Skip to main content

Subject Identifiers for Security Event Tokens
draft-ietf-secevent-subject-identifiers-18

Revision differences

Document history

Date Rev. By Action
2023-11-30
18 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2023-10-06
18 (System) RFC Editor state changed to AUTH48
2023-08-21
18 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2023-06-27
18 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2023-06-27
18 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2023-06-27
18 (System) IANA Action state changed to In Progress from Waiting on Authors
2023-06-26
18 (System) IANA Action state changed to Waiting on Authors from In Progress
2023-06-26
18 (System) RFC Editor state changed to EDIT
2023-06-26
18 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2023-06-26
18 (System) Announcement was received by RFC Editor
2023-06-26
18 (System) IANA Action state changed to In Progress
2023-06-26
18 Amy Vezza IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2023-06-26
18 Amy Vezza IESG has approved the document
2023-06-26
18 Amy Vezza Closed "Approve" ballot
2023-06-26
18 Amy Vezza Ballot approval text was generated
2023-06-26
18 (System) Removed all action holders (IESG state changed)
2023-06-26
18 Roman Danyliw IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup
2023-06-26
18 Murray Kucherawy
[Ballot comment]
Thanks for addressing my DISCUSS issue.

For the record, I also supported Eric V's DISCUSS position.

The shepherd writeup says this about controversy …
[Ballot comment]
Thanks for addressing my DISCUSS issue.

For the record, I also supported Eric V's DISCUSS position.

The shepherd writeup says this about controversy in the working group:

  "No controversy beyond the normal."

Beyond this resulting in a cynical chuckle, I don't actually know whether I should be worried here.

The shepherd writeup also says:

  "Again, two of the authors have been recently active, while one has not been in touch for a long time."

This doesn't bode well for an easy AUTH48.  Should we consider moving that person to an Acknowledgments or Contributors section?

In Section 3.1:

  "E.g., While the email Identifier Format declares [...]"

I don't think you can start a sentence with "E.g.,"; I suggest changing that to "For example".

In Section 3.2.1 (and elsewhere):

  "Subject Identifiers in this format MUST contain a uri member whose value [...]"

Please put quotes around "uri" when it's used this way.  This isn't necessary when it's used as an acronym, but it should be quoted when it's a string literal.  I suggest the same for "url", "iss", "sub", and others; they otherwise look like misspelled or partial words.  "did" is even worse because it actually is an English word.

In Section 3.2.2:

  "The value of the email member SHOULD identify a mailbox to which email may be delivered [...]"

I'm curious about this constraint:

(a) If the goal is to have event-related content be reliably deliverable, why isn't this a MUST?

(b) If you leave it SHOULD, what interoperability concern specific to security events is created if I use an email address that's not actually deliverable?

In Section 3.2.4:

  "The Opaque Identifier Format describes a subject that is identified with a string with no semantics asserted beyond its usage as an identifier for the subject, such as a UUID or hash used as a surrogate identifier for a record in a database."

This is curious; since UUID has a specific standard format (and you could sync up with the UUIDREV working group if you want the cutting edge version), why not declare an Identifier Format for it explicitly?

In Section 8.1.2:

  "Contact information such as mailing address, email address, or phone number may also be provided."

A name alone probably isn't helpful to IANA.  I suggest changing "may" to "must".

My original DISCUSS position was:

I'd like to elevate something Paul observed in his comment to DISCUSS.  In Section 3.2.2.1:

  "When receiving an Email Subject Identifier, the recipient SHOULD use their implementation's canonicalization algorithm to resolve the email address to the same string used in their system."

This only applies if the domain portion of the email address is one that the local system considers to be a local address, correct?  That is, if I'm "example.com" but I get an email address of some other domain, I shouldn't be applying canonicalization at all, correct?

And to echo Paul's question: Why isn't the mail system doing the canonicalization?  Or is the goal here just to tell if two slightly different local addresses are (likely) referring to the same recipient for some aggregation purpose?

My general concern here is that now the events implementation has to exactly mirror whatever canonicalization the mail system is doing, which might not be known, or would require duplication of effort, or could allow for configuration drift, etc.  None of these are showstoppers, but it seems like more prose around this is probably a good idea if we want to go this route.
2023-06-26
18 Murray Kucherawy [Ballot Position Update] Position for Murray Kucherawy has been changed to No Objection from Discuss
2023-06-24
18 (System) Changed action holders to Roman Danyliw (IESG state changed)
2023-06-24
18 (System) Sub state has been changed to AD Followup from Revised I-D Needed
2023-06-24
18 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-18.txt
2023-06-24
18 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2023-06-24
18 Prachi Jain Uploaded new revision
2023-06-23
17 Roman Danyliw Please revise per blocking IESG Review feedback
2023-06-23
17 (System) Changed action holders to Annabelle Backman, Marius Scurtescu, Prachi Jain, Roman Danyliw (IESG state changed)
2023-06-23
17 Roman Danyliw IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation::AD Followup
2023-06-21
17 Éric Vyncke
[Ballot comment]
Thanks for addressing my DISCUSS points in https://mailarchive.ietf.org/arch/msg/id-event/xZOWRjkwpde0Mqlf6oi_Bj9LlQA/

Thanks to Roman to trigger my review of my previous ballot position, else I would …
[Ballot comment]
Thanks for addressing my DISCUSS points in https://mailarchive.ietf.org/arch/msg/id-event/xZOWRjkwpde0Mqlf6oi_Bj9LlQA/

Thanks to Roman to trigger my review of my previous ballot position, else I would still be sitting on it ;)

Usually, when a DISCUSS point is raised by an Area Director, this is to start a discussion (hence the name), but there was no discussion on my DISCUSS position. Unusual but OK.

