[Openid-specs-authzen] Candidate spec for Implementer’s Draft (1.0), and draft of boxcarred requests (1.1)

David Brossard david.brossard at gmail.com
Thu Jul 4 03:53:22 UTC 2024 

Somehow I missed this paragraph. Never mind, all's well.

On Wed, Jul 3, 2024 at 2:47 PM Omri Gazitt <omri at aserto.com> wrote:

> Thanks for reviewing David!
>
> I was intending on making them symmetric. I found this language in the
> current published spec… did you have something else in mind?
>
> Also, I think the best way to track feedback and make sure we’re not
> missing any is through GitHub issues…
>
>
> A Subject is a JSON ([RFC8259 <https://openid.github.io/authzen/#RFC8259>])
> object that contains any number of key-value pair attributes. However,
> there are a minimal number of fields that are required in order to properly
> resolve a Subject.
> type:
>
> REQUIRED. A string value that specifies the type of the Subject.
> id:
>
> REQUIRED. The unique identifier of the Subject, scoped to the type.
>
>
> <http://www.aserto.com/>
>
> Omri Gazitt | CEO
>
> Aserto <http://www.aserto.com/> Inc. | (425) 765-0079
>
>
> On Wed, Jul 3, 2024 at 2:12 PM David Brossard <david.brossard at gmail.com>
> wrote:
>
>> Hi Omri,
>>
>> I just realized the spec could use a bit more symmetry/consistency. For
>> instance, the resource category is described as
>>
>>> A Resource is the target of an access request. It is a JSON ([RFC8259
>>> <https://openid.github.io/authzen/#RFC8259>]) object that is
>>> constructed similar to a Subject entity.¶
>>> <https://openid.github.io/authzen/#section-5.2-1>
>>>
>> The subject category does not allude to RFC8259 when in fact it
>> could/should. Thoughts? At the end of the day, subject and resource are
>> structurally equal/equivalent.
>>
>> Thoughts?
>>
>> On Tue, Jul 2, 2024 at 8:48 PM Omri Gazitt via Openid-specs-authzen <
>> openid-specs-authzen at lists.openid.net> wrote:
>>
>>> Hi all!
>>>
>>> As discussed on the AuthZEN call today, I’ve updated the 1.0 spec and
>>> created a new 1.1 spec that adds the Access Evaluations (plural) API.
>>>
>>> https://openid.github.io/authzen/
>>>
>>>
>>> https://openid.github.io/authzen/authorization-api-1_1#name-access-evaluations-api
>>>
>>>
>>> The first spec (1.0) is what we are working towards making our first
>>> Implementer’s Draft. The second is meant to be a fast follower and adds
>>> support for boxcarred requests.
>>>
>>> Please open issues in GitHub for any comments or questions on either.
>>>
>>> Thanks,
>>> Omri.
>>>
>>>
>>> <http://www.aserto.com/>
>>>
>>> Omri Gazitt | CEO
>>>
>>> Aserto <http://www.aserto.com/> Inc. | (425) 765-0079
>>> --
>>> Openid-specs-authzen mailing list
>>> Openid-specs-authzen at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/openid-specs-authzen
>>>
>>
>>
>> --
>> ---
>> David Brossard
>> http://www.linkedin.com/in/davidbrossard
>> http://twitter.com/davidjbrossard
>> http://about.me/brossard
>> ---
>> Stay safe on the Internet: IC3 Prevention Tips
>> <https://www.capefearnetworks.com/wp-content/uploads/2017/05/Internet-Fraud-Prevention-Tips-IC3.pdf>
>> Prenez vos précautions sur Internet:
>> http://www.securite-informatique.gouv.fr/gp_rubrique34.html
>>
>

-- 
---
David Brossard
http://www.linkedin.com/in/davidbrossard
http://twitter.com/davidjbrossard
http://about.me/brossard
---
Stay safe on the Internet: IC3 Prevention Tips
<https://www.capefearnetworks.com/wp-content/uploads/2017/05/Internet-Fraud-Prevention-Tips-IC3.pdf>
Prenez vos précautions sur Internet:
http://www.securite-informatique.gouv.fr/gp_rubrique34.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20240703/480d3cbe/attachment.html>

More information about the Openid-specs-authzen mailing list