Re: [Jwt-reg-review] Claims registration question
Brian Campbell <bcampbell@pingidentity.com> Thu, 23 April 2015 16:30 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAB061A6F5D for <jwt-reg-review@ietfa.amsl.com>; Thu, 23 Apr 2015 09:30:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.978
X-Spam-Level:
X-Spam-Status: No, score=-2.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_22=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z4a-86uaTGVt for <jwt-reg-review@ietfa.amsl.com>; Thu, 23 Apr 2015 09:30:07 -0700 (PDT)
Received: from mail-ig0-f175.google.com (na3sys009aog136.obsmtp.com [74.125.149.85]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 783BB1A872E for <jwt-reg-review@ietf.org>; Thu, 23 Apr 2015 09:29:52 -0700 (PDT)
Received: from mail-ig0-f175.google.com ([209.85.213.175]) (using TLSv1) by na3sys009aob136.postini.com ([74.125.148.12]) with SMTP ID DSNKVTkeAJBOJP6fekfA8wG0p35mpPeUOn/4@postini.com; Thu, 23 Apr 2015 09:29:52 PDT
Received: by igbpi8 with SMTP id pi8so13295762igb.0 for <jwt-reg-review@ietf.org>; Thu, 23 Apr 2015 09:29:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=JK/oHlz2QoaSNqTM+PxcrYNKbLR4LxFDt7exQXOoqKo=; b=Ui21yzcIjWUT6Zh2wFaDWGqZg1X7ExXy21RGJb1nJCFSAao+7geuFYCtBcAeAd/jqv SxFfFItBhWdTrY/0QYdB3CbBn9+/OmVDI5ZWuGNQ97/SV1ERf3U6whTyefz8PqCP7i2w mnujZKVomZi1AFshc3f4gPWzpi7aEYRgj+XI5a22WVtuzB052MhV5ytoB58HTQcVn2g8 9g2Hi0Zmzcfg2a36lFjSZp5RXJV9SB29n37PHiUWzDPdfqNI/IQkpyrq3j87wYROIcnQ CQRgUduVEcfd5ZaK7maeoTpDesISyD/sS46gTiz2UNcEOQ67lDIxaKmet0ePP2/cuSDK 0Azg==
X-Gm-Message-State: ALoCoQnBW1v2VQM3CKUXorVTzP4EGM6Agv3bTDGbFsCB9DZOqqY/I8u8D3LdzqOPd+J83snFc1ISjNWC9+feyQ42m1caueF+z16yDnbanshkcvEeGYCmJs2i95FDf8R3qoBHvFSSxJ3ugSc0L4lIehRVTNS28kdX9g==
X-Received: by 10.50.1.47 with SMTP id 15mr13243861igj.40.1429806591755; Thu, 23 Apr 2015 09:29:51 -0700 (PDT)
X-Received: by 10.50.1.47 with SMTP id 15mr13243836igj.40.1429806591563; Thu, 23 Apr 2015 09:29:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.240.15 with HTTP; Thu, 23 Apr 2015 09:29:20 -0700 (PDT)
In-Reply-To: <4D256956-BEB5-459A-98D3-94416B37AA6F@me.com>
References: <etPan.55381d39.643c9869.158@Macintosh-5.local> <4D256956-BEB5-459A-98D3-94416B37AA6F@me.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 23 Apr 2015 10:29:20 -0600
Message-ID: <CA+k3eCTF8puhFoRgTt7KkEVmBopBQkSng_-3VjY6La3z8K0t9A@mail.gmail.com>
To: John Bradley <jbradley@me.com>
Content-Type: multipart/alternative; boundary="047d7bdc1a70fcf11a051466c95a"
Archived-At: <http://mailarchive.ietf.org/arch/msg/jwt-reg-review/zfir_sj1S6WBCGiR3tGxnIH-KrA>
Cc: Bart Grantham <bart@genecloud.com>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>
Subject: Re: [Jwt-reg-review] Claims registration question
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2015 16:30:13 -0000
Indeed org.genomicsandhealth.* itself also seems sufficiently collision-resistant. On Thu, Apr 23, 2015 at 10:06 AM, John Bradley <jbradley@me.com> wrote: > You can use public collision resistant names like > http://genomicsandhealth.org/claims/value1 That also allows for the claim > to be documented via the follow your nose principal. > https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.2 > > You could use that and then register them if there is a need for > interoperability outside your community. > > If you established that pattern, it would be unlikely that anyone other > than the owner of that namespace is going to register something in the > registry that conflicts with you. > > John B. > > On Apr 22, 2015, at 7:14 PM, Bart Grantham <bart@genecloud.com> wrote: > > > > A standards body that my company is involved in, the Global Alliance for > Genomic Health (“GA4GH”), is looking at OAuth2/OpenID Connect for identity > management amongst the various projects and it occurs to us that it may be > necessary for the GA4GH to register domain-specific claims regarding > researcher’s qualifications/membership in organizations. > > > > I’m wondering if it’s possible for the GA4GH to claim, after appropriate > discussion and review, a wildcard claim? Something like > org.genomicsandhealth.* ? This would allow the GA4GH to internally manage > the registration of claims that that are relavant to the organization > (“org.genomicsandhealth.projects.beacon”, > “org.genomicsandhealth.eu_commons”, etc.) > > > > If this is not possible, is there an alternative to registering each and > every claim name that arises with IANA? > > > > -- > > Bart Grantham > > _______________________________________________ > > Jwt-reg-review mailing list > > Jwt-reg-review@ietf.org > > https://www.ietf.org/mailman/listinfo/jwt-reg-review > > _______________________________________________ > Jwt-reg-review mailing list > Jwt-reg-review@ietf.org > https://www.ietf.org/mailman/listinfo/jwt-reg-review >
- [Jwt-reg-review] Claims registration question Bart Grantham
- Re: [Jwt-reg-review] Claims registration question John Bradley
- Re: [Jwt-reg-review] Claims registration question Brian Campbell
- Re: [Jwt-reg-review] Claims registration question John Bradley