Regards

-éric
2023-06-21
17 Éric Vyncke Ballot comment text updated for Éric Vyncke
2023-06-21
17 Éric Vyncke
[Ballot comment]
Thanks for addressing my DISCUSS points in https://mailarchive.ietf.org/arch/msg/id-event/xZOWRjkwpde0Mqlf6oi_Bj9LlQA/

Thanks to Roman to trigger my review of my previous ballot position, else I would …
[Ballot comment]
Thanks for addressing my DISCUSS points in https://mailarchive.ietf.org/arch/msg/id-event/xZOWRjkwpde0Mqlf6oi_Bj9LlQA/

Thanks to Roman to trigger my review of my previous ballot position, else I would still be sitting on it ;)

Usually, when a DISCUSS point is raised by an Area Director, this is to start a discussion (hence the name), but there was no discussion on my DISCUSS position. Unusual but OK.

-éric
2023-06-21
17 Éric Vyncke [Ballot Position Update] Position for Éric Vyncke has been changed to No Objection from Discuss
2023-04-29
17 (System) Changed action holders to Roman Danyliw (IESG state changed)
2023-04-29
17 (System) Sub state has been changed to AD Followup from Revised I-D Needed
2023-04-29
17 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2023-04-29
17 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-17.txt
2023-04-29
17 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2023-04-29
17 Prachi Jain Uploaded new revision
2023-02-21
16 Francesca Palombini
[Ballot comment]
Thank you for the work on this document.

Many thanks to Paul Kyzivat for his ART ART review: https://mailarchive.ietf.org/arch/msg/art/3UoUPXy96ynW4msza41RfQqzsss/. I haven't seen …
[Ballot comment]
Thank you for the work on this document.

Many thanks to Paul Kyzivat for his ART ART review: https://mailarchive.ietf.org/arch/msg/art/3UoUPXy96ynW4msza41RfQqzsss/. I haven't seen any answer to Paul's review, which I think gives input for improvements and clarifications, so I would strongly encourage the authors to evaluate and respond to Paul's comments. Regarding Paul's 1st comment, I think that ship has sailed, so I would not insist on any change there.

Additionally, I was surprised to see the following statement in the expert guidelines:

> In the case where a request is rejected, the Expert Reviewer must provide the requesting party with a written statement expressing the reason for rejection, and be prepared to cite any sources of information that went into that decision.

Although I understand wanting to know the reasoning behind a rejection, I would not formulate this as a formal requirement on the experts.

Francesca
2023-02-21
16 Francesca Palombini [Ballot Position Update] New position, No Objection, has been recorded for Francesca Palombini
2023-02-16
16 (System) Changed action holders to Roman Danyliw, Marius Scurtescu, Annabelle Backman, Prachi Jain (IESG state changed)
2023-02-16
16 Cindy Morgan IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation
2023-02-15
16 Murray Kucherawy
[Ballot discuss]
I'd like to elevate something Paul observed in his comment to DISCUSS.  In Section 3.2.2.1:

  "When receiving an Email Subject Identifier, the …
[Ballot discuss]
I'd like to elevate something Paul observed in his comment to DISCUSS.  In Section 3.2.2.1:

  "When receiving an Email Subject Identifier, the recipient SHOULD use their implementation's canonicalization algorithm to resolve the email address to the same string used in their system."

This only applies if the domain portion of the email address is one that the local system considers to be a local address, correct?  That is, if I'm "example.com" but I get an email address of some other domain, I shouldn't be applying canonicalization at all, correct?

And to echo Paul's question: Why isn't the mail system doing the canonicalization?  Or is the goal here just to tell if two slightly different local addresses are (likely) referring to the same recipient for some aggregation purpose?

My general concern here is that now the events implementation has to exactly mirror whatever canonicalization the mail system is doing, which might not be known, or would require duplication of effort, or could allow for configuration drift, etc.  None of these are showstoppers, but it seems like more prose around this is probably a good idea if we want to go this route.
2023-02-15
16 Murray Kucherawy
[Ballot comment]
I support Eric V's DISCUSS position.

The shepherd writeup says this about controversy in the working group:

  "No controversy beyond the normal." …
[Ballot comment]
I support Eric V's DISCUSS position.

The shepherd writeup says this about controversy in the working group:

  "No controversy beyond the normal."

Beyond this resulting in a cynical chuckle, I don't actually know whether I should be worried here.

The shepherd writeup also says:

  "Again, two of the authors have been recently active, while one has not been in touch for a long time."

This doesn't bode well for an easy AUTH48.  Should we consider moving that person to an Acknowledgments or Contributors section?

In Section 3.1:

  "E.g., While the email Identifier Format declares [...]"

I don't think you can start a sentence with "E.g.,"; I suggest changing that to "For example".

In Section 3.2.1 (and elsewhere):

  "Subject Identifiers in this format MUST contain a uri member whose value [...]"

Please put quotes around "uri" when it's used this way.  This isn't necessary when it's used as an acronym, but it should be quoted when it's a string literal.  I suggest the same for "url", "iss", "sub", and others; they otherwise look like misspelled or partial words.  "did" is even worse because it actually is an English word.

In Section 3.2.2:

  "The value of the email member SHOULD identify a mailbox to which email may be delivered [...]"

I'm curious about this constraint:

(a) If the goal is to have event-related content be reliably deliverable, why isn't this a MUST?

(b) If you leave it SHOULD, what interoperability concern specific to security events is created if I use an email address that's not actually deliverable?

In Section 3.2.4:

  "The Opaque Identifier Format describes a subject that is identified with a string with no semantics asserted beyond its usage as an identifier for the subject, such as a UUID or hash used as a surrogate identifier for a record in a database."

This is curious; since UUID has a specific standard format (and you could sync up with the UUIDREV working group if you want the cutting edge version), why not declare an Identifier Format for it explicitly?

In Section 8.1.2:

  "Contact information such as mailing address, email address, or phone number may also be provided."

A name alone probably isn't helpful to IANA.  I suggest changing "may" to "must".
2023-02-15
16 Murray Kucherawy [Ballot Position Update] New position, Discuss, has been recorded for Murray Kucherawy
2023-02-15
16 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2023-02-15
16 Éric Vyncke
[Ballot discuss]

# Éric Vyncke, INT AD, comments for draft-ietf-secevent-subject-identifiers-16
CC @evyncke

Thank you for the work put into this document.

