Added format field to complex subjects and updated examples

tulshi · tulshi · commit 09c9c88f1c70 · 2023-06-21T12:01:18.000-07:00
diff --git a/openid-sharedsignals-framework-1_0.html b/openid-sharedsignals-framework-1_0.html
@@ -1516,7 +1516,10 @@ <h2 id="abstract"><a href="#abstract" class="selfRef">Abstract</a></h2>
             <p id="section-toc.1-1.15.1"><a href="#appendix-B" class="auto internal xref">Appendix B</a>.  <a href="#name-notices" class="internal xref">Notices</a></p>
 </li>
           <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.16">
-            <p id="section-toc.1-1.16.1"><a href="#appendix-C" class="auto internal xref"></a><a href="#name-authors-addresses" class="internal xref">Authors' Addresses</a></p>
+            <p id="section-toc.1-1.16.1"><a href="#appendix-C" class="auto internal xref"></a><a href="#name-contributors" class="internal xref">Contributors</a></p>
+</li>
+          <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.17">
+            <p id="section-toc.1-1.17.1"><a href="#appendix-D" class="auto internal xref"></a><a href="#name-authors-addresses" class="internal xref">Authors' Addresses</a></p>
 </li>
         </ul>
 </nav>
@@ -1598,8 +1601,9 @@ <h3 id="name-complex-subject-members">
 <a href="#section-3.2" class="section-number selfRef">3.2. </a><a href="#name-complex-subject-members" class="section-name selfRef">Complex Subject Members</a>
         </h3>
 <p id="section-3.2-1">A Complex Subject Member has a name and a value that is a JSON <span>[<a href="#RFC7159" class="cite xref">RFC7159</a>]</span>
-object that has one or more Simple Subject Members. The name of each Simple
-Subject Member in this value MAY be one of the following:<a href="#section-3.2-1" class="pilcrow">¶</a></p>
+object that has a format field, and one or more Simple Subject Members. The name
+of the format field is "format", and its value is "complex". The name of each
+Simple Subject Member in this value MAY be one of the following:<a href="#section-3.2-1" class="pilcrow">¶</a></p>
 <p id="section-3.2-2">user<a href="#section-3.2-2" class="pilcrow">¶</a></p>
 <ul class="normal ulEmpty">
 <li class="normal ulEmpty" id="section-3.2-3.1">
@@ -1650,6 +1654,7 @@ <h3 id="name-complex-subject-members">
           <div class="lang-json sourcecode" id="section-3.2-18.1">
 <pre>
 "transferee": {
+  "format": "complex",
   "user" : {
     "format": "email",
     "email": "bar@example.com"
@@ -1863,6 +1868,7 @@ <h2 id="name-example-sets-that-conform-t">
   "events": {
     "https://schemas.openid.net/secevent/caep/event-type/session-revoked": {
       "subject": {
+          "format": "complex",
           "user": {
               "format": "iss_sub",
               "iss": "https://idp.example.com/3957ea72-1b66-44d6-a044-d805712b9288/",
@@ -3228,6 +3234,7 @@ <h5 id="name-reading-a-streams-status">
 {
   "status": "enabled",
   "subject": {
+    "format": "complex",
     "tenant" : {
       "format" : "iss_sub",
       "iss" : "http://example.com/idp1",
@@ -3362,6 +3369,7 @@ <h5 id="name-updating-a-streams-status">
   "stream_id": "f67e39a0a4d34d56b3aa1bc4cff0069f",
   "status": "paused",
   "subject": {
+    "format": "complex",
     "tenant" : {
       "format" : "iss_sub",
       "iss" : "http://example.com/idp1",
@@ -3890,6 +3898,7 @@ <h4 id="name-stream-updated-event">
   "events": {
     "https://schemas.openid.net/secevent/ssf/event-type/stream-updated": {
       "subject": {
+        "format" : "complex",
         "tenant" : {
           "format": "iss_sub",
           "iss" : "http://example.com/idp1",
@@ -4466,8 +4475,24 @@ <h2 id="name-notices">
 <p id="appendix-B-3">The technology described in this specification was made available from contributions from various sources, including members of the OpenID Foundation and others. Although the OpenID Foundation has taken steps to help ensure that the technology is available for distribution, it takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this specification or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any independent effort to identify any such rights. The OpenID Foundation and the contributors to this specification make no (and hereby expressly disclaim any) warranties (express, implied, or otherwise), including implied warranties of merchantability, non-infringement, fitness for a particular purpose, or title, related to this specification, and the entire risk as to implementing this specification is assumed by the implementer. The OpenID Intellectual Property Rights policy requires contributors to offer a patent promise not to assert certain patent claims against other contributors and against implementers. The OpenID Foundation invites any interested party to bring to its attention any copyrights, patents, patent applications, or other proprietary rights that may cover technology that may be required to practice this specification.<a href="#appendix-B-3" class="pilcrow">¶</a></p>
 </section>
 </div>
-<div id="authors-addresses">
+<div id="contributors">
 <section id="appendix-C">
+      <h2 id="name-contributors">
+<a href="#name-contributors" class="section-name selfRef">Contributors</a>
+      </h2>
+<address class="vcard">
+        <div dir="auto" class="left"><span class="fn nameRole">Steve Venema</span></div>
+<div dir="auto" class="left"><span class="org">ForgeRock</span></div>
+<div class="email">
+<span>Email:</span>
+<a href="mailto:steve.venema@forgerock.com" class="email">steve.venema@forgerock.com</a>
+</div>
+</address>
+<p id="appendix-C-1">Steve defined the format field of Complex Subjects<a href="#appendix-C-1" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="authors-addresses">
+<section id="appendix-D">
       <h2 id="name-authors-addresses">
 <a href="#name-authors-addresses" class="section-name selfRef">Authors' Addresses</a>
       </h2>
diff --git a/openid-sharedsignals-framework-1_0.md b/openid-sharedsignals-framework-1_0.md
@@ -52,6 +52,15 @@ author:
         org: Cisco
         email: smiel@cisco.com
 
