<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:30113289;
mso-list-template-ids:-28946354;}
@list l0:level1
{mso-level-start-at:4;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1
{mso-list-id:760027667;
mso-list-template-ids:-109176314;}
@list l2
{mso-list-id:1840197297;
mso-list-template-ids:-347700368;}
@list l2:level1
{mso-level-start-at:3;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>Hi Atul,<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Formally, if this is a working group document (which it currently is not, but the editors would like it to be), then the working group needs to decide on any significant changes to the document. The SSE discussion is very relevant background, but it does not replace SecEvent working group discussion/consensus.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Thanks,<o:p></o:p></p><p class=MsoNormal> Yaron<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:12.0pt;color:black'>From: </span></b><span style='font-size:12.0pt;color:black'>Atul Tulshibagwale <atultulshi@google.com><br><b>Date: </b>Monday, July 13, 2020 at 18:40<br><b>To: </b>Yaron Sheffer <yaronf.ietf@gmail.com><br><b>Cc: </b><id-event@ietf.org>, Openid-specs-risc <openid-specs-risc@lists.openid.net>, Annabelle Richard <richanna@amazon.com>, Marius Scurtescu <marius.scurtescu@coinbase.com>, michaeljones_fwd <Michael.Jones@microsoft.com><br><b>Subject: </b>Re: [Id-event] SSE changes to the Subject Identifiers Spec<o:p></o:p></span></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Hi Yaron,<o:p></o:p></p><div><p class=MsoNormal>Thanks for the suggestion, I will start a new thread for each topic. Just FYI as background: We have discussed these changes in the OpenID Shared Signals and Events group, but happy to discuss them here again.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Atul<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal>On Mon, Jul 13, 2020 at 1:44 AM Yaron Sheffer <<a href="mailto:yaronf.ietf@gmail.com">yaronf.ietf@gmail.com</a>> wrote:<o:p></o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Hi Atul,<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Thank you for your contribution!<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>You are introducing 3-4 new concepts into this draft (including the notion of “conformance” which you have not listed below). I think it would be more appropriate to start an email thread on this list on each one, in order to gauge the working group’s interest. In general the IETF reserves the PR process for smaller, editorial changes, or else for changes that had already been discussed by the mailing list.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Thanks,<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> Yaron<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span style='font-size:12.0pt;color:black'>From: </span></b><span style='font-size:12.0pt;color:black'>Id-event <<a href="mailto:id-event-bounces@ietf.org" target="_blank">id-event-bounces@ietf.org</a>> on behalf of Atul Tulshibagwale <atultulshi=<a href="mailto:40google.com@dmarc.ietf.org" target="_blank">40google.com@dmarc.ietf.org</a>><br><b>Date: </b>Monday, July 13, 2020 at 05:38<br><b>To: </b><<a href="mailto:id-event@ietf.org" target="_blank">id-event@ietf.org</a>>, Openid-specs-risc <<a href="mailto:openid-specs-risc@lists.openid.net" target="_blank">openid-specs-risc@lists.openid.net</a>><br><b>Cc: </b>Annabelle Richard <<a href="mailto:richanna@amazon.com" target="_blank">richanna@amazon.com</a>>, Marius Scurtescu <<a href="mailto:marius.scurtescu@coinbase.com" target="_blank">marius.scurtescu@coinbase.com</a>>, michaeljones_fwd <<a href="mailto:Michael.Jones@microsoft.com" target="_blank">Michael.Jones@microsoft.com</a>><br><b>Subject: </b>[Id-event] SSE changes to the Subject Identifiers Spec</span><o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Hi all,<o:p></o:p></p><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>We've made a number of changes to the subject-identifiers spec in the OpenID "Shared Signals and Events" working group. I have incorporated these changes in a pull request to the present draft in the repository <a href="https://github.com/richanna/secevent" target="_blank">https://github.com/richanna/secevent</a>.<o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Please review the changes here:<o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><a href="https://github.com/richanna/secevent/pull/1" target="_blank">https://github.com/richanna/secevent/pull/1</a><o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Summary of the changes:<o:p></o:p></p></div><div><ol start=1 type=1><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo1'>Defined "Subject Principals" as management entities that are represented by the subject identifiers<o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo1'>Defined "Subject Principal Administrative Groupings" or SPAGs that may be used for certain events that pertain to the entire grouping. IRL Spags may be tenants in a multi-tenanted host or may be OUs or groups within a tenant.<o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo1'>Defined the following Common Claims that may be applied to any subject identifier:<o:p></o:p></li></ol><ol start=3 type=1><ol start=1 type=1><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level2 lfo2'>spag_id: An optional claim that can be used to ensure uniqueness of the subject identifier within the SPAG.<o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level2 lfo2'>category: An optional claim that can be used to define the scope of the subject identifier. E.g., Does a phone number represent the user or the device the user is using. The category can disambiguate this.<o:p></o:p></li></ol></ol><ol start=4 type=1><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3'>Added a SAML subject identifier type as was needed by some use cases in SSE.<o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3'>Added myself as a co-author, given the scope of these changes.<o:p></o:p></li></ol><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Thanks,<o:p></o:p></p></div></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Atul<o:p></o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'> <o:p></o:p></p></div></div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>_______________________________________________ Id-event mailing list <a href="mailto:Id-event@ietf.org" target="_blank">Id-event@ietf.org</a> <a href="https://www.ietf.org/mailman/listinfo/id-event" target="_blank">https://www.ietf.org/mailman/listinfo/id-event</a> <o:p></o:p></p></div></div></blockquote></div></div></body></html>