Please find below two …
[Ballot discuss]

# Éric Vyncke, INT AD, comments for draft-ietf-secevent-subject-identifiers-16
CC @evyncke

Thank you for the work put into this document.

Please find below two blocking DISCUSS points (easy to address), some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and some nits.

Special thanks to Yaron Sheffer for the shepherd's detailed write-up including the WG consensus **but** without the justification of the intended status.

I hope that this review helps to improve the document,

Regards,

-éric


## DISCUSS

As noted in https://www.ietf.org/blog/handling-iesg-ballot-positions/, a DISCUSS ballot is a request to have a discussion on the following topics:

### BCP 14

Please use the right BCP14 template (including reference to RFC 8174)

### No subject identifier for addresses

Like Erik Kline: either suppress the "IP or MAC address" in section 1, or **much** better add subsection in 3.2 to handle MAC/IP addresses.
2023-02-15
16 Éric Vyncke
[Ballot comment]

## COMMENTS

### Section 1

Please explain what "iss" is in `JWT iss claim` ;-)

### Section 3

Isn't `Identifier Formats that are …
[Ballot comment]

## COMMENTS

### Section 1

Please explain what "iss" is in `JWT iss claim` ;-)

### Section 3

Isn't `Identifier Formats that are expected to be used broadly` a little vague ?

## NITS

### Section 3.2.2.1

s/the recipient SHOULD use their implementation/the recipients SHOULD use their implementation/ ?

### Section 3.2.6

s/MUST contain a url member/MUST contain a URL member/ and several other places where some acronyms should be in uppercase.

## Notes

This review is in the ["IETF Comments" Markdown format][ICMF], You can use the
[`ietf-comments` tool][ICT] to automatically convert this review into
individual GitHub issues.

[ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md
[ICT]: https://github.com/mnot/ietf-comments
2023-02-15
16 Éric Vyncke [Ballot Position Update] New position, Discuss, has been recorded for Éric Vyncke
2023-02-15
16 Warren Kumari [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari
2023-02-15
16 Zaheduzzaman Sarker [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker
2023-02-14
16 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2023-02-14
16 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-16.txt
2023-02-14
16 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2023-02-14
16 Prachi Jain Uploaded new revision
2023-02-14
15 Paul Wouters
[Ballot comment]
On Email Canonicalization:

        some providers treat the local part of the email address as
        case-insensitive …
[Ballot comment]
On Email Canonicalization:

        some providers treat the local part of the email address as
        case-insensitive as well, and consider "user@example.com",
        "User@example.com", and "USER@example.com" as the same email
        address.

"some" is an interesting word choice for "basically every implementation
currently deployed". More seriously, an example of where dots (".") are
optional would be a better example as there are actually servers which
do and which do not treat these as equivalent. Whereas for case sensitivity,
that ship sailed a decade ago. However, the overarching question is, why
should email canonicalization be done in the first place? Isn't that
better done at the receiver of the secevent? Or is that what is implied
in section 3.1 (as it doesnt talk about the producer or consumer at all)

In  8.2.1. Registry Contents, should the change controller be IETF, not IESG ?

NITS:

The layout in Section 4.1 makes it appear the Figure descriptions are above
the example instead of below it and makes things confusing. I'd recommend some
changes in whitespace / lines there.

8.1.3 Format Name: email is the only entry not using quotes (eg "email")
2023-02-14
15 Paul Wouters [Ballot Position Update] New position, No Objection, has been recorded for Paul Wouters
2023-02-14
15 Samuel Weiler Request for Last Call review by SECDIR Completed: Ready. Reviewer: Samuel Weiler. Sent review to list.
2023-02-13
15 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2023-02-13
16 (System) IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2023-02-13
15 John Scudder
[Ballot comment]
Thanks for this very readable and thorough document. I have two minor comments.

- the BCP 14 boilerplate is supposed to (normatively) reference …
[Ballot comment]
Thanks for this very readable and thorough document. I have two minor comments.

- the BCP 14 boilerplate is supposed to (normatively) reference RFC 8174 as well as RFC 2119.
- “contain a uri members” -> “contain a uri member” (agreement in number)
2023-02-13
15 John Scudder [Ballot Position Update] New position, No Objection, has been recorded for John Scudder
2023-02-13
15 Lars Eggert
[Ballot comment]
# GEN AD review of draft-ietf-secevent-subject-identifiers-15

CC @larseggert

Thanks to Christer Holmberg for the General Area Review Team (Gen-ART) review
(https://mailarchive.ietf.org/arch/msg/gen-art/OrPm6xTVtSfi6MlSGvJg4rpKusI). …
[Ballot comment]
# GEN AD review of draft-ietf-secevent-subject-identifiers-15

CC @larseggert

Thanks to Christer Holmberg for the General Area Review Team (Gen-ART) review
(https://mailarchive.ietf.org/arch/msg/gen-art/OrPm6xTVtSfi6MlSGvJg4rpKusI).

## Comments

### Section 3.2.1, paragraph 0
```
  3.2.1.  Account Identifier Format
```
Would there be any reason to use URIs more generally when encoding these
identifiers, e.g., also for tel: (RFC3966) or mailto: (RFC2368)?

### Section 3.2.7, paragraph 0
```
  3.2.7.  Uniform Resource Identifier (URI) Format
```
Email addresses and phone numbers (and maybe other identifiers) can be encoded
per the sections above, and also as URIs - should something be said about this?
Is one preferred?

### Boilerplate

This document uses the RFC2119 keywords "SHOULD NOT", "SHALL NOT", "REQUIRED",
"MUST NOT", "RECOMMENDED", "OPTIONAL", "MUST", "SHOULD", "MAY", and "SHALL",
but does not contain the recommended RFC8174 boilerplate. (It contains a
variant of the RFC2119 boilerplate.)

## Nits

All comments below are about very minor potential issues that you may choose to
address in some way - or ignore - as you see fit. Some were flagged by
automated tools (via https://github.com/larseggert/ietf-reviewtool), so there
will likely be some false positives. There is no need to let me know what you
did with these suggestions.

