Re: [stir] PASSporT extensions: order of claims

"Politz, Ken" <> Tue, 13 March 2018 19:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5D5ED129C56 for <>; Tue, 13 Mar 2018 12:19:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.01
X-Spam-Status: No, score=-0.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ASDkcIPrC_wC for <>; Tue, 13 Mar 2018 12:19:03 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0484F129C6C for <>; Tue, 13 Mar 2018 12:19:02 -0700 (PDT)
Received: from pps.filterd ( []) by ( with SMTP id w2DJF0OI005495; Tue, 13 Mar 2018 15:18:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=selector1; bh=j5hKckGBSJWCG9hyQf2vOR+lBEgMmI34Qlvizu+IY8I=; b=fHiPhMsOX+vm/MpgdJIv4GC7w+EH2X/H/NVzRxUUBNTCPsc92ggCTRxLP3lCUPMSPBvv gBCVQMEAvsfdLyJwAQ3mhcJdXHASCg5pkVWFfIDNvo9f600HZUN8+Mrr8rtMq6pgbUn8 cL94FaHxvLJPMKOLvDmJM2uKAiiahZl5udqBoHzPZe/hWJHcW8sXaLQJvcpJz0oI9kgn UpybZx0RlXuwmkTzLOmsbM1QGhRv50uK9vQDYgsn0Zd/C7L34Dh0asKYa3upRMgj53DX BRqTF1V42ginAOlD+fIO7ssETFxy+BOs7vUVXJX6jWBxfm1p4jpa/9k3qKU3j1ucVQUE 9w==
Received: from ([]) by with ESMTP id 2gmcjf47kj-1 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 13 Mar 2018 15:18:58 -0400
Received: from ([]) by ([::1]) with mapi id 14.03.0279.002; Tue, 13 Mar 2018 15:18:57 -0400
From: "Politz, Ken" <>
To: Christer Holmberg <>, Chris Wendt <>
CC: "" <>, "" <>
Thread-Topic: [stir] PASSporT extensions: order of claims
Thread-Index: AQHTuvvKLoGLTt5520aG5ALLxR8fX6POigGA
Date: Tue, 13 Mar 2018 19:18:56 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_46946849EEFF3043A8FBCC3D102A2C1A3FCADE50stntexmb13cisne_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-13_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803130214
Archived-At: <>
X-Mailman-Approved-At: Tue, 13 Mar 2018 14:22:01 -0700
Subject: Re: [stir] PASSporT extensions: order of claims
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Telephone Identity Revisited <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 13 Mar 2018 19:19:05 -0000

Try RFC 8225, Section 9, perhaps?  Ken.

From: Christer Holmberg []
Sent: Tuesday, March 13, 2018 2:47 PM
To: Chris Wendt <>;
Subject: Re: [stir] PASSporT extensions: order of claims


>I would agree with the text, the only caveat i would point out is that the extension definition has
>no choice to the order other than alphabetic order, so the order is essentially implied.  So, it’s sort
>of a technicality that maybe we didn’t anticipate, but i think technically you are correct.

Not sure I understand the has-no-choice part. Where is it said that the claims must be ordered in alphabetic order? We could for sure specify it that way, but based on your e-mail it seems like it is already specified somewhere?



On Mar 10, 2018, at 8:27 AM, Christer Holmberg <<>> wrote:

Section 8.3 of RFC 8225, that is.

From: stir [] On Behalf Of Christer Holmberg
Sent: 10 March 2018 15:26
Subject: [stir] PASSporT extensions: order of claims


Section  says:

   “Specifications that define extensions to the PASSporT mechanism MUST
   explicitly specify what claims they include beyond the base set of
   claims from this document, the order in which they will appear,…”

When looking at the extensions we are currently working on:


…I don’t see anything about the order in any of the documents.

I think it would be good to have a dedicated “Order of claims” section, or something similar, in each extension specification.

When looking at the examples in the drafts above, it seems like even the base claims are in different orders. Not sure whether there is an explicit requirement that they need to be in order, thought.



stir mailing list<><>