Re: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected

Brian Campbell <bcampbell@pingidentity.com> Thu, 20 June 2019 21:54 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5C431201F0 for <jwt-reg-review@ietfa.amsl.com>; Thu, 20 Jun 2019 14:54:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2KIwmsdZFEQW for <jwt-reg-review@ietfa.amsl.com>; Thu, 20 Jun 2019 14:54:14 -0700 (PDT)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5362E1201B0 for <jwt-reg-review@ietf.org>; Thu, 20 Jun 2019 14:54:14 -0700 (PDT)
Received: by mail-io1-xd2c.google.com with SMTP id e3so829653ioc.12 for <jwt-reg-review@ietf.org>; Thu, 20 Jun 2019 14:54:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4sV2wDkR87keIN78alqKzzNXqQj0WyM2CsQrhPvJ3F8=; b=ZNWRdIz5SNzkVceRtM8Xk0XzG82qTRjoqpdHZ55Pa4SDfzoUCXmINxxdzU8fKWolxA YXSIdDdDKkY/Xb7QKLcvdmzZ9LNm9VfuDU3Ev3Ye0MK+nyxTCmznpkqhuLbnfmuT2Zga 0/RE7FjqRW4+S15HCQGAsM7082l4nKjSqv7Po=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4sV2wDkR87keIN78alqKzzNXqQj0WyM2CsQrhPvJ3F8=; b=rv85K55+uQzcCrDPDjy4rLUIr3qYnI6H+nfjbMJZPbIwvIfB5IQxQbakK9jtGoZIem cEnOzI1SfpYAXc0LCkbKg+mashYSZEhMaxP8XEn/dkIk7rWSghQzj6eunfmbhDA6LpfT db7XK23qGqsKeAlvoR4KVETMFSQAToKxuk8NkfwBpRM4eEBqD5q/0VO5bWMulU9YyJOv mEHZKkaBo9LQQEF6F79XVbxrAnJjbH+CuJHikVDfUx5w+jHRXC3GwHsb3j+7HZkqpJoY vySz3+yyS479s+SjO8rwyA1Q0lYw7AtC0/Wc7H3lyQY8/S8O9+obKsCBmIRquWWYKr+1 SH4A==
X-Gm-Message-State: APjAAAVuQHRG3DGepueiGsnEONo+pCK1njZXyop9SPp9xtAYKW4x2iCR b1tt0ULcPhCxYHeAntautAemSOD49mq9TNf8fIcUVSEczkIvL4JL2fMptMfA5Pt+os3luWZmdZ2 bgBs+8O6ZyS4eq1rVdByqePQ04Q==
X-Google-Smtp-Source: APXvYqxnmOKUWQ1ErfLptBLcA6pJjK9dvwN07Nn0HhBz0L/VJZy6TK0iW2PvIsHb2mEK37jirDZbG2SPq++Exw6Gt/0=
X-Received: by 2002:a6b:4e08:: with SMTP id c8mr13060878iob.217.1561067653420; Thu, 20 Jun 2019 14:54:13 -0700 (PDT)
MIME-Version: 1.0
References: <f918480f-afe7-b695-9132-35afc63d77b3@nostrum.com> <MW2PR00MB029815694580C2D9FB14C2F1F5770@MW2PR00MB0298.namprd00.prod.outlook.com> <CA+k3eCRYZj7NKSVWLV29rqiMLXrFvGvc+ZvRreX0Pphj=nbHfw@mail.gmail.com> <CA+k3eCQJ7cD90htTx-XpMA9bMFRXtvgjY01NfpPThGQw_xbALQ@mail.gmail.com> <6B435767-CB2F-42F2-9E39-1067040425C2@standardstrack.com>
In-Reply-To: <6B435767-CB2F-42F2-9E39-1067040425C2@standardstrack.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 20 Jun 2019 15:53:47 -0600
Message-ID: <CA+k3eCT9JLhFDGGk+BY=9048gny-FpLxyuwdx2FvbfjqW3n1qg@mail.gmail.com>
To: Eric Burger <eburger@standardstrack.com>
Cc: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, sipcore-chairs@ietf.org
Content-Type: multipart/alternative; boundary="000000000000f3f2b4058bc862eb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/XwV_OV5SHv_gaNXyrtGn-saCqE0>
Subject: Re: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2019 21:54:18 -0000

