Re: [stir] PASSporT extensions: order of claims

Christer Holmberg <> Tue, 13 March 2018 18:47 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0A3AF127775 for <>; Tue, 13 Mar 2018 11:47:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.319
X-Spam-Status: No, score=-4.319 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id nt1z-91amcIF for <>; Tue, 13 Mar 2018 11:47:30 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 553991200F1 for <>; Tue, 13 Mar 2018 11:47:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256;; s=mailgw201801; c=relaxed/simple; q=dns/txt;; t=1520966848; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=roqdytyReFbEYZzvF0M/4DdBbxdzR/BqZJjcfi2lFmw=; b=H0KOTDv3yL3Cd5nQvHecyARwMuDBO4MDelT37CkrjrFqHKurCR4wRjgTeqFkKSO7 pZKjcCzJ0MDnzGd5qyST6t0dOgMQ5nDxgy+97asgtwKr+tv0M/T3+dLnb3tE5v2N pWcys24tKwYqvEfIiImeh8XioL7BFOi7VVwp5PFAWVY=;
X-AuditID: c1b4fb2d-87c029c000005540-f7-5aa81cc07e35
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id AF.E4.21824.0CC18AA5; Tue, 13 Mar 2018 19:47:28 +0100 (CET)
Received: from ([]) by ([]) with mapi id 14.03.0382.000; Tue, 13 Mar 2018 19:47:27 +0100
From: Christer Holmberg <>
To: Chris Wendt <>
CC: "" <>, "" <>
Thread-Topic: [stir] PASSporT extensions: order of claims
Thread-Index: AdO4Vc+a+PS/xYPIRfO1T1CAVYYAVAAHa1xAAJ5T3oAAA66kkA==
Date: Tue, 13 Mar 2018 18:47:27 +0000
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B6C2007A0ESESSMB109erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprDIsWRmVeSWpSXmKPExsUyM2K7ru4BmRVRBnsuKVns+buI3WL6p93M FsvXbmNyYPaY0LeG1WPJkp9MHrN2PmEJYI7isklJzcksSy3St0vgyvj81LfgRhdjxYHlf1kb GP+0MXYxcnJICJhItMyZzNbFyMUhJHCYUWJ9azMrhLOEUWLt+VYgh4ODTcBCovufNkiDiIC2 xOEzDWDNzAJeEp8WrGYCKREGKvnaZQBRYikx+d16ZgjbSeLLzVPsIDaLgKpE29UTTCA2r4Cv xP+Ob2C2kMBJRonT3+1BxnAC1f9oFwAJMwqISXw/tYYJYpO4xK0n85kgThaQWLLnPDOELSrx 8vE/VghbSeLMpucsEPX5EpcfL2SBWCUocXLmE5YJjCKzkIyahaRsFpKyWUBXMAtoSqzfpQ9R oigxpfshO4StIdE6Zy47svgCRvZVjKLFqcXFuelGxnqpRZnJxcX5eXp5qSWbGIFxdnDLb90d jKtfOx5iFOBgVOLhfci9IkqINbGsuDL3EKMEB7OSCK8cH1CINyWxsiq1KD++qDQntfgQozQH i5I470lP3ighgfTEktTs1NSC1CKYLBMHp1QDI5v/gR3RdW5Zf7pjxe1/xsVwd/SGfRf6oXV6 8gN2hlmKfjvVXpz4WBZturjor9WXJ+KPbEv1n1rdWd7Nmdi2yUuXqb+B9RHzkdX8bAcndS36 5M5+Volp+n/LmFgZvadL/mp9vrQz79dpUU2vI5a+HXZ25R2nXyrPDZtdk3n97PWrf6YskX7O qcRSnJFoqMVcVJwIAGkEvICvAgAA
Archived-At: <>
Subject: Re: [stir] PASSporT extensions: order of claims
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Telephone Identity Revisited <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 13 Mar 2018 18:47:33 -0000


>I would agree with the text, the only caveat i would point out is that the extension definition has
>no choice to the order other than alphabetic order, so the order is essentially implied.  So, it’s sort
>of a technicality that maybe we didn’t anticipate, but i think technically you are correct.

Not sure I understand the has-no-choice part. Where is it said that the claims must be ordered in alphabetic order? We could for sure specify it that way, but based on your e-mail it seems like it is already specified somewhere?



On Mar 10, 2018, at 8:27 AM, Christer Holmberg <<>> wrote:

Section 8.3 of RFC 8225, that is.

From: stir [] On Behalf Of Christer Holmberg
Sent: 10 March 2018 15:26
Subject: [stir] PASSporT extensions: order of claims


Section  says:

   “Specifications that define extensions to the PASSporT mechanism MUST
   explicitly specify what claims they include beyond the base set of
   claims from this document, the order in which they will appear,…”

When looking at the extensions we are currently working on:


…I don’t see anything about the order in any of the documents.

I think it would be good to have a dedicated “Order of claims” section, or something similar, in each extension specification.

When looking at the examples in the drafts above, it seems like even the base claims are in different orders. Not sure whether there is an explicit requirement that they need to be in order, thought.



stir mailing list<>