IETF Logo Mail Archive

Re: [Jose-reg-review] Request to register header parameter: svt

Sean Turner <sean@sn3rd.com> Tue, 15 March 2022 02:14 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: jose-reg-review@ietfa.amsl.com
Delivered-To: jose-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D78523A1733 for <jose-reg-review@ietfa.amsl.com>; Mon, 14 Mar 2022 19:14:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OEpVUouIZleQ for <jose-reg-review@ietfa.amsl.com>; Mon, 14 Mar 2022 19:13:59 -0700 (PDT)
Received: from mail-qv1-xf29.google.com (mail-qv1-xf29.google.com [IPv6:2607:f8b0:4864:20::f29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B77C3A1731 for <jose-reg-review@ietf.org>; Mon, 14 Mar 2022 19:13:58 -0700 (PDT)
Received: by mail-qv1-xf29.google.com with SMTP id kk16so14022531qvb.5 for <jose-reg-review@ietf.org>; Mon, 14 Mar 2022 19:13:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1cLi1K0jq/tdqemlGALUUpGiaYVQDn2/dD4xKLPZZRU=; b=NPvORDvu1ANGiXh9sTFzCkyYjgDwsqRa14XnhSXQJluTLC/hWX14ODmZbVP96DbY1v gqQCtkllo8k10bKdKzVIIWEjk4xPdAGusB38KFTVyT83OoXnAIBrFDA8Yzl32Fz9Utpq L433+IcjglrnebKLhca2B8CoFbjc0XaGyfi0Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1cLi1K0jq/tdqemlGALUUpGiaYVQDn2/dD4xKLPZZRU=; b=Top4XqfQHHSg0M9MwMYWDC/ucgnkyr7chvp+PmXRGYCV8x7eSyS2bsSrPdaoyKxmXw Lt5czTo06SWJ69wVTi7MHsy5e6HUSArwjyHAv71DNZJ/HTHhmObiD0BL9qrR43zr+fJF e5aRiqOQtgaiqcV/r822O2JsCI7r8WNBVtcfDsTulojhcqy2cPxDDOa3xi2swpCFkTJq tX9cCmCRFIzpLiAEg7GifAET0sYVquPyUcbMF1zFEcIRYgTiy8QDzo5SmETfo8DjGaCA 6H9mw8eJZ4RSzyt8oUerKFWlh4i5p46F35PFagg9Yt+lUlpl4TOzXu4KPSikCWejEyGA Ht5w==
X-Gm-Message-State: AOAM533JsS8j62sDKo01GoMCI0AhKnID4MNt+aqnQSDmbLjHfjTMc2ia /VhPd7uh4HcXsLXCwJEmyPmPDMVNs/vQnA==
X-Google-Smtp-Source: ABdhPJymDs2GFSe473T6/C3tOovRlecKTjFQSe9q4Pkznd0xgFbKhkCr8prFQ0UHaEYlYRTljWtu+Q==
X-Received: by 2002:a05:6214:623:b0:435:c552:65bb with SMTP id a3-20020a056214062300b00435c55265bbmr19992345qvx.16.1647310437356; Mon, 14 Mar 2022 19:13:57 -0700 (PDT)
Received: from smtpclient.apple (pool-71-178-177-131.washdc.fios.verizon.net. [71.178.177.131]) by smtp.gmail.com with ESMTPSA id v3-20020a05622a014300b002e1dcd4cfa9sm1461480qtw.64.2022.03.14.19.13.56 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Mar 2022 19:13:56 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <431f068a-d5c8-f47f-4a24-ae2ca714b364@aaa-sec.com>
Date: Mon, 14 Mar 2022 22:13:55 -0400
Cc: jose-reg-review@ietf.org, Russ Housley <housley@vigilsec.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <DA945D6B-092F-4E76-BF9E-869B9CFABF9E@sn3rd.com>
References: <7f32646a-ac05-dc5a-5fb3-41e61aead96f@aaa-sec.com> <92E20785-09FA-4B70-A079-C2404DC3E9FB@sn3rd.com> <9d2be9d9-670e-a163-4dbd-c1333f6cb62c@aaa-sec.com> <431f068a-d5c8-f47f-4a24-ae2ca714b364@aaa-sec.com>
To: Stefan Santesson <stefan@aaa-sec.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose-reg-review/t1apeKi21sK1QoNDes9upjaK4Sw>
Subject: Re: [Jose-reg-review] Request to register header parameter: svt
X-BeenThere: jose-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "The JSON Web Algorithm standard \(RFC 7518\) establishes this email list for designated experts to discuss proposed changes, additions, and removals to the set of algorithms in the JSON Object Signing and Encryption \(JOSE\) registry, http://www.iana.org/assignments/jose." <jose-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose-reg-review>, <mailto:jose-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose-reg-review/>
List-Post: <mailto:jose-reg-review@ietf.org>
List-Help: <mailto:jose-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose-reg-review>, <mailto:jose-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2022 02:14:04 -0000

