Re: [Id-event] [Technical Errata Reported] RFC8417 (7175)
Phil Hunt <phil.hunt@yahoo.com> Sat, 12 November 2022 21:44 UTC
Return-Path: <phil.hunt@yahoo.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A1F0C14CF06 for <id-event@ietfa.amsl.com>; Sat, 12 Nov 2022 13:44:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RC8SSbgGil1B for <id-event@ietfa.amsl.com>; Sat, 12 Nov 2022 13:44:28 -0800 (PST)
Received: from sonic312-24.consmr.mail.ne1.yahoo.com (sonic312-24.consmr.mail.ne1.yahoo.com [66.163.191.205]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A08C9C14CE34 for <id-event@ietf.org>; Sat, 12 Nov 2022 13:44:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1668289467; bh=LBa85om3ufxZxr69alIHLnkeONiet6olQwYLPZnGmPk=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From:Subject:Reply-To; b=WV3xfWCtZa6GBEqL1ILBaAWMMg91vvNoIBe46jM6EwyKpbJ+ctkyStkSP7XENYTdQR2uPWlyfLjGcF0ZYNVnobSlmWoOAxSIIgyFMs7uYFkk1Xx72yNlyZRm25q4rHfkg1YfdDIumBIZI65wualo23VtOe0n6FcPbmd0ZGiETgi5YW01HAGysfwmCMWxzZ5ontYTPT5uLyJcxSlpx3QdGpsq+rhGHDgyjeFJdt6gX0kDBazKhgt9Wzesr0iMIQTezBdgHpUFOQDMUZ6dWCmGstA3oIbMPygcOVtMiv/I9wxo/K9aPmg8/KVfvlbVXKBLVxLGquXs/Y//68KDT1WbRQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1668289467; bh=/g1jqbFnNyegbHznBqSjxYOXMGgTc1Lbc/NyYtIZe97=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=incrT3ZOHbgtSsVkLHylns+P6AP4alyageqS8nH7+efvFrvX5AOQBRy44Ej2Rs5V/vDjCkRl6W9G8b7/OHpeTQt5pzGFLXomjjkg6J6YmvrEQzM9nTXJuK7ww/DL1q/dPZolrONVyVMgizCoPUtdmoXslHGIBhJtfGeJvc8UY9w2Y0+36w3zAD8Gn0yaf7zcSTgILa/DKu9GQ8n80rwpYsn/PXwSxsOqwtdKTcK2XmEESul7p53Ps7THbKzL2eo0PmPwyQ5easz6ALpcxFgeh3AbQpW3US7Tdh1CFBbZAemF2rC0GGUkv86Xn4HvrUlZ2hOFlAj+26pA2TKsz3HQrw==
X-YMail-OSG: fKl_UwsVM1maH3Wgh7zBrIlwFcbvwcIEgAvgHLM2bAf8W2XEpFcjO_sIB74XvUY SoM4PieVgJngWvgJbCRmmRzMUSG4_mIxODcNbJbiBwReByg.te2KA.r3CU._s.o5lgwxYCA8jFgq VJXtVecwq5sL7fqWeCk9X3Q7.uGwdXhluyAfLTNFkiga8VY0OYQJvoHLXb1C79LWj1agfIsTh2oo OvMl4At7rUrtQCS4Fp4fF7MJJIe_mRx1ieJYc34edFeG2yURsHT6puXCHuPjy1_DVFvuF4oBhwak CntJF7iMQo5rU3NeYEa_8C.mqTbxuigi8Vp1wjvTSaWmMabON9r7LcOgCl87qtWQJHjJM0fgwcjt 1JD1IjlnjkXjBEn_TksW3o.ouw4RU1M7knz5KzUA_z8xgc.x4MQjcpRZP_3oImEIVlKEQ53RPwJ2 C1l0XWgmOl7fTSpP.j7QIxpDvObYQ.G.JYNRpgx7FN.7Ge6MUXZv8flHyxGO_rHEVq.HNwnp9DtS O_NMGJpDqUCZrUBJVY4keeOvDeqADwsllFPIOeVwLDpkZmNHZrbnYDCqvrH7blgPkN2JzAjcoNXO AGLgKgPJOt5IuAeaMZtOVQ6PvUb2btPKQQ2zau08pUIrfFEibJejBebiXdtVMiRG1LFlWi0pz_zZ 510e7E7BFVJtLDuejOW33UnTWGBtgVdGQI2yP6wxpv2e.mVLPxQd2sygjo8YtP4hNl29uotD530u GwlqgfUNqGBx_ijR2H9jhoBtOvxHCM.2SVDA9AyLnyR5M3gs_vyDViEWFVCHrdRDRPzN8z3r4vYG sjAeCSCQIOjBHIAAJ2CM78fU5EhLZssOFbrV5dzyIkQ4OQgdZvaCk2pYKAsP2kMJDqRwgxN8F9LS Ie.WVi8oxxMuPGgq0Jpokv5l9kBCSui3SQkoyP.8vbCA_8SLCNMvIrkj9xeonGvj03rTZl7J30t_ 3IAacsJBG3ByDQ0EnYyTU3AGO6kbwK3CJSnHgREUor.wMLRuWmkWpTvH6aKb8Uoc7p.WIwbYrCO3 IJh979PcUHE6.TXxgDiKk0mHQRmAD69.9073VUZb7G7Gsrsq..7cwstDuRb..IfE3.sk3MneKmeZ pJFTIh4PCO9.56FnpcwzPNDQ0c6jiqZBTpGbIEftlaMc2hKJWT42lnhQGZPQWDrFyZa6AJLfOJaW