[Openid-specs-risc] Proposal for using sub_id as top level claim in SET

[Shayne Miel (smiel)]

As promised in today's call, here is a brief proposal for requiring the "sub_id" claim as a top-level member of the SET and making "subject" a deprecated claim in the RISC and CAEP event schemas: https://github.com/openid/sharedsignals/issues/52#issuecomment-1610119621
[https://opengraph.githubassets.com/8849bf97cb74b3c11a4887955302938ca2e71541c425c95115e9873a8f48facf/openid/sharedsignals/issues/52]<https://github.com/openid/sharedsignals/issues/52#issuecomment-1610119621>
Should subject identifier be pulled out of the event definitions? · Issue #52 · openid/sharedsignals<https://github.com/openid/sharedsignals/issues/52#issuecomment-1610119621>
>From Phil Hunt: IETF spec expects subject identifier to be in the top level of the JWT. SSF expects subject identifier to be embedded within the events being transmitted. Can we move subject identi...
github.com


[cid:f190691e-ec2e-484b-b535-3a1560d15388]
[https://duo.com/assets/img/email/spacer.gif]
Shayne Miel
/ Principal Engineer (he, him, his)

smiel at cisco.com<mailto:smiel at cisco.com>

(919) 923-6230

cisco.com<https://www.cisco.com/site/us/en/products/security/index.html>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230627/fc9993c0/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-z0z32y2i.png
Type: image/png
Size: 13713 bytes
Desc: Outlook-z0z32y2i.png
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230627/fc9993c0/attachment-0001.png>