I think a reference is good. I was looking for or expecting just a brief
statement in sec 3.3 along the lines of 'the value of the "jcard" claim is
a JSON array conforming to the JSON jCard data format defined in RFC7095'
or something like that.

On Wed, Jun 19, 2019 at 7:45 PM Eric Burger <eburger@standardstrack.com>;
wrote:

> Would having a reference to jCard suffice, or do we need a detailed
> explanation of what a jCard is?
>
> On Jun 11, 2019, at 11:30 AM, Brian Campbell <bcampbell@pingidentity.com>;
> wrote:
>
> Looking again at this and the more recent revision of the draft, I do
> think the jcard claim registration is okay in general.
>
> However, the IANA Considerations registration request at
> https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-5.3
> points to
> https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-3.2.2,
> which I think could do a little better job of describing what the value of
> the jcard claim will be - particularly for folks like myself who are
> unfamiliar with jCard. The link back to section-5.3 is just circular and
> isn't particularly helpful. So I went looking to the examples to see a
> jcard claim to help me understand and I noticed the JWS header in
> https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-4.1
> isn't valid JOSE/JWS, which should probably be fixed. The 'alg', 'typ', and
> 'x5u' header parameters should all be top level members of the JSON rather
> than wrapped in extra {}'s. See
> https://tools.ietf.org/html/rfc7515#appendix-A.1.1 for example.
>
> On Sat, Mar 2, 2019 at 6:48 AM Brian Campbell <bcampbell@pingidentity.com>;
> wrote:
>
>> also approve
>>
>> On Sat, Mar 2, 2019 at 5:44 AM Mike Jones <Michael.Jones=
>> 40microsoft.com@dmarc.ietf.org>; wrote:
>>
>>> In my role as a Designated Expert, I approve this registration request.
>>>
>>>                                 -- Mike
>>>
>>> -----Original Message-----
>>> From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org>; On Behalf Of A.
>>> Jean Mahoney
>>> Sent: Thursday, February 28, 2019 2:11 PM
>>> To: jwt-reg-review@ietf.org
>>> Cc: draft-ietf-sipcore-rejected@ietf.org; sipcore-chairs@ietf.org
>>> Subject: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected
>>>
>>> Hi JWT Registration Review Team,
>>>
>>> Please review the JWT claim registration request found in Section 5.3 of
>>> draft-ietf-sipcore-rejected [1]. The draft has just finished WGLC.
>>>
>>> Thanks!
>>>
>>> Jean, as Doc Shepherd
>>>
>>> [1]
>>> https://tools.ietf.org/html/draft-ietf-sipcore-rejected-03#section-5.3
>>>
>>> ------------------
>>>
>>>  From the draft:
>>>
>>>
>>> 5.3.  JSON Web Token Claim
>>>
>>>     This document defines the new JSON Web Token claim in the "JSON Web
>>>     Token Claims" sub-registry created by [RFC7519].  Section 3.2.2
>>>     defines the syntax.  The required information is:
>>>
>>>     Claim Name:  jcard
>>>
>>>     Claim Description:  jCard data
>>>
>>>     Change Controller:  IESG
>>>
>>>     Reference:  [RFCXXXX], [RFC7095]
>>>
>>> _______________________________________________
>>> Jwt-reg-review mailing list
>>> Jwt-reg-review@ietf.org
>>> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>>>
>>> _______________________________________________
>>> Jwt-reg-review mailing list
>>> Jwt-reg-review@ietf.org
>>> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>>>
>>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*
>
>
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._