Re: [Txauth] acquiring claims (was Polymorphism (Was: JSON Schema?))

Leif Johansson <leifj@sunet.se> Mon, 20 July 2020 09:00 UTC

Return-Path: <leifj@sunet.se>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7825F3A08E5 for <txauth@ietfa.amsl.com>; Mon, 20 Jul 2020 02:00:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sunet.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OoZrO5GJK1pF for <txauth@ietfa.amsl.com>; Mon, 20 Jul 2020 02:00:40 -0700 (PDT)
Received: from mail-lj1-x231.google.com (mail-lj1-x231.google.com [IPv6:2a00:1450:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE3633A08DE for <txauth@ietf.org>; Mon, 20 Jul 2020 02:00:11 -0700 (PDT)
Received: by mail-lj1-x231.google.com with SMTP id f5so19363935ljj.10 for <txauth@ietf.org>; Mon, 20 Jul 2020 02:00:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sunet.se; s=google; h=subject:to:references:from:autocrypt:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=x7TdwJH/FXpJ+hEq2C08BQp7mDKy8mZL4AkUEcUEEeM=; b=Ig+/W4Gj3d/sdVgTbptoEa2MUpysZR+cVkOpKBC4a07FTHq0hXEke1ecamNKVH/ruQ Pt5I4S+bhC8sJmudOoEsVoeWNRjwP+De1TnvdbaQ1hwa8caMuX3zIrvzJn+OBiksI/Yt WqwKlKk4ZTxQTl77No7OeWSO5iveGls/ObfjT+ljTpjHugaXVFIWnvTCsrKcuLIHTcuq sdHW4SdK0bPkIYByz5mMLMVH214nMJMhxMDzEZXbFHRAZjqGtMBCfwLaKXq6I3bG8Q8m pKSVFtYdyKqZDaHdh6c8BxzT/mfdGF259yEKlN0VhJIAxKSlmb/1KkXKph2tJGGHw4U8 +eyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:autocrypt:message-id :date:user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=x7TdwJH/FXpJ+hEq2C08BQp7mDKy8mZL4AkUEcUEEeM=; b=ov8Z/lTdKUosSB4XOLPMCEWMZdY2tiRkgn4FyEyXTgnCkp4r/W50PbcvDm6DDYxZiM Qjcv8ShE5hcaSb3W3p5iF2UO+ppHAPXrAvWM3TjwDI5e7s/gL5YN6KnKIKrJz1ekOwf3 teytvFGcpCCAj+sefJL+LeAzyafaU0asDl6gsFX8J6HxJQBO97GC5uO1lLcIR2kwLBkt Ecx8K7dGg+adpbIiHgzjflPKfxnawJs0PB6tGdzspE3Txu28wH16TlCfSim85xEe7L8A qxZkJ8RUi8ehA5X8ZHaELgrkrAIYOJM1Vjioe8dVYX5iC/g5/+oraA/jeFv9/2RSAPEy YTRw==
X-Gm-Message-State: AOAM533cs3AKPgCpdAGHbNNPUMYZ6NSdZAd0e4jVR0uLLDKh4zhCYD18 KyR/sf2Xs4EZGWyUfQJQ/rC3bgcTUk+oBQ==
X-Google-Smtp-Source: ABdhPJysEXvtndIrnpSekpAhNgFx7GaxVosvippj5sTFKpRZRIeYMx2Y5rJ5bHh3ox7tCvNNcRpQEw==
X-Received: by 2002:a2e:9749:: with SMTP id f9mr9005675ljj.276.1595235608966; Mon, 20 Jul 2020 02:00:08 -0700 (PDT)
Received: from [192.168.10.50] ([192.36.125.12]) by smtp.gmail.com with ESMTPSA id g142sm3650006lfd.41.2020.07.20.02.00.07 for <txauth@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 20 Jul 2020 02:00:07 -0700 (PDT)
To: txauth@ietf.org
References: <CAD9ie-vnA98pobbboS00SAHneEG52_8eMxh_sE3r3jg6gyooGg@mail.gmail.com> <6D58464F-3EFA-4367-9033-91FCB9CF40AC@mit.edu> <CAD9ie-syw5YJVsJHncZ-PcLQbYC4r=4LLSQCKtMP=-hGKqT0SA@mail.gmail.com> <0905DCA3-1B30-429A-AB02-8ED27D37F6C3@mit.edu> <CAD9ie-vV-pH6oebREkfY5rZ=8vYZpD2irjyjJ=4mvfKKeKY4-A@mail.gmail.com> <974147F1-A9CE-4093-A170-9F4F9DFB3638@mit.edu> <CAD9ie-vy0iKn6HMD-97jd5MeFtshqpzrGtvvwOX_Ze91qusJKQ@mail.gmail.com> <1D7A02B1-E58D-44D0-9E33-5313A7367949@mit.edu> <CAD9ie-uv5FKhow9ebKHVbZwhiZwRDg3wX9KL2o5g7AvVA=g-6Q@mail.gmail.com> <174F2061-3F0F-49B2-A18F-58DF658E4473@mit.edu> <CAD9ie-vaKmOHMP6veCkyRy3Xojx+Uve9xq7=zWu0ZnnBDFepZg@mail.gmail.com> <F25C6765-C842-4A27-8323-BDCE9300DFDB@mit.edu> <CD6BAD25-5E51-4E8D-862F-61F478B450FC@mit.edu> <CAK2Cwb7w9AP5JtnEGthh4VNMJAvkXH6+gb3a+NQa3=yQeT66gQ@mail.gmail.com> <CAD9ie-u8J3KrAA5=tTf5Ya+cwXwXozQ+cwK8YAoxHvGPM2BNYg@mail.gmail.com> <CAK2Cwb4xYRSYfDKgzdpR1zJagpt7gT7ie4WUrp3yC2E+i71xYw@mail.gmail.com>