Adrian asked for a review and I shot it over. I noted this in that review. Has Eliot picked it up?

spt

> On Mar 12, 2022, at 07:48, Stefan Santesson <stefan@aaa-sec.com> wrote:
> 
> Hi Sean,
> 
> Trying to clear this one up to bet publication done.
> 
> Is there anything I need to do?
> 
> What comes first, registration of this claim or publication of the RFC?
> 
> /Stefan
> 
> 
> On 2022-01-05 00:54, Stefan Santesson wrote:
>> Hi,
>> 
>> Sorry I missed this reply.
>> 
>> I would be happy to add my contact details as specified in the drafts:
>> 
>> Stefan Santesson
>> IDsec Solutions AB
>> Forskningsbyn Ideon
>> SE-223 70 Lund
>> Sweden
>> 
>> Email: sts@aaa-sec.com
>> 
>> How do we proceed with this?
>> 
>> /Stefan
>> 
>> 
>> 
>> Den 2021-10-18 kl. 17:28, skrev Sean Turner:
>>> H!
>>> 
>>> My one question about this registration is whether the IESG should be the change controller. It says the following in RFC 7515:
>>> 
>>>  Change Controller:
>>>      For Standards Track RFCs, list the "IESG".  For others, give the
>>>      name of the responsible party.  Other details (e.g., postal
>>>      address, email address, home page URI) may also be included.
>>> 
>>> All previous registrations have been through a standards track RFC, but this one isn’t. Maybe just list Stefan or IDsec’s info?
>>> 
>>> spt
>>> 
>>>> On Sep 3, 2021, at 11:32, Stefan Santesson <stefan@aaa-sec.com> wrote:
>>>> 
>>>> 
>>>> 
>>>> Hi,
>>>> 
>>>> The draft https://datatracker.ietf.org/doc/draft-santesson-svt-jws/ is
>>>> being requested for publication as individual submission
>>>> 
>>>> This draft includes the request to register the JWS Header Parameter 
>>>> "svt" as follows:
>>>> 
>>>> 6.1.  Header Parameter Names Registration
>>>> 
>>>>   This section registers the "svt" Header Parameter in the IANA "JSON
>>>>   Web Signature and Encryption Header Parameters" registry established
>>>>   by [RFC7515].
>>>> 
>>>> 6.1.1.  Registry Contents
>>>> 
>>>>   *  Header Parameter Name: "svt"
>>>>   *  Header Parameter Description: Signature Validation Token
>>>>   *  Header Parameter Usage Location(s): JWS
>>>>   *  Change Controller: IESG
>>>>   *  Specification Document(s): Section 3.1 of {this document}
>>>> 
>>>> 
>>>> The draft specifies a a profile for including SVT tokens in a JWS using
>>>> this defined header parameter ("svt").
>>>> 
>>>> The rationale for this claim is described in the referenced document and
>>>> the main specification found here:
>>>> https://datatracker.ietf.org/doc/draft-santesson-svt/ .
>>>> 
>>>> The solution is deployed is real services and it is considered for
>>>> national government usage which is the main reason to publish the
>>>> specification as an informational RFC.
>>>> 
>>>> 
>>>> /Stefan Santesson
>>>> 
>>>> _______________________________________________
>>>> Jose-reg-review mailing list
>>>> Jose-reg-review@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/jose-reg-review

v2.23.0 | Report a Bug | By Email