Re: [Jwt-reg-review] Claims registration question
John Bradley <jbradley@me.com> Thu, 23 April 2015 16:17 UTC
Return-Path: <jbradley@me.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7FE61A1BCC for <jwt-reg-review@ietfa.amsl.com>; Thu, 23 Apr 2015 09:17:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.611
X-Spam-Level:
X-Spam-Status: No, score=-3.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_22=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id erodWvE5iuB4 for <jwt-reg-review@ietfa.amsl.com>; Thu, 23 Apr 2015 09:17:03 -0700 (PDT)
Received: from nk11p14im-asmtp001.me.com (nk11p14im-asmtp001.me.com [17.158.72.160]) (using TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 512271A1BC2 for <jwt-reg-review@ietf.org>; Thu, 23 Apr 2015 09:17:02 -0700 (PDT)
Received: from [192.168.1.216] (unknown [186.106.166.39]) by nk11p14im-asmtp001.me.com (Oracle Communications Messaging Server 7.0.5.35.0 64bit (built Dec 4 2014)) with ESMTPSA id <0NN900BRKP7BJ330@nk11p14im-asmtp001.me.com> for jwt-reg-review@ietf.org; Thu, 23 Apr 2015 16:16:27 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68,1.0.33,0.0.0000 definitions=2015-04-23_06:2015-04-23,2015-04-23,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1412110000 definitions=main-1504230187
Content-type: text/plain; charset="utf-8"
MIME-version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: John Bradley <jbradley@me.com>
In-reply-to: <etPan.55381d39.643c9869.158@Macintosh-5.local>
Date: Thu, 23 Apr 2015 13:06:33 -0300
Content-transfer-encoding: quoted-printable
Message-id: <4D256956-BEB5-459A-98D3-94416B37AA6F@me.com>
References: <etPan.55381d39.643c9869.158@Macintosh-5.local>
To: Bart Grantham <bart@genecloud.com>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/jwt-reg-review/oX6jooWPnq0YqWRlUaJIVnMuiiA>
Cc: "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>
Subject: Re: [Jwt-reg-review] Claims registration question
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2015 16:17:04 -0000
You can use public collision resistant names like http://genomicsandhealth.org/claims/value1 That also allows for the claim to be documented via the follow your nose principal. https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.2 You could use that and then register them if there is a need for interoperability outside your community. If you established that pattern, it would be unlikely that anyone other than the owner of that namespace is going to register something in the registry that conflicts with you. John B. > On Apr 22, 2015, at 7:14 PM, Bart Grantham <bart@genecloud.com> wrote: > > A standards body that my company is involved in, the Global Alliance for Genomic Health (“GA4GH”), is looking at OAuth2/OpenID Connect for identity management amongst the various projects and it occurs to us that it may be necessary for the GA4GH to register domain-specific claims regarding researcher’s qualifications/membership in organizations. > > I’m wondering if it’s possible for the GA4GH to claim, after appropriate discussion and review, a wildcard claim? Something like org.genomicsandhealth.* ? This would allow the GA4GH to internally manage the registration of claims that that are relavant to the organization (“org.genomicsandhealth.projects.beacon”, “org.genomicsandhealth.eu_commons”, etc.) > > If this is not possible, is there an alternative to registering each and every claim name that arises with IANA? > > -- > Bart Grantham > _______________________________________________ > Jwt-reg-review mailing list > Jwt-reg-review@ietf.org > https://www.ietf.org/mailman/listinfo/jwt-reg-review
- [Jwt-reg-review] Claims registration question Bart Grantham
- Re: [Jwt-reg-review] Claims registration question John Bradley
- Re: [Jwt-reg-review] Claims registration question Brian Campbell
- Re: [Jwt-reg-review] Claims registration question John Bradley