From: Leif Johansson <leifj@sunet.se>
Autocrypt: addr=leifj@sunet.se; prefer-encrypt=mutual; keydata= xsBNBFJK9qIBCACypED81H1N4YmhMJrb4uOtTDzo+lFZDVVOcK11+NhTFl+AZZFnWH/7UPn+ q5ZZBd/IhONfb5QGw5FzTyBWHsbAteXgCvHAIyumwhQzhZnow6myyC6/MwDhomT5rb3MkCKC yQMNfj/yMgL6ZRsXVhlGOLMmOekRfKe2wiC5BhRaQQwPZPwgFS5D0Tro8Xfxjk98u8rNpQXi 9walRAffRY+byhkPiBj0sVA2RXK9Dx2DL3EY0xx07r6Qhs2XkbXNDDCHRuChhHSHwWC16VS9 x7Nhfg2EwKqmMGRNREikjwzDl/aHKz+FXTLONdmc83sRyklqgH90f3na6s/RT5XTb08xABEB AAHNHUxlaWYgSm9oYW5zc29uIDxsZWlmakBtbnQuc2U+wsB+BBMBCAAoAhsDBgsJCAcDAgYV CAIJCgsEFgIDAQIeAQIXgAUCW7Yg8gUJDw7ExQAKCRDXOtZDCtR41io7CACOVmQcjoS7cfuF 43NhvpfFjSn91qShubrWx/p0+v/1MRyGajeMKcBd9HPDsN/lhMuY6k2zI1Qsrsycv51QQ+d0 +lPFxO3LKcrzaKqfKV3UZP3eVsMQgyP21iFIFAw424aAeBjWRhhnzlvsiP3RzF4NNb7goMWR PLWlld4M+MGqlM+T8M2Jbxl2OejedK5HCGm00IzXS7NojDGdIiXHbx0S0RloNb7ssQdFdHAH M6hO30lCwTM5jnNbejXhFUlMqYdRjWPUAbFwX3Pw9Wpkr5xz5xYbx8xPZBIG6ROp8ExxP31V NTm+DTnwJS5LLMbV1aDLYIzYlEossP2NFhLtwVDEzsBNBFJK9qIBCAC+k1tFOeDS4gMxEgRk fiVLHFemwJWQiGZHYhtDgjh6w6mB8G3WZ+/gD2CMp5DgHFRC1sW2iMj3gOzrfyxzd9AmWbhX YceR6EFkTc6OVsaIb+eHH/Zo3DKyB1Dq9CA5fjjnEQzti+KKSZYWzB0Fkt7qrfOS6YM1zMjE UxUUwsl1qirx5DuByWLDX7ULU7H/xmPVhHUVZO8XEaFV2m+ICx8Y6B98KMeJ0Qz8b8wp2g7v WEkwS2R6IjF0kMrRxnxUvwA6EUiZuFphhuY/lWCJusLl1olgOE+BKMEUStJWEi0s+pd8FL1v OLeNKbIUFro0+oZr9byABpkPNjMxKV36uj1dABEBAAHCwGUEGAEIAA8CGwwFAlu2H5wFCQ8O w3cACgkQ1zrWQwrUeNbSVAgAmRS6XxztiU9pczUwElOnolmnAIUocSXdfllZABxLX1MkZ4Yn 0jEbJKMpPOAMu7cQs4gni/AprnMae23taqJprwWCE6lTcOEhdPNKSFhdL4eE+UCd9Z9S/8PC M0GkjDF9FAWcrIBmySiHmZfAwKbHk3+AhDmY2PzN+mOzgU7t855+OtcoI02PDEXJGTCU9Mcl YtMNAlrmMmbMUApLSIoFluY35nlBVDFD3bDuCb59Nbs9aBJ9bu956G04XUcYt9sTsnkPppzX 82jyCc6Oeg9He8F1ep7AEoscflUKuwn9YF/sblqq27GO4d/BQPtaNw0iGz1H1C1QWKES4tk4 bZRWFA==
Message-ID: <5561941e-54f9-8c7b-681a-8b9295ebc462@sunet.se>
Date: Mon, 20 Jul 2020 11:00:07 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <CAK2Cwb4xYRSYfDKgzdpR1zJagpt7gT7ie4WUrp3yC2E+i71xYw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/tPFTKRiU48nfND8HFLUOEJ6ngbM>
Subject: Re: [Txauth] acquiring claims (was Polymorphism (Was: JSON Schema?))
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2020 09:00:43 -0000

On 2020-07-19 04:34, Tom Jones wrote:
> absolutely, yes, tha az token can authorize any resource held by the resource server.
> The ONLY thing special about PII is the protection granted by the various privacy laws.
> 
> As an aside, I don't find much in the current discussion that gives me a warm feeling about privacy.
> The stuff in the torsten tokens is about as anti-privacy an effort as exists today.
> Identity assurance does NOT need to be enabled by sending more and yet again more PII.
> Peace ..tom

Taking off my chairs hat for a bit.

This thread has some very common missunderstanding about PII esp as it pertains
to legislation (eg in the EU).

Identifiers are just as much PII as claims containing things that are recognizably
personal (eg names etc).

The term PII stands for personal /identifiable/ information. Identifiers that
uniquely identify a data subject, regardless of what systems & resources may be
needed to de-reference those identifiers are PII - at least in the eyes of GDPR.

	Cheers Leif