xvEvBzMiT6saK_BVQS9jZYQsDJnzvchZ1MAPnhb7Sj4TsMY395saeNzqgqU24XpRiUbm93qQEJsE uFR9Bki34Vy51thdUyOYdb4DMNslcz_GmAfzR8Am9oUlUrqSQrvbUb2aBEbPD8ePbx_2oL_jxPxi GglJNFffHvPuWX8eB2yrvrB5a3vZKubDPxhdjXJTOgs4DycBG.U3nbvUpLuevBwL_uWtU.TTA3TU 7J8BZEoJ9MMaXQFlV8YjS262X40k0SmPE1n3Mt91PIMyUypWRU7yYtO5KfMRQQ3fFNdbvySRIt2y I7gaWGkdtZmfCWzRMVpl3_NfT7e3u1RYaoPd8h9o29BHiq8UfUK5Btt7PUIAovDXvCuBMHls1bl4 rlI3N_Iw82nUeWd1WDeXWJnQRx1hraBL48ls8Q_VDMhP4H7.zPf6oavvZMAAWs1KmMjAwLp3yst4 YDSSxqDQ2QkZrxnKNrFQ0LAZvijwl_1PXctqk5M_5h9SY_hPzuaxevvmhasXObGDgPyhricqt3f. dvhtqU3qut_z_gidLhED5dgWX.w_uognTqlGDA.c1yhel7bIUKnMQKBbYRhnryMonzks05CQ5lL9 t88_cMQ1tt.KxWGPXsLwJrhKVkECJe7dGlAB.2pmQRrVvHqNDexzhkP_rpuLGdXEQreNqsOW2PRG 3xrKolCKlTULXK8dC9hNn.46b0QHUE_Tf2Ra8LXITzohaSh24mfcRs.XuGx3MlvRTZ76gqH_Q5NM LKUFAOWl_NZ6nlyCKDXYFXRkAF8VpB10vkexzc5rD0Utldt3mvwn8GNaNqIKA4LtfzZJJYZ86xMa MgE0IXWdd3Oov2rD6C1Mi63DDplLEqMexPzLDdLeSKzJ72PQcb1_qlCVHA3Wvv5_XBRfOyzf9Nf. M_DYa0c51H0VNnyRejxx7N0oDPez0xO29o9DPoHSUf4fSt6Xmv0wpwm9TXtbtSr4VR2UqcT2yDYz XR1FY_QSgHazrDcMX.CcOaRj.kWBbmrBtmjKHojpMdjbN4kQ9fXJBkw10ewBMiOJNgzjDW82O4Vk t9GBdQQmr5uTkuHLcpL0wdd0sSHtl_bUXPYhtOl_0U4usb17LqCOInCybI_cl
X-Sonic-MF: <phil.hunt@yahoo.com>
Received: from sonic.gate.mail.ne1.yahoo.com by sonic312.consmr.mail.ne1.yahoo.com with HTTP; Sat, 12 Nov 2022 21:44:27 +0000
Received: by hermes--production-gq1-579bc4bddd-x7lwx (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 5b82cabac5874a3179e4a0d740264828; Sat, 12 Nov 2022 21:44:24 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Phil Hunt <phil.hunt@yahoo.com>
In-Reply-To: <2C9785BA-65FA-4408-BC6C-EBCBF58EAE15@gmail.com>
Date: Sat, 12 Nov 2022 13:44:23 -0800
Cc: RFC Errata System <rfc-editor@rfc-editor.org>, mbj@microsoft.com, rfc8417@wdenniss.com, morteza.ansari@cisco.com, rdd@cert.org, paul.wouters@aiven.io, dick.hardt@gmail.com, nigel@somerfield.co.nz, ID Events Mailing List <id-event@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <BC5E5C3E-B5AC-4C61-B73D-E6E949572C61@yahoo.com>
References: <20221021012309.A73B516E4D1@rfcpa.amsl.com> <2C9785BA-65FA-4408-BC6C-EBCBF58EAE15@gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/ugTsdsORMyj14ABReFF2JCExZtc>
Subject: Re: [Id-event] [Technical Errata Reported] RFC8417 (7175)
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2022 21:44:33 -0000
Agreed “Verified” Phil Hunt phil.hunt@yahoo.com > On Nov 12, 2022, at 11:09 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote: > > IMO this errata should be verified (=accepted). Indeed "cause-time" does not exist in the example, which is copied verbatim from the referenced OpenID document. > > Having said that, I would classify the errata as Editorial rather than Technical, because it refers to a non-normative example (see top of Sec. 2.1, "This section illustrates several possible uses of SETs through non-normative examples") and is a simple typo. > > Thanks, > Yaron > > On 21/10/2022, 4:23, "Id-event on behalf of RFC Errata System" <id-event-bounces@ietf.org on behalf of rfc-editor@rfc-editor.org> wrote: > > The following errata report has been submitted for RFC8417, > "Security Event Token (SET)". