Re: [Jwt-reg-review] JWT claim registration review request: draft-ietf-stir-passport-divert-05

Brian Campbell <> Tue, 03 December 2019 22:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 127E412003F for <>; Tue, 3 Dec 2019 14:34:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LxDMCr8kLDNE for <>; Tue, 3 Dec 2019 14:34:17 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5751112004D for <>; Tue, 3 Dec 2019 14:34:17 -0800 (PST)
Received: by with SMTP id y5so4403332lfy.7 for <>; Tue, 03 Dec 2019 14:34:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WjusQh7Y0O84TXBqcgYEc4aLrGOIBLyxrdvb4FHgkN8=; b=HNmyYdsp5uINhW7Co/etrAegH+01Kv5bf3axJEhWkzk7KPMVAAkt+XGtXVjvUagp+I wYckBLU/RDP9eDMetDgsszR8+fIDkwEkK+u3/tiIoiHkZEICeFfuQWBXLKtltBro7A8q qbQM+G+sV+IZHnWPdGdmBNqRSFwJOQUYIVdIh51wO0JNS60Yrk8NvEAsd9+hZIh60ASg t8Dnjo9dBWSd74DVx9/pnEywskSkdzLLgoB8cYfdv7qvPoLGcX5eMRJ8RxYpgHHKmG7+ FkDjtPGB9uHk2FIWx9D9pU/F/VPS8ZbQkkY+dp3aSe+xGS2avx4dcC2iHe/KhAj7l+u0 Lz+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WjusQh7Y0O84TXBqcgYEc4aLrGOIBLyxrdvb4FHgkN8=; b=CxcL9Qw2DWpc/7i1/SRSUChNGp448aMDG05J+f9r10E2bcBq9y0DUwxxksGt6918bI QoWLoS9wr9NaOhvjHvSEW+0yWVqIzhhwghvUml9wNx4YVFRr+Z07/+rjivOkvYy1u6gC TlON00vOgUxoYeI6xfcEFfRTRt12YrLUVIw4dR90LCgRzBW5QHpEFGAzZg1qamxKu5nc sic7ZLF8gacPunN2csIX9Rjs5yfd8jLmLqgR3yjXLH4A2A6q2HjFq0wY6nS9nvaeknuX QqUkGdVbl8MFg4+nHBrdg8HDnZWtbdxj4f5osGqjDnqFZrUCbu4hJD7Q0YDFPanyDW2Z c1bw==
X-Gm-Message-State: APjAAAUA6aZm6kdSIf2Ze7xH8rgGP9J0ZSj67V5mbGDyFwfGFsEkSPXk eNPJgpJq70d4xH7hW+arlqvE4FKFOQFYhHOGiHD7uAfQmncb50jOAnW8RE8hVI+w2VlGVyf+UhT AGwi4Aq1MgBs57w+ij+hPqAnLgQ==
X-Google-Smtp-Source: APXvYqxMZeQVNwM2jVW04TuGubOO04lCU/sGhPbaqUSDeCKNs2JaXUIzc+GmilHY8pSpirAwHyPmFAh7VkLOwSvz7Cs=
X-Received: by 2002:a19:9149:: with SMTP id y9mr163520lfj.15.1575412455338; Tue, 03 Dec 2019 14:34:15 -0800 (PST)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
From: Brian Campbell <>
Date: Tue, 3 Dec 2019 15:33:49 -0700
Message-ID: <>
To: Robert Sparks <>
Content-Type: multipart/alternative; boundary="000000000000c691ee0598d44b1e"
Archived-At: <>
Subject: Re: [Jwt-reg-review] JWT claim registration review request: draft-ietf-stir-passport-divert-05
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 03 Dec 2019 22:34:20 -0000

The good folks at IANA recently reminded the DEs that this request hadn't
been responded to. I'm not sure how that happened but apologies for the

In general I think these registrations are okay but there are a few things
that could be tightened up or clarified. And a couple minor things I
happened to notice while reading the draft to try and evaluate the
registration request.

Sec 6 :
I think it'd be helpful if there was an explanation of what "opt" stood for
or why those three letters were chosen. Is it original passport token
maybe? That was my best guess.

I don't believe the text '"opt" MUST contain a quoted base64 encoded
full-form PASSporT...' is quite right and I think it could potentially be
misinterpreted in different ways (like it sorta suggests that the JWT is
again base64 encoded). From looking at the example and other content my
guess is that it should say something more like, 'The value of the "opt"
claim is a JSON string containing a full-form PASSporT...'.

typo "identifiier" in sec 3

The  claims set example in sec 5
has one too many closing "}" so isn't valid JSON.

On Fri, Apr 12, 2019 at 1:08 PM Robert Sparks <> wrote:

> Please review the JWT claim registration requests in sections 10.1 and
> 10.2 of
> <>
> Robert Sparks - STIR WG co-chair
> _______________________________________________
> Jwt-reg-review mailing list

_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._