Re: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected

Brian Campbell <bcampbell@pingidentity.com> Tue, 11 June 2019 15:31 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9933712024A for <jwt-reg-review@ietfa.amsl.com>; Tue, 11 Jun 2019 08:31:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fyh6ZUzZV8Yn for <jwt-reg-review@ietfa.amsl.com>; Tue, 11 Jun 2019 08:30:59 -0700 (PDT)
Received: from mail-it1-x12b.google.com (mail-it1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80B151201F0 for <jwt-reg-review@ietf.org>; Tue, 11 Jun 2019 08:30:48 -0700 (PDT)
Received: by mail-it1-x12b.google.com with SMTP id m187so5624402ite.3 for <jwt-reg-review@ietf.org>; Tue, 11 Jun 2019 08:30:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dvMyX2bD7UHAw+fZXEdY612NGA4Cnni/hjqdykwsswY=; b=e1SXm8hbMo6F9UOyO8CvqF7qR5xmVyOM4lzu21O3zkUjmFQg9B1IRzQSd0HaMZ75tx 7Ig/Z5h/Y5qN87l9x5FnjytDGTIivqVXbqts0ZlZipD/Xg0y19MhoFx+Zx4Ihe3gz07Z 2+EZIa+Ee9WaQ4HY+XfxCHsYouA38eDJ1+LUI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dvMyX2bD7UHAw+fZXEdY612NGA4Cnni/hjqdykwsswY=; b=Ru3yVwHrAvVdfftubRZxkeyQCf/B57kN6OMJgIAEDJYhhCMC/pUurjGH742xtJ1H9Q AGimgQ36pkayEmXSHsOEZQC8g/WUQopC7hxgKp4xzPAlQ/plUwxSRGkH5RuT+VeRSIXi F9UibELvcsGMo2/72gRTdPRAbUkCRyFSArm42r/BTo/wg7UjQTz9ZolmL5g9ed01qQ0v VzG9f61HtrzeDQn8OP7ZQcRZo8eZDMkSlHpn2Zi1YXuGZLsk73WbLJxnlBw2W/FbMeRp N1EC0NM5ZPfVpaVsow9b96UNsD/V0DGDgdqfYsWf3M/oRSlzOL6ELapXCZiWYVnXsDPs BE7g==
X-Gm-Message-State: APjAAAU8DzDl2V3X8PkCcDNX6Omap5wc5AcRc9835IusFiP2qFLnz45f EZooX1oHxr4A9jX2j0POQSd3cW2oUBiHwu/x+pDcDamAvpYG4buboOlTUke+x2uA4+FWM6Mzffu mEMJngB8m9tMRa0ciOMQzbnfQnw==
X-Google-Smtp-Source: APXvYqznS3ZHb82B19o1UPdpOWFO1wHbpnkSUlCjrvbLvP/Ea+MFWol8eChouUCpEJib368wv1rTc1ReaZkeMvRr5jw=
X-Received: by 2002:a05:660c:40b:: with SMTP id c11mr5101368itk.129.1560267047484; Tue, 11 Jun 2019 08:30:47 -0700 (PDT)
MIME-Version: 1.0
References: <f918480f-afe7-b695-9132-35afc63d77b3@nostrum.com> <MW2PR00MB029815694580C2D9FB14C2F1F5770@MW2PR00MB0298.namprd00.prod.outlook.com> <CA+k3eCRYZj7NKSVWLV29rqiMLXrFvGvc+ZvRreX0Pphj=nbHfw@mail.gmail.com>
In-Reply-To: <CA+k3eCRYZj7NKSVWLV29rqiMLXrFvGvc+ZvRreX0Pphj=nbHfw@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Tue, 11 Jun 2019 09:30:21 -0600
Message-ID: <CA+k3eCQJ7cD90htTx-XpMA9bMFRXtvgjY01NfpPThGQw_xbALQ@mail.gmail.com>
To: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
Cc: "A. Jean Mahoney" <mahoney@nostrum.com>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, "draft-ietf-sipcore-rejected@ietf.org" <draft-ietf-sipcore-rejected@ietf.org>, "sipcore-chairs@ietf.org" <sipcore-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001eebaf058b0dfb3b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/k7z9wnZ0Ee7a65TiWxueJLFfFgg>
Subject: Re: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 15:31:02 -0000

Looking again at this and the more recent revision of the draft, I do think
the jcard claim registration is okay in general.

However, the IANA Considerations registration request at
https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-5.3
points to
https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-3.2.2,
which I think could do a little better job of describing what the value of
the jcard claim will be - particularly for folks like myself who are
unfamiliar with jCard. The link back to section-5.3 is just circular and
isn't particularly helpful. So I went looking to the examples to see a
jcard claim to help me understand and I noticed the JWS header in
https://tools.ietf.org/html/draft-ietf-sipcore-rejected-08#section-4.1
isn't valid JOSE/JWS, which should probably be fixed. The 'alg', 'typ', and
'x5u' header parameters should all be top level members of the JSON rather
than wrapped in extra {}'s. See
https://tools.ietf.org/html/rfc7515#appendix-A.1.1 for example.

On Sat, Mar 2, 2019 at 6:48 AM Brian Campbell <bcampbell@pingidentity.com>;
wrote:

> also approve
>
> On Sat, Mar 2, 2019 at 5:44 AM Mike Jones <Michael.Jones=
> 40microsoft.com@dmarc.ietf.org>; wrote:
>
>> In my role as a Designated Expert, I approve this registration request.
>>
>>                                 -- Mike
>>
>> -----Original Message-----
>> From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org>; On Behalf Of A.
>> Jean Mahoney
>> Sent: Thursday, February 28, 2019 2:11 PM
>> To: jwt-reg-review@ietf.org
>> Cc: draft-ietf-sipcore-rejected@ietf.org; sipcore-chairs@ietf.org
>> Subject: [Jwt-reg-review] Review requested: draft-ietf-sipcore-rejected
>>
>> Hi JWT Registration Review Team,
>>
>> Please review the JWT claim registration request found in Section 5.3 of
>> draft-ietf-sipcore-rejected [1]. The draft has just finished WGLC.
>>
>> Thanks!
>>
>> Jean, as Doc Shepherd
>>
>> [1]
>> https://tools.ietf.org/html/draft-ietf-sipcore-rejected-03#section-5.3
>>
>> ------------------
>>
>>  From the draft:
>>
>>
>> 5.3.  JSON Web Token Claim
>>
>>     This document defines the new JSON Web Token claim in the "JSON Web
>>     Token Claims" sub-registry created by [RFC7519].  Section 3.2.2
>>     defines the syntax.  The required information is:
>>
>>     Claim Name:  jcard
>>
>>     Claim Description:  jCard data
>>
>>     Change Controller:  IESG
>>
>>     Reference:  [RFCXXXX], [RFC7095]
>>
>> _______________________________________________
>> Jwt-reg-review mailing list
>> Jwt-reg-review@ietf.org
>> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>>
>> _______________________________________________
>> Jwt-reg-review mailing list
>> Jwt-reg-review@ietf.org
>> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>>
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._