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid7175 > > -------------------------------------- > Type: Technical > Reported by: Nigel Somerfield <nigel@somerfield.co.nz> > > Section: 2.1.4 > > Original Text > ------------- > { > "iss": "https://idp.example.com/", > "jti": "756E69717565206964656E746966696572", > "iat": 1508184845, > "aud": "636C69656E745F6964", > "events": { > "https://schemas.openid.net/secevent/risc/event-type/account-disabled" > : { > "subject": { > "subject_type": "iss-sub", > "iss": "https://idp.example.com/", > "sub": "7375626A656374" > }, > "reason": "hijacking" > } > } > } > > Figure 4: Example RISC Event > > Notice that parameters to the event are included in the event > payload, in this case, the "reason" and "cause-time" values. The > subject of the event is identified using the "subject" payload value, > which itself is a JSON object. > > Corrected Text > -------------- > { > "iss": "https://idp.example.com/", > "jti": "756E69717565206964656E746966696572", > "iat": 1508184845, > "aud": "636C69656E745F6964", > "events": { > "https://schemas.openid.net/secevent/risc/event-type/account-disabled" > : { > "subject": { > "subject_type": "iss-sub", > "iss": "https://idp.example.com/", > "sub": "7375626A656374" > }, > "reason": "hijacking" > } > } > } > > Figure 4: Example RISC Event > > Notice that parameters to the event are included in the event > payload, in this case, the "reason" value. The > subject of the event is identified using the "subject" payload value, > which itself is a JSON object. > > Notes > ----- > The included RISC event example JSON object does not contain a "cause-time" member, however this is referred to in the explanation following the example. It would be valuable to either include the "cause-time" member, or to remove it from the explanation as per the above. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC8417 (draft-ietf-secevent-token-13) > -------------------------------------- > Title : Security Event Token (SET) > Publication Date : July 2018 > Author(s) : P. Hunt, Ed., M. Jones, W. Denniss, M. Ansari > Category : PROPOSED STANDARD > Source : Security Events > Area : Security > Stream : IETF > Verifying Party : IESG > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org > https://www.ietf.org/mailman/listinfo/id-event > > > _______________________________________________ > Id-event mailing list > Id-event@ietf.org > https://www.ietf.org/mailman/listinfo/id-event
- [Id-event] [Technical Errata Reported] RFC8417 (7… RFC Errata System
- Re: [Id-event] [Technical Errata Reported] RFC841… Yaron Sheffer
- Re: [Id-event] [Technical Errata Reported] RFC841… Phil Hunt