mailto: >> id-event-bounces@ietf.org> on behalf of rfc-editor@rfc-editor.org >> <mailto:rfc-editor@rfc-editor.org>" <id-event-bounces@ietf.org <mailto: >> id-event-bounces@ietf.org> on behalf of rfc-editor@rfc-editor.org >> <mailto:rfc-editor@rfc-editor.org>> wrote: >> >> >> A new Request for Comments is now available in online RFC libraries. >> >> >> >> >> RFC 9493 >> >> >> Title: Subject Identifiers for Security Event Tokens >> Author: A. Backman, Ed., >> M. Scurtescu, >> P. Jain >> Status: Standards Track >> Stream: IETF >> Date: December 2023 >> Mailbox: richanna@amazon.com <mailto:richanna@amazon.com>, >> marius.scurtescu@coinbase.com <mailto:marius.scurtescu@coinbase.com>, >> prachi.jain1288@gmail.com <mailto:prachi.jain1288@gmail.com> >> Pages: 18 >> Updates/Obsoletes/SeeAlso: None >> >> >> I-D Tag: draft-ietf-secevent-subject-identifiers-18.txt >> >> >> URL: https://www.rfc-editor.org/info/rfc9493 < >> https://www.rfc-editor.org/info/rfc9493> >> >> >> DOI: 10.17487/RFC9493 >> >> >> Security events communicated within Security Event Tokens may support >> a variety of identifiers to identify subjects related to the event. >> This specification formalizes the notion of Subject Identifiers as >> structured information that describes a subject and named formats >> that define the syntax and semantics for encoding Subject Identifiers >> as JSON objects. It also establishes a registry for defining and >> allocating names for such formats as well as the JSON Web Token (JWT) >> "sub_id" Claim. >> >> >> This document is a product of the Security Events Working Group of the >> IETF. >> >> >> This is now a Proposed Standard. >> >> >> STANDARDS TRACK: This document specifies an Internet Standards Track >> protocol for the Internet community, and requests discussion and >> suggestions >> for improvements. Please refer to the current edition of the Official >> Internet Protocol Standards (https://www.rfc-editor.org/standards < >> https://www.rfc-editor.org/standards>) for the >> standardization state and status of this protocol. Distribution of this >> memo is unlimited. >> >> >> This announcement is sent to the IETF-Announce and rfc-dist lists. >> To subscribe or unsubscribe, see >> https://www.ietf.org/mailman/listinfo/ietf-announce < >> https://www.ietf.org/mailman/listinfo/ietf-announce> >> https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist < >> https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist> >> >> >> For searching the RFC series, see https://www.rfc-editor.org/search < >> https://www.rfc-editor.org/search> >> For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk < >> https://www.rfc-editor.org/retrieve/bulk> >> >> >> Requests for special distribution should be addressed to either the >> author of the RFC in question, or to rfc-editor@rfc-editor.org <mailto: >> rfc-editor@rfc-editor.org>. Unless >> specifically noted otherwise on the RFC itself, all RFCs are for >> unlimited distribution. >> >> >> >> >> The RFC Editor Team >> Association Management Solutions, LLC >> >> >> _______________________________________________ >> Id-event mailing list >> Id-event@ietf.org <mailto:Id-event@ietf.org> >> https://www.ietf.org/mailman/listinfo/id-event < >> https://www.ietf.org/mailman/listinfo/id-event> >> >> >> >> >> _______________________________________________ >> Id-event mailing list >> Id-event@ietf.org >> https://www.ietf.org/mailman/listinfo/id-event >> >> _______________________________________________ >> Id-event mailing list >> Id-event@ietf.org >> https://www.ietf.org/mailman/listinfo/id-event >> >>
- [Id-event] RFC 9493 on Subject Identifiers for Se… rfc-editor
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Prachi Jain
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Yaron Sheffer
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Atul Tulshibagwale
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Yaron Sheffer
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Atul Tulshibagwale
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Brian Campbell
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Yaron Sheffer
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Atul Tulshibagwale
- Re: [Id-event] RFC 9493 on Subject Identifiers fo… Prachi Jain