
<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">

<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>

</head>

<body dir="ltr">

<div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Good catch Matt.</div>

<div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

<br>

</div>

<div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Could this be as simple as changing 11.1.2 to say "whose value is a Subject Identifier or Complex Subject as defined in section 3.2"?</div>

<div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

<i><br>

</i></div>

<div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

<i><br>

</i></div>

<div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

<i>

<blockquote style="margin-top:0;margin-bottom:0">11.1.2.  SSE Event Subject

<div><br>

</div>

<div>   The subject of a SSE event is identified by the "subject" claim</div>

<div>   within the event payload, <b>whose value is a Subject Identifier.</b>  The</div>

<div>   "subject" claim is REQUIRED for all SSE events.  The JWT "sub" claim</div>

   MUST NOT be present in any SET containing a SSE event.<br>

</blockquote>

</i></div>

<div id="appendonsend"></div>

<hr style="display:inline-block;width:98%" tabindex="-1">

<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Openid-specs-risc <openid-specs-risc-bounces@lists.openid.net> on behalf of Matt Domsch via Openid-specs-risc <openid-specs-risc@lists.openid.net><br>

<b>Sent:</b> Tuesday, May 18, 2021 16:05<br>

<b>To:</b> openid-specs-risc@lists.openid.net <openid-specs-risc@lists.openid.net><br>

<b>Subject:</b> [Openid-specs-risc] Complex Subject Identifiers format member</font>

<div> </div>

</div>

<style>

<!--

@font-face

        {font-family:Wingdings}

@font-face

        {font-family:"Cambria Math"}

@font-face

        {font-family:Calibri}

p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal

        {margin:0in;

        font-size:11.0pt;

        font-family:"Calibri",sans-serif}

a:link, span.x_MsoHyperlink

        {color:blue;

        text-decoration:underline}

span.x_EmailStyle20

        {font-family:"Calibri",sans-serif;

        color:windowtext}

.x_MsoChpDefault

        {font-size:10.0pt;

        font-family:"Calibri",sans-serif}

@page WordSection1

        {margin:1.0in 1.0in 1.0in 1.0in}

div.x_WordSection1

        {}

ol

        {margin-bottom:0in}

ul

        {margin-bottom:0in}

-->

</style>

<div lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">

<div class="x_WordSection1">

<p class="x_MsoNormal">The topic of registries of values came up today, which reminded me…</p>

<p class="x_MsoNormal"> </p>

<p class="x_MsoNormal">Complex Subject Identifiers defined in SSE do not have a format member [1], though it’s required by Subject Identifiers [2].  I know we didn’t want to make a huge list of possible combinations of complex subject identifiers.</p>

<p class="x_MsoNormal">Would it suffice to add a format of “complex” to the SI spec, or assign another collision-resistant string here as SI expects (e.g. “format” : “net.openid.sse.siformat.complex”)?</p>

<p class="x_MsoNormal"> </p>

<p class="x_MsoNormal">Thanks,</p>

<p class="x_MsoNormal">Matt</p>

<p class="x_MsoNormal"> </p>

<p class="x_MsoNormal">[1] <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Frisc%2Fsrc%2Fmaster%2Fopenid-sse-framework-1_0.txt&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C41c2d7d16e1c4c1c9ede08d91a3845d8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637569668119917636%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uU6fsFjQ2pfv%2Fy%2FnRfRrUcOVyeSpzxIQrQfQ%2FAwXbDE%3D&reserved=0" originalsrc="https://bitbucket.org/openid/risc/src/master/openid-sse-framework-1_0.txt" shash="whdKdChDAMxmTxrJsyU+q4mcGPNOeM5SlA1uqoizQxJsHZIyDdVWxuzskAQwolu6hs3YmBkCkE1ECe3hmAFFXyY1QWveCFs9nw1zcfb0F0B/oOQGHIbaY4OlCeNKmFqUyHmFpURUBbMO0WInneR8dKiWvDL+IW6LyqKRj6Xx3Cc=">

https://bitbucket.org/openid/risc/src/master/openid-sse-framework-1_0.txt</a></p>

<p class="x_MsoNormal">[2] <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frichanna%2Fsecevent%2Fblob%2Fmaster%2Fdraft-ietf-secevent-subject-identifiers.md&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C41c2d7d16e1c4c1c9ede08d91a3845d8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637569668119917636%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=CAQo1pO09Gjyc0qSis07u8RV3nMd4UGCc2C%2F4%2BwrndU%3D&reserved=0" originalsrc="https://github.com/richanna/secevent/blob/master/draft-ietf-secevent-subject-identifiers.md" shash="w5rhUXLUMrQMOuQ+nJioUh0Tuz2DPbfEgQ4o+YdLNGNWwGqdTXG9cQ6yqN+hzXMLMQMUyRPz/P0VDFXuSLXfidneGQF9FTe47EIthpxfxyyV3jbVOr9CMKpNxgbGlriGs7W2Axxje4U1uwtr6Kvpzxn4k9cxp5midtppJ6v33ew=">

https://github.com/richanna/secevent/blob/master/draft-ietf-secevent-subject-identifiers.md</a></p>

<p class="x_MsoNormal"> </p>

<p class="x_MsoNormal"> </p>

<div>

<div>

<div>

<p class="x_MsoNormal"><b><span style="font-size:10.0pt; font-family:"Arial",sans-serif">Matt Domsch</span></b><span style="font-family:"Arial",sans-serif"><br>

</span><i><span style="font-size:9.0pt; font-family:"Arial",sans-serif">VP, Engineering Fellow</span></i><span style="font-size:9.0pt; font-family:"Arial",sans-serif"><br>

</span><a href="mailto:matt.domsch@sailpoint.com"><span style="font-size:9.0pt; font-family:"Arial",sans-serif; color:#00B5E2">matt.domsch@sailpoint.com</span></a><span style="font-size:9.0pt; font-family:"Arial",sans-serif; color:#00B5E2"></span></p>

<p class="x_MsoNormal"><span style="font-size:9.0pt; font-family:"Arial",sans-serif; color:black">mobile: 512-981-6486</span><span style="font-size:9.0pt; font-family:"Arial",sans-serif; color:#00B5E2">

</span><span style="font-family:"Arial",sans-serif"><br>

</span><a href="https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.sailpoint.com%2F&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C41c2d7d16e1c4c1c9ede08d91a3845d8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637569668119927591%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=M29hgPAdnSS7Hj4vVtBPzrfd4v%2FlU1jnxLdxgkE8nHo%3D&reserved=0" originalsrc="http://www.sailpoint.com/" shash="lRZQ+ANfClcmC4/2YrftyGUYuqzMWteFDSV2HdwcXVB5XjszCdgnXvrkYI5v0qoDJf+uO1idY5MMAvq0zIu7bVMzbqFsE3rZ3ZFwx5MvqBfSQwSayHTg8D7StsgPu5GpabVB/NwvZGZwdWMMGtsKxsc6wiTPAMMus1hvVEQY0eI="><b><span style="font-size:8.0pt; font-family:"Arial",sans-serif; color:#00B5E2">www.sailpoint.com</span></b></a></p>

</div>

</div>

</div>

</div>

</div>

</body>

</html>