### URLs

These URLs in the document can probably be converted to HTTPS:

* http://openid.net/specs/openid-connect-core-1_0.html
* http://www.itu.int/rec/T-REC-E.164-201011-I/en
* http://www.iana.org/assignments/jwt

### Grammar/style

#### Section 1, paragraph 1
```
e others only have phone numbers. Therefore it can be necessary to indicate w
                                  ^^^^^^^^^
```
A comma may be missing after the conjunctive/linking adverb "Therefore".

#### Section 3, paragraph 3
```
ciated with that email address. Consequently Subject Identifiers remove ambig
                                ^^^^^^^^^^^^
```
A comma may be missing after the conjunctive/linking adverb "Consequently".

#### Section 8.1, paragraph 1
```
cription: Subject identifier based on an phone number. * Change Controller:
                                      ^^
```
Use "a" instead of "an" if the following word doesn't start with a vowel sound,
e.g. "a sentence", "a university".

## Notes

This review is in the ["IETF Comments" Markdown format][ICMF], You can use the
[`ietf-comments` tool][ICT] to automatically convert this review into
individual GitHub issues. Review generated by the [`ietf-reviewtool`][IRT].

[ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md
[ICT]: https://github.com/mnot/ietf-comments
[IRT]: https://github.com/larseggert/ietf-reviewtool
2023-02-13
15 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded for Lars Eggert
2023-02-12
15 Erik Kline
[Ballot comment]

# Internet AD comments for draft-ietf-secevent-subject-identifiers-15
CC @ekline

## Comments

### S1

* IP addresses are listed as an example subject but section …
[Ballot comment]

# Internet AD comments for draft-ietf-secevent-subject-identifiers-15
CC @ekline

## Comments

### S1

* IP addresses are listed as an example subject but section 3.2 does not
  have a dedicated format for them.  This is fine to exclude, of course,
  but I do think the inclusion here created an expectation there would be
  a format defined further down.

  ---

  IF a format is added for IP addresses and IF the member holding an
  address has string value type then the values should be REQUIRED to be
  in accordance with RFC 5952.

  (This kinda raises the issue of IP prefixes as well; again: it's fine with
  me to not specify anything about this in this document. :-)
2023-02-12
15 Erik Kline [Ballot Position Update] New position, No Objection, has been recorded for Erik Kline
2023-02-03
15 Roman Danyliw Placed on agenda for telechat - 2023-02-16
2023-02-03
15 Roman Danyliw Ballot has been issued
2023-02-03
15 Roman Danyliw [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw
2023-02-03
15 Roman Danyliw Created "Approve" ballot
2023-02-03
15 Roman Danyliw IESG state changed to IESG Evaluation from Waiting for Writeup::AD Followup
2023-02-03
15 Roman Danyliw Ballot writeup was changed
2023-02-03
15 (System) Changed action holders to Roman Danyliw (IESG state changed)
2023-02-03
15 (System) Sub state has been changed to AD Followup from Revised ID Needed
2023-02-03
15 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2023-02-03
15 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-15.txt
2023-02-03
15 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2023-02-03
15 Prachi Jain Uploaded new revision
2022-12-06
14 Roman Danyliw
Please review, respond and revised based on the feedback in the GENART and ARTART reviews.  A number are proposing areas of clarity.  A common feedback …
Please review, respond and revised based on the feedback in the GENART and ARTART reviews.  A number are proposing areas of clarity.  A common feedback item in both is that a additional text describing a subject and subject id would be helpful.
2022-12-06
14 (System) Changed action holders to Roman Danyliw, Marius Scurtescu, Annabelle Backman, Prachi Jain (IESG state changed)
2022-12-06
14 Roman Danyliw IESG state changed to Waiting for Writeup::Revised I-D Needed from Waiting for Writeup
2022-12-03
14 Gunter Van de Velde Closed request for Last Call review by OPSDIR with state 'Overtaken by Events'
2022-12-02
14 (System) IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK
2022-12-02
14 David Dong IANA Experts State changed to Expert Reviews OK from Reviews assigned
2022-11-17
14 David Dong IANA Experts State changed to Reviews assigned
2022-11-17
14 (System) IANA Review state changed to IANA - Not OK from IANA - Review Needed
2022-11-17
14 David Dong
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-secevent-subject-identifiers-14. If any part of this review is inaccurate, please let …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-secevent-subject-identifiers-14. If any part of this review is inaccurate, please let us know.

The IANA Functions Operator understands that, upon approval of this document, there are two actions which we must complete.

First, a new registry is to be created called the Security Event Identifier Formats. The new registry will be added under the Security Event Token (SET) registry grouping located at:

https://www.iana.org/assignments/secevent

The new registry will be maintained via Specification Required as defined in RFC 8126. There are eight initial registrations in the new registry as follows:

Format Name: "account"
Format Description: Subject identifier based on acct URI.
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "email"
Format Description: Subject identifier based on email address.
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "iss_sub"
Format Description: Subject identifier based on an issuer and subject.
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "opaque"
Format Description: Subject identifier based on an opaque string.
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "phone_number"
Format Description: Subject identifier based on an phone number.
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "did"
Format Description: Subject identifier based on a decentralized identifier (DID).
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "uri"
Format Description: Subject identifier based on a uniform resource identifier (URI).
Change Controller: IETF
Reference: [ RFC-to-be ]

Format Name: "aliases"
Format Description: Subject identifier that groups together multiple different subject identifiers for the same subject.
Change Controller: IETF
Reference: [ RFC-to-be ]

Second, in the JSON Web Token Claims registry on the JSON Web Token (JWT) registry page located at:

https://www.iana.org/assignments/jwt

a new registration will be made as follows:

Claim Name: "sub_id"
Claim Description: Subject Identifier
Change Controller: IESG
Reference: [ RFC-to-be ]

As this document requests registrations in a Specification Required (see RFC 8126) registry, we will initiate the required Expert Review via a separate request. This review must be completed before the document's IANA state can be changed to "IANA OK."

The IANA Functions Operator understands that these are the only actions required to be completed upon approval of this document.

