Re: [Id-event] [Secdispatch] Two topics of discussion for the Sec Dispatch session
Phillip Hunt <phil.hunt@independentid.com> Wed, 20 March 2024 17:33 UTC
Return-Path: <phil.hunt@independentid.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED007C151079 for <id-event@ietfa.amsl.com>; Wed, 20 Mar 2024 10:33:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.903
X-Spam-Level:
X-Spam-Status: No, score=-6.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=independentid-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id baKpGbgx49wz for <id-event@ietfa.amsl.com>; Wed, 20 Mar 2024 10:33:32 -0700 (PDT)
Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C865C151077 for <id-event@ietf.org>; Wed, 20 Mar 2024 10:33:32 -0700 (PDT)
Received: by mail-pl1-x62e.google.com with SMTP id d9443c01a7336-1dff837d674so183965ad.3 for <id-event@ietf.org>; Wed, 20 Mar 2024 10:33:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=independentid-com.20230601.gappssmtp.com; s=20230601; t=1710956012; x=1711560812; darn=ietf.org; h=message-id:in-reply-to:to:references:date:subject:mime-version:from :from:to:cc:subject:date:message-id:reply-to; bh=t6jgYHNDoX2YgOOlLJktCZGJK0uA1QjIhs8fToqYxTE=; b=fdwNSVbo2xm+Y01igrjWLfchlJnfHToXnAaAXDHcZ1xE1uyPheowvyZn2GUF01YU04 3QSgx44FcKA5TeNKZF+5L8vQVcwb0gQU2OuULs5aulP1J8cPKOMKmlXEZ6IhPfDdhZ0/ z4HxAy6X/3u4+QUMd7sBqP4zelhzslcG5XTD46PjnSfCxVDum5W1N5EQsnA+I7WkjOq2 ZzZPVlxJoRORBhaRFycIQAQImsAd7T76F4JZCe29Igjwi6PJBSSWMFqq8QiroLE30eRT ZAjUEZrCIJudm8ZJxiqgPhJAjRj8gix40QENEIEuMBQIdYkilKHvKrmbRuE5ZOXIJF11 0j4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710956012; x=1711560812; h=message-id:in-reply-to:to:references:date:subject:mime-version:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=t6jgYHNDoX2YgOOlLJktCZGJK0uA1QjIhs8fToqYxTE=; b=M3eEQtKjNzKMuJAEyBvW7hjVLCbejFiD4k+Y+H/b/r+AHNNPTvx/QorbshDER3uiWs CJ+sGUWB4XrH8tJbjJ2tzSWaE3q4QjVF/WIURudpWeMh5gDlsTMZ7aF3Cm9c+uUbdc55 lGl5pxNZl+GVq4sgs6pa8eErjwBAY5puvq1T2BGILU7c0OlwUUDoX5nxAY6IK1HCWjnb ZVHJRd1AIch8bnHviHY4uYESPYpoVZTQy7MBNf999HuS4+kuOeZ4R1RrqAIVPrIh03t6 P1H42j/9BIqySF52yVOc8yPIdcWltW4eZM3bh8tsk0zEbQo+6XtDDvDo9SrumYjOTjbA thUg==
X-Forwarded-Encrypted: i=1; AJvYcCUJW3LNyJ2lH3axRSX8MQUbxhEFT6z3JEw3k55PrZG/v3SEGaG18ipyAtcGQl/KR94ddb/9AoVTdxmud+7kkTYu0A==
X-Gm-Message-State: AOJu0YwL0bem/ILwGAWCOr0dbnmrKLrb5QTZwVgUFgiTBuNpVwHB5hJR 5lewyDwU62xx50ulv0uEHYaBWPtG9t0w2Yw6xzaWHNHk7upGAzYOZ+uxhIwtt45+3jyPKo2ZZgX k
X-Google-Smtp-Source: AGHT+IHlkOcuMmDqOmdLNup9W02Pb4uqfdSc3zqTB4VBAuny846F3+csRIKX+hBtLYDN0usCBPsL/A==
X-Received: by 2002:a17:903:13c7:b0:1e0:11a4:30e0 with SMTP id kd7-20020a17090313c700b001e011a430e0mr3353371plb.19.1710956011367; Wed, 20 Mar 2024 10:33:31 -0700 (PDT)
Received: from smtpclient.apple ([2001:569:540c:4900:4d89:22e7:e8cf:9ef1]) by smtp.gmail.com with ESMTPSA id j9-20020a170902da8900b001dddb014624sm9719674plx.54.2024.03.20.10.33.30 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Mar 2024 10:33:30 -0700 (PDT)
From: Phillip Hunt <phil.hunt@independentid.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C09D1DC4-C3BF-482F-937D-878A7B9C2750"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.500.171.1.1\))
Date: Wed, 20 Mar 2024 10:33:19 -0700
References: <CANtBS9ef-mNee-p2gz50MhYAKmnJ_CqiTfBA9oe6UA8-HgiouQ@mail.gmail.com> <SJ0PR02MB7439E0DBEC59875BA9EFA90AB7332@SJ0PR02MB7439.namprd02.prod.outlook.com>
To: Mike Jones <michael_b_jones@hotmail.com>, Atul Tulshibagwale <atul@sgnl.ai>, ID Events Mailing List <id-event@ietf.org>
In-Reply-To: <SJ0PR02MB7439E0DBEC59875BA9EFA90AB7332@SJ0PR02MB7439.namprd02.prod.outlook.com>
Message-Id: <8C28E6A7-F809-46B9-B2A9-E6FAFEA3936E@independentid.com>
X-Mailer: Apple Mail (2.3774.500.171.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/t2YTg2vkjiWUU7-PaKx7wJXjCxw>
Subject: Re: [Id-event] [Secdispatch] Two topics of discussion for the Sec Dispatch session
