[Openid-specs-risc] [Id-event] SSE changes to the Subject Identifiers Spec

Mon Jul 13 16:09:10 UTC 2020

Hi Atul,

Formally, if this is a working group document (which it currently is not, but the editors would like it to be), then the working group needs to decide on any significant changes to the document. The SSE discussion is very relevant background, but it does not replace SecEvent working group discussion/consensus.

Thanks,

                Yaron

From: Atul Tulshibagwale <atultulshi at google.com>
Date: Monday, July 13, 2020 at 18:40
To: Yaron Sheffer <yaronf.ietf at gmail.com>
Cc: <id-event at ietf.org>, Openid-specs-risc <openid-specs-risc at lists.openid.net>, Annabelle Richard <richanna at amazon.com>, Marius Scurtescu <marius.scurtescu at coinbase.com>, michaeljones_fwd <Michael.Jones at microsoft.com>
Subject: Re: [Id-event] SSE changes to the Subject Identifiers Spec

Hi Yaron,

Thanks for the suggestion, I will start a new thread for each topic. Just FYI as background: We have discussed these changes in the OpenID Shared Signals and Events group, but happy to discuss them here again.

Atul

On Mon, Jul 13, 2020 at 1:44 AM Yaron Sheffer <yaronf.ietf at gmail.com> wrote:

Hi Atul,

Thank you for your contribution!

You are introducing 3-4 new concepts into this draft (including the notion of “conformance” which you have not listed below). I think it would be more appropriate to start an email thread on this list on each one, in order to gauge the working group’s interest. In general the IETF reserves the PR process for smaller, editorial changes, or else for changes that had already been discussed by the mailing list.

Thanks,

                Yaron

From: Id-event <id-event-bounces at ietf.org> on behalf of Atul Tulshibagwale <atultulshi=40google.com at dmarc.ietf.org>
Date: Monday, July 13, 2020 at 05:38
To: <id-event at ietf.org>, Openid-specs-risc <openid-specs-risc at lists.openid.net>
Cc: Annabelle Richard <richanna at amazon.com>, Marius Scurtescu <marius.scurtescu at coinbase.com>, michaeljones_fwd <Michael.Jones at microsoft.com>
Subject: [Id-event] SSE changes to the Subject Identifiers Spec

Hi all,

We've made a number of changes to the subject-identifiers spec in the OpenID "Shared Signals and Events" working group. I have incorporated these changes in a pull request to the present draft in the repository https://github.com/richanna/secevent.

Please review the changes here:

https://github.com/richanna/secevent/pull/1

Summary of the changes:

Defined "Subject Principals" as management entities that are represented by the subject identifiers
Defined "Subject Principal Administrative Groupings" or SPAGs that may be used for certain events that pertain to the entire grouping. IRL Spags may be tenants in a multi-tenanted host or may be OUs or groups within a tenant.
Defined the following Common Claims that may be applied to any subject identifier:
spag_id: An optional claim that can be used to ensure uniqueness of the subject identifier within the SPAG.
category: An optional claim that can be used to define the scope of the subject identifier. E.g., Does a phone number represent the user or the device the user is using. The category can disambiguate this.
Added a SAML subject identifier type as was needed by some use cases in SSE.
Added myself as a co-author, given the scope of these changes.
Thanks,

Atul

_______________________________________________ Id-event mailing list Id-event at ietf.org https://www.ietf.org/mailman/listinfo/id-event 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20200713/f4c54fe5/attachment-0001.html>