[Openid-specs-risc] [scim] Fwd: New Version Notification for draft-hunt-idevent-token-06.txt
Michael.Jones at microsoft.com
Sat Nov 12 04:04:43 UTC 2016
I just reviewed the changes in draft-hunt-idevent-token-06 and, for the record, I’m fine with them.
From: scim [mailto:scim-bounces at ietf.org] On Behalf Of Phil Hunt
Sent: Thursday, September 29, 2016 3:39 PM
To: id-event at ietf.org
Cc: scim at ietf.org WG <scim at ietf.org>; openid-specs-ab at lists.openid.net Ab <openid-specs-ab at lists.openid.net>; openid-specs-risc at lists.openid.net
Subject: [scim] Fwd: New Version Notification for draft-hunt-idevent-token-06.txt
This is a minor update to the SET Token draft. Based on the mailing list feedback, I made some revisions to the text on transactions and sequencing. I dropped the term “idempotency” as this is not really the correct usage of the word.
The issue I was trying to get at was whether SETs can be delivered in any sequence or whether there sequence is critical. For example in an Idempotent service, one cannot modify a resource that has not yet been created. So while commands may be repeated achieving the same result, the sequence of different commands is critical. 8)
My gut feeling on sequencing (when needed) is most likely resolved by specs that profile SET Tokes by adding sequencing claim or defining “txn” for the purpose. There may be some delivery methods that can provide sequencing, but I think that has more to do with deployment architecture rather than protocol. For example, in a distributed system, the way events are delivered to a Feed Publishing Service might enable the Feed Publisher to guarantee order. That’s not to say I haven’t overlooked a “duh” simple solution.
This draft should be a good starting place for the SEC Event WG proposed charter.
phil.hunt at oracle.com<mailto:phil.hunt at oracle.com>
Begin forwarded message:
From: internet-drafts at ietf.org<mailto:internet-drafts at ietf.org>
Subject: New Version Notification for draft-hunt-idevent-token-06.txt
Date: September 29, 2016 at 3:20:45 PM PDT
To: "Michael B. Jones" <mbj at microsoft.com<mailto:mbj at microsoft.com>>, "William Denniss" <wdenniss at google.com<mailto:wdenniss at google.com>>, "Phil Hunt" <phil.hunt at yahoo.com<mailto:phil.hunt at yahoo.com>>, "Morteza Ansari" <morteza.ansari at cisco.com<mailto:morteza.ansari at cisco.com>>, "Michael Jones" <mbj at microsoft.com<mailto:mbj at microsoft.com>>
A new version of I-D, draft-hunt-idevent-token-06.txt
has been successfully submitted by Phil Hunt and posted to the
Title: Security Event Token (SET)
Document date: 2016-09-29
Group: Individual Submission
This specification defines the Security Event token, which may be
distributed via a protocol such as HTTP. The Security Event Token
(SET) specification profiles the JSON Web Token (JWT) and may be
optionally signed and/or encrypted. A SET describes a statement of
fact that may be shared by an event publisher with event subscribers.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.
The IETF Secretariat
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-risc