Would it be acceptable to list the IETF as the change controller for the JSON Web Token (JWT) registration instead of the IESG? There has been a preference for doing so, as described in the expired document at https://datatracker.ietf.org/doc/html/draft-leiba-ietf-iana-registrations-00, but it hasn\u2019t been recorded in a permanent document yet.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed.

For definitions of IANA review states, please see:

https://datatracker.ietf.org/help/state/draft/iana-review

Thank you,

David Dong
IANA Services Specialist
2022-11-17
14 (System) IESG state changed to Waiting for Writeup from In Last Call
2022-11-11
14 Paul Kyzivat Request for Last Call review by ARTART Completed: Ready with Issues. Reviewer: Paul Kyzivat.
2022-11-04
14 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Fred Baker
2022-11-04
14 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Fred Baker
2022-10-31
14 Barry Leiba Request for Last Call review by ARTART is assigned to Paul Kyzivat
2022-10-31
14 Barry Leiba Request for Last Call review by ARTART is assigned to Paul Kyzivat
2022-10-30
14 Tero Kivinen Request for Last Call review by SECDIR is assigned to Samuel Weiler
2022-10-30
14 Tero Kivinen Request for Last Call review by SECDIR is assigned to Samuel Weiler
2022-10-28
14 Christer Holmberg Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: Christer Holmberg. Sent review to list.
2022-10-27
14 Jean Mahoney Request for Last Call review by GENART is assigned to Christer Holmberg
2022-10-27
14 Jean Mahoney Request for Last Call review by GENART is assigned to Christer Holmberg
2022-10-27
14 Cindy Morgan IANA Review state changed to IANA - Review Needed
2022-10-27
14 Cindy Morgan
The following Last Call announcement was sent out (ends 2022-11-17):

From: The IESG
To: IETF-Announce
CC: draft-ietf-secevent-subject-identifiers@ietf.org, id-event@ietf.org, rdd@cert.org, secevent-chairs@ietf.org, yaronf.ietf@gmail.com …
The following Last Call announcement was sent out (ends 2022-11-17):

From: The IESG
To: IETF-Announce
CC: draft-ietf-secevent-subject-identifiers@ietf.org, id-event@ietf.org, rdd@cert.org, secevent-chairs@ietf.org, yaronf.ietf@gmail.com
Reply-To: last-call@ietf.org
Sender:
Subject: Last Call:  (Subject Identifiers for Security Event Tokens) to Proposed Standard


The IESG has received a request from the Security Events WG (secevent) to
consider the following document: - 'Subject Identifiers for Security Event
Tokens'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2022-11-17. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


  Security events communicated within Security Event Tokens may support
  a variety of identifiers to identify subjects related to the event.
  This specification formalizes the notion of subject identifiers as
  structured information that describe a subject, and named formats
  that define the syntax and semantics for encoding subject identifiers
  as JSON objects.  It also defines a registry for defining and
  allocating names for such formats, as well as the sub_id JSON Web
  Token (JWT) claim.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-secevent-subject-identifiers/



No IPR declarations have been submitted directly on this I-D.




2022-10-27
14 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2022-10-27
14 Cindy Morgan Last call announcement was changed
2022-10-27
14 Roman Danyliw Last call was requested
2022-10-27
14 Roman Danyliw Last call announcement was generated
2022-10-27
14 Roman Danyliw Ballot approval text was generated
2022-10-27
14 Roman Danyliw Ballot writeup was generated
2022-10-27
14 Roman Danyliw IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2022-10-27
14 (System) Changed action holders to Roman Danyliw (IESG state changed)
2022-10-27
14 (System) Sub state has been changed to AD Followup from Revised ID Needed
2022-10-27
14 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-14.txt
2022-10-27
14 Jenny Bui Forced post of submission
2022-10-27
14 (System) Request for posting confirmation emailed to previous authors: Annabelle Backman , Marius Scurtescu , Prachi Jain
2022-10-27
14 Annabelle Backman Uploaded new revision
2022-10-20
13 (System) Changed action holders to Roman Danyliw, Marius Scurtescu, Annabelle Backman, Prachi Jain (IESG state changed)
2022-10-20
13 Roman Danyliw IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation::AD Followup
2022-10-20
13 Roman Danyliw Per AD Review, revision coming to change registration policy
2022-10-14
13 Roman Danyliw Remaining elements of AD Review for discussion: https://mailarchive.ietf.org/arch/msg/id-event/ToO1sp3waUb0twAslKga36e8L8w/
2022-10-13
13 (System) Changed action holders to Roman Danyliw (IESG state changed)
2022-10-13
13 (System) Sub state has been changed to AD Followup from Revised ID Needed
2022-10-13
13 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-13.txt
2022-10-13
13 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2022-10-13
13 Prachi Jain Uploaded new revision
2022-09-12
12 (System) Changed action holders to Roman Danyliw, Marius Scurtescu, Annabelle Backman, Prachi Jain (IESG state changed)
2022-09-12
12 Roman Danyliw IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested
2022-09-12
12 Roman Danyliw AD Review: https://mailarchive.ietf.org/arch/msg/id-event/oQp9OGYMXdCnTWax_xz4EdeiaxE/
2022-08-05
12 Yaron Sheffer
# Document Shepherd Write-Up

## Document History

1. Does the working group (WG) consensus represent the strong concurrence of a
  few individuals, with others …
# Document Shepherd Write-Up

## Document History

1. Does the working group (WG) consensus represent the strong concurrence of a
  few individuals, with others being silent, or did it reach broad agreement?

There was previously WG consensus, but the WG has been dormant for a long time.

2. Was there controversy about particular points, or were there decisions where
  the consensus was particularly rough?

No controversy beyond the normal.

3. Has anyone threatened an appeal or otherwise indicated extreme discontent? If
  so, please summarize the areas of conflict in separate email messages to the
  responsible Area Director. (It should be in a separate email because this
  questionnaire is publicly available.)

No extreme discontent.

4. For protocol documents, are there existing implementations of the contents of
  the document? Have a significant number of potential implementers indicated
  plans to implement? Are any existing implementations reported somewhere,
  either in the document itself (as [RFC 7942][3] recommends) or elsewhere
  (where)?

