Re: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected

Eric Burger <eburger@standardstrack.com> Thu, 20 June 2019 01:46 UTC

Return-Path: <eburger@standardstrack.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1247D1202D4; Wed, 19 Jun 2019 18:46:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.889
X-Spam-Level:
X-Spam-Status: No, score=-1.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h32203kVFepR; Wed, 19 Jun 2019 18:45:58 -0700 (PDT)
Received: from biz221.inmotionhosting.com (biz221.inmotionhosting.com [198.46.93.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42B2D12012A; Wed, 19 Jun 2019 18:45:58 -0700 (PDT)
Received: from [68.100.196.217] (port=50319 helo=[192.168.10.23]) by biz221.inmotionhosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <eburger@standardstrack.com>) id 1hdm9B-004B3c-88; Wed, 19 Jun 2019 18:45:54 -0700
From: Eric Burger <eburger@standardstrack.com>
Message-Id: <6B435767-CB2F-42F2-9E39-1067040425C2@standardstrack.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_04B8E81C-8D59-4366-B6D2-292F67DACDB6"; protocol="application/pgp-signature"; micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Wed, 19 Jun 2019 21:45:51 -0400
In-Reply-To: <CA+k3eCQJ7cD90htTx-XpMA9bMFRXtvgjY01NfpPThGQw_xbALQ@mail.gmail.com>
Cc: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, sipcore-chairs@ietf.org
To: Brian Campbell <bcampbell@pingidentity.com>
References: <f918480f-afe7-b695-9132-35afc63d77b3@nostrum.com> <MW2PR00MB029815694580C2D9FB14C2F1F5770@MW2PR00MB0298.namprd00.prod.outlook.com> <CA+k3eCRYZj7NKSVWLV29rqiMLXrFvGvc+ZvRreX0Pphj=nbHfw@mail.gmail.com> <CA+k3eCQJ7cD90htTx-XpMA9bMFRXtvgjY01NfpPThGQw_xbALQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - biz221.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - standardstrack.com
X-Get-Message-Sender-Via: biz221.inmotionhosting.com: authenticated_id: eburger+standardstrack.com/only user confirmed/virtual account not confirmed
X-Authenticated-Sender: biz221.inmotionhosting.com: eburger@standardstrack.com
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/IDY2Zh0B3fh95FG0P1ClCo1wK6Y>
Subject: Re: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2019 01:46:01 -0000

Would having a reference to jCard suffice, or do we need a detailed explanation of what a jCard is?

> On Jun 11, 2019, at 11:30 AM, Brian Campbell <bcampbell@pingidentity.com>; wrote:
> 
> Looking again at this and the more recent revision of the draft, I do think the jcard claim registration is okay in general.
> 
> However, the IANA Considerations registration request at https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-5.3 <https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-5.3> points to https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-3.2.2 <https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-3.2.2>;, which I think could do a little better job of describing what the value of the jcard claim will be - particularly for folks like myself who are unfamiliar with jCard. The link back to section-5.3 is just circular and isn't particularly helpful. So I went looking to the examples to see a jcard claim to help me understand and I noticed the JWS header in https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-4.1 <https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-4.1> isn't valid JOSE/JWS, which should probably be fixed. The 'alg', 'typ', and 'x5u' header parameters should all be top level members of the JSON rather than wrapped in extra {}'s. See https://tools.ietf.org/html/rfc7515#appendix-A.1.1 <https://tools.ietf.org/html/rfc7515#appendix-A.1.1> for example.
> 
> On Sat, Mar 2, 2019 at 6:48 AM Brian Campbell <bcampbell@pingidentity.com <mailto:bcampbell@pingidentity.com>> wrote:
> also approve
> 
> On Sat, Mar 2, 2019 at 5:44 AM Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org <mailto:40microsoft.com@dmarc.ietf.org>> wrote:
> In my role as a Designated Expert, I approve this registration request.
> 
>                                 -- Mike
> 
> -----Original Message-----
> From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org <mailto:jwt-reg-review-bounces@ietf.org>> On Behalf Of A. Jean Mahoney
> Sent: Thursday, February 28, 2019 2:11 PM
> To: jwt-reg-review@ietf.org <mailto:jwt-reg-review@ietf.org>
> Cc: draft-ietf-sipcore-rejected@ietf.org <mailto:draft-ietf-sipcore-rejected@ietf.org>; sipcore-chairs@ietf.org <mailto:sipcore-chairs@ietf.org>
> Subject: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected
> 
> Hi JWT Registration Review Team,
> 
> Please review the JWT claim registration request found in Section 5.3 of draft-ietf-sipcore-rejected [1]. The draft has just finished WGLC.
> 
> Thanks!
> 
> Jean, as Doc Shepherd
> 
> [1] https://tools.ietf.org/html/draft-ietf-sipcore-rejected-03#section-5.3 <https://tools.ietf.org/html/draft-ietf-sipcore-rejected-03#section-5.3>
> 
> ------------------
> 
>  From the draft:
> 
> 
> 5.3.  JSON Web Token Claim
> 
>     This document defines the new JSON Web Token claim in the "JSON Web
>     Token Claims" sub-registry created by [RFC7519].  Section 3.2.2
>     defines the syntax.  The required information is:
> 
>     Claim Name:  jcard
> 
>     Claim Description:  jCard data
> 
>     Change Controller:  IESG
> 
>     Reference:  [RFCXXXX], [RFC7095]
> 
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org <mailto:Jwt-reg-review@ietf.org>
> https://www.ietf.org/mailman/listinfo/jwt-reg-review <https://www.ietf.org/mailman/listinfo/jwt-reg-review>
> 
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org <mailto:Jwt-reg-review@ietf.org>
> https://www.ietf.org/mailman/listinfo/jwt-reg-review <https://www.ietf.org/mailman/listinfo/jwt-reg-review>
> 
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.