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 17:33:37 -0000
I was biting my tongue on this. Tony and I submitted a push/pull bi-directional draft back when the original SET transmission draft was being broken in two push and poll methods. SSTP was designed so that either party could initiate connections and SETs could flow in either direction. This is very much like how xmpp, imessage and other systems work - except with ack’ed transfers. https://datatracker.ietf.org/doc/html/draft-hunt-secevent-sstp-00 AFAIK, there was never any exploration of the proposal because of pressure to close the WG and finish. We’re now back where we started only looking at a 3rd protocol. Atul - I did submit a simple PR and an implementation (i2gosignals.io) that enables servers to register to both send and receive events using 8935 and 8936. This is what I would prefer. If the community really wants to go the new protocol route, please do this as a replacement for 8935/8936. The goal should be interoperability around 1 protocol. Phil phil.hunt@independentid.com > On Mar 19, 2024, at 5:52 PM, Michael Jones <michael_b_jones@hotmail.com> wrote: > > I talked to the IANA folks on-site in Brisbane about 1 yesterday. A request from an Area Director will be sufficient to change the title of the registry. > > -- Mike > > From: Secdispatch <secdispatch-bounces@ietf.org <mailto:secdispatch-bounces@ietf.org>> On Behalf Of Atul Tulshibagwale > Sent: Friday, March 15, 2024 5:02 PM > To: secdispatch@ietf.org <mailto:secdispatch@ietf.org> > Subject: [Secdispatch] Two topics of discussion for the Sec Dispatch session > > Hi all, > There are a couple of topics for which I have been seeking answers. I don't know if these are appropriate topics for the saag session next week. I will be attending remotely, and can prepare a presentation for the second point below if required. > Errata to RFC 9493 There is an errata required for RFC9493 <https://datatracker.ietf.org/doc/rfc9493/> (Subject Identifiers for Security Event Tokens). The errata request is here <https://www.rfc-editor.org/errata/eid7727>. The errata requests a change to the registry created by this RFC, and there was consensus on the mailing list <https://mailarchive.ietf.org/arch/msg/id-event/-S-MsO2W6PeFF_O5kjP8om-7QNM/>that the errata should be accepted and the appropriate change reflected in the IANA registry. However, since the WG is completed, there was no clear identification of how to go about making these changes. If there is discussion required on this topic, we should have it in the meeting in Brisbane. > New PushPull Delivery Proposal While we currently have specified Push delivery (RFC 8935 <https://datatracker.ietf.org/doc/html/rfc8935>) and Poll delivery (RFC 8936 <https://datatracker.ietf.org/doc/html/rfc8936>), we are seeing a clear requirement in the OpenID Shared Signals Working Group (SSWG) where a Transmitter is also a Receiver, and we would like to have a way of symmetric asynchronous event delivery. I would like to propose a new spec for this, but since the WG is closed, I wanted to know how to go about doing this. I realize the date for proposing new ideas for IETF 119 is past, but I can propose it after IETF 119 and discuss it in Vancouver. The topic I would like to discuss in IETF 119 is: What is the venue to propose this new idea for a combined "push and pull" delivery mechanism? > Thanks, > Atul > > -- > <https://sgnl.ai/> > Atul Tulshibagwale > CTO > <https://linkedin.com/in/tulshi> <https://twitter.com/zirotrust> <mailto:atul@sgnl.ai> > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org <mailto:Id-event@ietf.org> > https://www.ietf.org/mailman/listinfo/id-event
- Re: [Id-event] [Secdispatch] Two topics of discus… Michael Jones
- Re: [Id-event] [Secdispatch] Two topics of discus… Phillip Hunt