There are multiple implementations. For example, this is a dependency of the GNAP protocol.

### Additional Reviews

5. Do the contents of this document closely interact with technologies in other
  IETF working groups or external organizations, and would it therefore benefit
  from their review? Have those reviews occurred? If yes, describe which
  reviews took place.

This is a dependency of GNAP, and GNAP participants have been involved in the latter development stages of this draft.

6. Describe how the document meets any required formal expert review criteria,
  such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.

N/A.

7. If the document contains a YANG module, has the final version of the module
  been checked with any of the [recommended validation tools][4] for syntax and
  formatting validation? If there are any resulting errors or warnings, what is
  the justification for not fixing them at this time? Does the YANG module
  comply with the Network Management Datastore Architecture (NMDA) as specified
  in [RFC 8342][5]?

N/A.

8. Describe reviews and automated checks performed to validate sections of the
  final version of the document written in a formal language, such as XML code,
  BNF rules, MIB definitions, CBOR's CDDL, etc.

N/A.

### Document Shepherd Checks

9. Based on the shepherd's review of the document, is it their opinion that this
  document is needed, clearly written, complete, correctly designed, and ready
  to be handed off to the responsible Area Director?

Yes to all.

10. Several IETF Areas have assembled [lists of common issues that their
  reviewers encounter][6]. For which areas have such issues been identified
  and addressed? For which does this still need to happen in subsequent
  reviews?

I have reviewed the SEC list and nothing much applies to this draft.

11. What type of RFC publication is being requested on the IETF stream ([Best
  Current Practice][12], [Proposed Standard, Internet Standard][13],
  [Informational, Experimental or Historic][14])? Why is this the proper type
  of RFC? Do all Datatracker state attributes correctly reflect this intent?

Proposed Standard, and I agree this is the appropriate type of publication.

12. Have reasonable efforts been made to remind all authors of the intellectual
  property rights (IPR) disclosure obligations described in [BCP 79][8]? To
  the best of your knowledge, have all required disclosures been filed? If
  not, explain why. If yes, summarize any relevant discussion, including links
  to publicly-available messages when applicable.

Yes, as far as I'm aware there is no IPR associated with the draft. Specifically, this has been confirmed by two of the authors (Annabelle and Prachi) but I have not received a response from the third (Marius).

13. Has each author, editor, and contributor shown their willingness to be
  listed as such? If the total number of authors and editors on the front page
  is greater than five, please provide a justification.

Again, two of the authors have been recently active, while one has not been in touch for a long time.

14. Document any remaining I-D nits in this document. Simply running the [idnits
  tool][8] is not enough; please review the ["Content Guidelines" on
  authors.ietf.org][15]. (Also note that the current idnits tool generates
  some incorrect warnings; a rewrite is underway.)

* The reference to the definition of JSON is to RFC 7159 instead of the newer RFC 8259.
* A few example phone numbers do not follow the [guidelines](https://authors.ietf.org/example-addresses).

15. Should any informative references be normative or vice-versa? See the [IESG
  Statement on Normative and Informative References][16].

The references are classified correctly. Two non-IETF normative references (to E.164 numbering and to Distributed Identifiers) are in my opinion stable.

16. List any normative references that are not freely available to anyone. Did
  the community have sufficient access to review any such normative
  references?

None.

17. Are there any normative downward references (see [RFC 3967][9] and [BCP
  97
][10]) that are not already listed in the [DOWNREF registry][17]? If so,
  list them.

No.

18. Are there normative references to documents that are not ready to be
  submitted to the IESG for publication or are otherwise in an unclear state?
  If so, what is the plan for their completion?

No.

19. Will publication of this document change the status of any existing RFCs? If
  so, does the Datatracker metadata correctly reflect this and are those RFCs
  listed on the title page, in the abstract, and discussed in the
  introduction? If not, explain why and point to the part of the document
  where the relationship of this document to these other RFCs is discussed.

No such RFCs.

20. Describe the document shepherd's review of the IANA considerations section,
  especially with regard to its consistency with the body of the document.
  Confirm that all aspects of the document requiring IANA assignments are
  associated with the appropriate reservations in IANA registries. Confirm
  that any referenced IANA registries have been clearly identified. Confirm
  that each newly created IANA registry specifies its initial contents,
  allocations procedures, and a reasonable name (see [RFC 8126][11]).

The IANA Considerations section is complete and very clear.

21. List any new IANA registries that require Designated Expert Review for
  future allocations. Are the instructions to the Designated Expert clear?
  Please include suggestions of designated experts, if appropriate.

The only registry defined requires a Designated Expert and provides reasonable instructions.

[1]: https://www.ietf.org/about/groups/iesg/
[2]: https://www.rfc-editor.org/rfc/rfc4858.html
[3]: https://www.rfc-editor.org/rfc/rfc7942.html
[4]: https://trac.ietf.org/trac/ops/wiki/yang-review-tools
[5]: https://www.rfc-editor.org/rfc/rfc8342.html
[6]: https://trac.ietf.org/trac/iesg/wiki/ExpertTopics
[7]: https://www.rfc-editor.org/info/bcp79
[8]: https://www.ietf.org/tools/idnits/
[9]: https://www.rfc-editor.org/rfc/rfc3967.html
[10]: https://www.rfc-editor.org/info/bcp97
[11]: https://www.rfc-editor.org/rfc/rfc8126.html
[12]: https://www.rfc-editor.org/rfc/rfc2026.html#section-5
[13]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.1
[14]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.2
[15]: https://authors.ietf.org/en/content-guidelines-overview
[16]: https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/
[17]: https://datatracker.ietf.org/doc/downref/
2022-08-05
12 Yaron Sheffer IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up
2022-08-05
12 Yaron Sheffer IESG state changed to Publication Requested from I-D Exists
2022-08-05
12 (System) Changed action holders to Roman Danyliw (IESG state changed)
2022-08-05
12 Yaron Sheffer IESG process started in state Publication Requested
2022-08-05
12 Yaron Sheffer Tag Doc Shepherd Follow-up Underway cleared.
2022-08-05
12 Yaron Sheffer
# Document Shepherd Write-Up

## Document History

1. Does the working group (WG) consensus represent the strong concurrence of a
  few individuals, with others …
# Document Shepherd Write-Up

## Document History

1. Does the working group (WG) consensus represent the strong concurrence of a
  few individuals, with others being silent, or did it reach broad agreement?

