[Openid-specs-risc] Questions about Subject in SSE events

Atul Tulshibagwale atultulshi at google.com
Fri Oct 8 01:21:03 UTC 2021 

Hi all,
I have decided to go on vacation on Monday and Tuesday, so I won't be able
to attend the call. Here's my view on this topic:

Each event type can specify which fields within the event have the format
of a subject. The field names need not be limited to being "subject". So if
there is an event (and there is none right now) which needs multiple fields
that have the format of a subject, they can do so by naming the fields
appropriately.

Thanks,
Atul


On Wed, Oct 6, 2021 at 1:05 PM Tim Cappalli via Openid-specs-risc <
openid-specs-risc at lists.openid.net> wrote:

> Shayne,
>
> Can we discuss this on the WG call on Tuesday? I agree that this is too
> ambiguous so let's discuss how to fix the spec text.
>
> Tim
>
> ------------------------------
> *From:* Openid-specs-risc <openid-specs-risc-bounces at lists.openid.net> on
> behalf of Shayne Miel (smiel) via Openid-specs-risc <
> openid-specs-risc at lists.openid.net>
> *Sent:* Wednesday, October 6, 2021 11:55
> *To:* Openid-specs-risc at lists.openid.net <
> Openid-specs-risc at lists.openid.net>
> *Subject:* [Openid-specs-risc] Questions about Subject in SSE events
>
> I have two questions about how to encode subjects in SSE events:
>
>
>    1. In section 3
>    <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-sse-framework-1_0-01.html%23subject-ids&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C031e210f95bf46b81f6308d988e1c807%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637691326519039191%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=%2BDyIRsBk%2FV4W9U%2BGq%2F2YF7QVh2zbl7xsGqa43yK42Ss%3D&reserved=0>
>    of the SSE Framework spec it says that a claim of Subject type can have
>    *any* name and section 3.1 shows an example with "transferrer" as the
>    claim. All of the examples in the CAEP and RISC specs use "subject" as the
>    claim. Should there be something in the specification that enforces the use
>    of "subject" as the claim name? If not, how should receivers know how to
>    parse the event?
>    2. In the CAEP spec the examples all show the subject type indicated
>    with the "format" field, which appears to be correct as described in section
>    3 of the Subject Identifiers spec
>    <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-secevent-subject-identifiers%23section-3&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C031e210f95bf46b81f6308d988e1c807%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637691326519049190%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=SGwJ2ESR2VRMhAZtmZPYGoC22LY7SSshYxVFADoJ7R4%3D&reserved=0>.
>    However, in the RISC spec all of the examples show that the subject type is
>    identified with a "subject_type" field. Are the RISC spec examples
>    incorrect?
>
>
> *Shayne Miel*
> / Engineering Technical Leader (he, him, his)
>
> smiel at cisco.com
>
> (919) 923-6230
>
> Duo.com
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fduo.com%2F&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C031e210f95bf46b81f6308d988e1c807%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637691326519049190%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=2W7klgTC%2FSuVxtmZaMxlnpWtlh43rALQii6HSUNsHvg%3D&reserved=0>
>
> ----------
> Duo Security is now part of Cisco
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fduo.com%2Fabout%2Fpress%2Freleases%2Fcisco-completes-acquisition-of-duo-security&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C031e210f95bf46b81f6308d988e1c807%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637691326519059181%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=eIVqc4Ou%2Buyra%2FUm2nrsLLn4EC8%2BTSItPin4xVEbsiQ%3D&reserved=0>
> .
>
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-risc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20211007/2e5dd6b1/attachment.html>

More information about the Openid-specs-risc mailing list