There was previously WG consensus, but the WG has been dormant for a long time.

2. Was there controversy about particular points, or were there decisions where
  the consensus was particularly rough?

No controversy beyond the normal.

3. Has anyone threatened an appeal or otherwise indicated extreme discontent? If
  so, please summarize the areas of conflict in separate email messages to the
  responsible Area Director. (It should be in a separate email because this
  questionnaire is publicly available.)

No extreme discontent.

4. For protocol documents, are there existing implementations of the contents of
  the document? Have a significant number of potential implementers indicated
  plans to implement? Are any existing implementations reported somewhere,
  either in the document itself (as [RFC 7942][3] recommends) or elsewhere
  (where)?

There are multiple implementations. For example, this is a dependency of the GNAP protocol.

### Additional Reviews

5. Do the contents of this document closely interact with technologies in other
  IETF working groups or external organizations, and would it therefore benefit
  from their review? Have those reviews occurred? If yes, describe which
  reviews took place.

This is a dependency of GNAP, and GNAP participants have been involved in the latter development stages of this draft.

6. Describe how the document meets any required formal expert review criteria,
  such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.

N/A.

7. If the document contains a YANG module, has the final version of the module
  been checked with any of the [recommended validation tools][4] for syntax and
  formatting validation? If there are any resulting errors or warnings, what is
  the justification for not fixing them at this time? Does the YANG module
  comply with the Network Management Datastore Architecture (NMDA) as specified
  in [RFC 8342][5]?

N/A.

8. Describe reviews and automated checks performed to validate sections of the
  final version of the document written in a formal language, such as XML code,
  BNF rules, MIB definitions, CBOR's CDDL, etc.

N/A.

### Document Shepherd Checks

9. Based on the shepherd's review of the document, is it their opinion that this
  document is needed, clearly written, complete, correctly designed, and ready
  to be handed off to the responsible Area Director?

Yes to all.

10. Several IETF Areas have assembled [lists of common issues that their
  reviewers encounter][6]. For which areas have such issues been identified
  and addressed? For which does this still need to happen in subsequent
  reviews?

I have reviewed the SEC list and nothing much applies to this draft.

11. What type of RFC publication is being requested on the IETF stream ([Best
  Current Practice][12], [Proposed Standard, Internet Standard][13],
  [Informational, Experimental or Historic][14])? Why is this the proper type
  of RFC? Do all Datatracker state attributes correctly reflect this intent?

Proposed Standard, and I agree this is the appropriate type of publication.

12. Have reasonable efforts been made to remind all authors of the intellectual
  property rights (IPR) disclosure obligations described in [BCP 79][8]? To
  the best of your knowledge, have all required disclosures been filed? If
  not, explain why. If yes, summarize any relevant discussion, including links
  to publicly-available messages when applicable.

Yes, as far as I'm aware there is no IPR associated with the draft. Specifically, this has been confirmed by two of the authors (Annabelle and Prachi) but I have not received a response from the third (Marius).

13. Has each author, editor, and contributor shown their willingness to be
  listed as such? If the total number of authors and editors on the front page
  is greater than five, please provide a justification.

Again, two of the authors have been recently active, while one has not been in touch for a long time.

14. Document any remaining I-D nits in this document. Simply running the [idnits
  tool][8] is not enough; please review the ["Content Guidelines" on
  authors.ietf.org][15]. (Also note that the current idnits tool generates
  some incorrect warnings; a rewrite is underway.)

* The reference to the definition of JSON is to RFC 7159 instead of the newer RFC 8259.
* A few example phone numbers do not follow the [guidelines](https://authors.ietf.org/example-addresses).

15. Should any informative references be normative or vice-versa? See the [IESG
  Statement on Normative and Informative References][16].

The references are classified correctly. Two non-IETF normative references (to E.164 numbering and to Distributed Identifiers) are in my opinion stable.

16. List any normative references that are not freely available to anyone. Did
  the community have sufficient access to review any such normative
  references?

None.

17. Are there any normative downward references (see [RFC 3967][9] and [BCP
  97
][10]) that are not already listed in the [DOWNREF registry][17]? If so,
  list them.

No.

18. Are there normative references to documents that are not ready to be
  submitted to the IESG for publication or are otherwise in an unclear state?
  If so, what is the plan for their completion?

No.

19. Will publication of this document change the status of any existing RFCs? If
  so, does the Datatracker metadata correctly reflect this and are those RFCs
  listed on the title page, in the abstract, and discussed in the
  introduction? If not, explain why and point to the part of the document
  where the relationship of this document to these other RFCs is discussed.

No such RFCs.

20. Describe the document shepherd's review of the IANA considerations section,
  especially with regard to its consistency with the body of the document.
  Confirm that all aspects of the document requiring IANA assignments are
  associated with the appropriate reservations in IANA registries. Confirm
  that any referenced IANA registries have been clearly identified. Confirm
  that each newly created IANA registry specifies its initial contents,
  allocations procedures, and a reasonable name (see [RFC 8126][11]).

The IANA Considerations section is complete and very clear.

21. List any new IANA registries that require Designated Expert Review for
  future allocations. Are the instructions to the Designated Expert clear?
  Please include suggestions of designated experts, if appropriate.

The only registry defined requires a Designated Expert and provides reasonable instructions.

[1]: https://www.ietf.org/about/groups/iesg/
[2]: https://www.rfc-editor.org/rfc/rfc4858.html
[3]: https://www.rfc-editor.org/rfc/rfc7942.html
[4]: https://trac.ietf.org/trac/ops/wiki/yang-review-tools
[5]: https://www.rfc-editor.org/rfc/rfc8342.html
[6]: https://trac.ietf.org/trac/iesg/wiki/ExpertTopics
[7]: https://www.rfc-editor.org/info/bcp79
[8]: https://www.ietf.org/tools/idnits/
[9]: https://www.rfc-editor.org/rfc/rfc3967.html
[10]: https://www.rfc-editor.org/info/bcp97
[11]: https://www.rfc-editor.org/rfc/rfc8126.html
[12]: https://www.rfc-editor.org/rfc/rfc2026.html#section-5
[13]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.1
[14]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.2
[15]: https://authors.ietf.org/en/content-guidelines-overview
[16]: https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/
[17]: https://datatracker.ietf.org/doc/downref/
2022-07-25
12 Yaron Sheffer Tag Doc Shepherd Follow-up Underway set.
2022-07-25
12 Yaron Sheffer IETF WG state changed to WG Consensus: Waiting for Write-Up from WG Document
2022-07-25
12 Yaron Sheffer Notification list changed to yaronf.ietf@gmail.com because the document shepherd was set
2022-07-25
12 Yaron Sheffer Document shepherd changed to Yaron Sheffer
2022-07-24
12 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-12.txt
2022-07-24
12 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2022-07-24
12 Prachi Jain Uploaded new revision
2022-04-21
11 Prachi Jain New version available: draft-ietf-secevent-subject-identifiers-11.txt
2022-04-21
11 Prachi Jain New version accepted (logged-in submitter: Prachi Jain)
2022-04-21
11 Prachi Jain Uploaded new revision
2022-03-23
10 Amy Vezza Shepherding AD changed to Roman Danyliw
2022-03-07
10 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-10.txt
2022-03-07
10 (System) New version approved
2022-03-07
10 (System) Request for posting confirmation emailed to previous authors: Annabelle Backman , Marius Scurtescu , secevent-chairs@ietf.org
2022-03-07
10 Annabelle Backman Uploaded new revision
2022-02-26
09 Yaron Sheffer IETF WG state changed to WG Document
2022-02-26
09 Yaron Sheffer Notification list changed to none
2022-02-26
09 Yaron Sheffer Changed group to Security Events (SECEVENT)
2022-02-26
09 Yaron Sheffer Changed stream to IETF
2022-02-25
09 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-09.txt
2022-02-25
09 (System) New version approved
2022-02-25
09 (System) Request for posting confirmation emailed to previous authors: Annabelle Backman , Marius Scurtescu
2022-02-25
09 Annabelle Backman Uploaded new revision
2021-11-25
08 (System) Document has expired
2021-05-24
08 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-08.txt
2021-05-24
08 (System) New version accepted (logged-in submitter: Annabelle Backman)
2021-05-24
08 Annabelle Backman Uploaded new revision
2021-03-08
07 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-07.txt
2021-03-08
07 (System) New version approved
2021-03-08
07 (System) Request for posting confirmation emailed to previous authors: Annabelle Backman , Marius Scurtescu
2021-03-08
07 Annabelle Backman Uploaded new revision
2021-03-08
06 (System) Document has expired
2020-09-04
06 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-06.txt
2020-09-04
06 (System) New version accepted (logged-in submitter: Annabelle Backman)
2020-09-04
06 Annabelle Backman Uploaded new revision
2020-01-25
05 (System) Document has expired
2019-11-20
05 Benjamin Kaduk Shepherding AD changed to Benjamin Kaduk
2019-11-19
05 Yaron Sheffer The SecEvent WG will not move forward with this document. However, the group is not opposed to the document being published elsewhere,
2019-11-19
05 Yaron Sheffer Changed stream to None from IETF
2019-11-19
05 Yaron Sheffer State changed to None from In WG Last Call
2019-08-07
05 Yaron Sheffer IETF WG state changed to In WG Last Call from WG Document
2019-08-07
05 Yaron Sheffer Changed consensus to Yes from Unknown
2019-08-07
05 Yaron Sheffer Intended Status changed to Proposed Standard from None
2019-07-24
05 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-05.txt
2019-07-24
05 (System) New version approved
2019-07-24
05 (System) Request for posting confirmation emailed to previous authors: Marius Scurtescu , Annabelle Backman
2019-07-24
05 Annabelle Backman Uploaded new revision
2019-07-23
04 Dick Hardt Added to session: IETF-105: secevent  Tue-1330
2019-07-08
04 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-04.txt
2019-07-08
04 (System) New version approved
2019-07-08
04 (System) Request for posting confirmation emailed to previous authors: Marius Scurtescu , Annabelle Backman
2019-07-08
04 Annabelle Backman Uploaded new revision
2019-03-24
03 Yaron Sheffer Added to session: IETF-104: secevent  Wed-0900
2019-03-11
03 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-03.txt
2019-03-11
03 (System) New version approved
2019-03-11
03 (System) Request for posting confirmation emailed to previous authors: Marius Scurtescu , Annabelle Backman
2019-03-11
03 Annabelle Backman Uploaded new revision
2018-11-06
02 Yaron Sheffer Added to session: IETF-103: secevent  Wed-0900
2018-10-23
02 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-02.txt
2018-10-23
02 (System) New version approved
2018-10-23
02 (System) Request for posting confirmation emailed to previous authors: secevent-chairs@ietf.org, Marius Scurtescu , Annabelle Backman
2018-10-23
02 Annabelle Backman Uploaded new revision
2018-10-22
01 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-01.txt
2018-10-22
01 (System) New version approved
2018-10-22
01 (System) Request for posting confirmation emailed to previous authors: Marius Scurtescu , Annabelle Backman
2018-10-22
01 Annabelle Backman Uploaded new revision
2018-07-18
00 Yaron Sheffer Added to session: IETF-102: secevent  Fri-0930
2018-07-18
00 Dick Hardt This document now replaces draft-backman-secevent-subject-identifiers instead of None
2018-07-18
00 Annabelle Backman New version available: draft-ietf-secevent-subject-identifiers-00.txt
2018-07-18
00 (System) WG -00 approved
2018-07-18
00 Annabelle Backman Set submitter to "Annabelle Backman ", replaces to draft-backman-secevent-subject-identifiers and sent approval email to group chairs: secevent-chairs@ietf.org
2018-07-18
00 Annabelle Backman Uploaded new revision