+contributor:
+      -
+        ins: S. Venema
+        name: Steve Venema
+        org: ForgeRock
+        email: steve.venema@forgerock.com
+        contribution: |
+          Steve defined the format field of Complex Subjects
+
 normative:
   CLIENTCRED:
     author:
@@ -254,8 +263,9 @@ event.
 ## Complex Subject Members {#complex-subjects}
 
 A Complex Subject Member has a name and a value that is a JSON {{RFC7159}}
-object that has one or more Simple Subject Members. The name of each Simple
-Subject Member in this value MAY be one of the following:
+object that has a format field, and one or more Simple Subject Members. The name
+of the format field is "format", and its value is "complex". The name of each
+Simple Subject Member in this value MAY be one of the following:
 
 user
 
@@ -292,6 +302,7 @@ Below is a non-normative example of a Complex Subject claim in a SSF event.
 
 ~~~ json
 "transferee": {
+  "format": "complex",
   "user" : {
     "format": "email",
     "email": "bar@example.com"
@@ -439,6 +450,7 @@ The following are hypothetical examples of SETs that conform to the Shared Signa
   "events": {
     "https://schemas.openid.net/secevent/caep/event-type/session-revoked": {
       "subject": {
+          "format": "complex",
           "user": {
               "format": "iss_sub",
               "iss": "https://idp.example.com/3957ea72-1b66-44d6-a044-d805712b9288/",
@@ -1434,6 +1446,7 @@ Cache-Control: no-store
 {
   "status": "enabled",
   "subject": {
+    "format": "complex",
     "tenant" : {
       "format" : "iss_sub",
       "iss" : "http://example.com/idp1",
@@ -1521,6 +1534,7 @@ Authorization: Bearer eyJ0b2tlbiI6ImV4YW1wbGUifQo=
   "stream_id": "f67e39a0a4d34d56b3aa1bc4cff0069f",
   "status": "paused",
   "subject": {
+    "format": "complex",
     "tenant" : {
       "format" : "iss_sub",
       "iss" : "http://example.com/idp1",
@@ -1851,6 +1865,7 @@ subject
   "events": {
     "https://schemas.openid.net/secevent/ssf/event-type/stream-updated": {
       "subject": {
+	"format" : "complex",
         "tenant" : {
           "format": "iss_sub",
           "iss" : "http://example.com/idp1",
diff --git a/openid-sharedsignals-framework-1_0.txt b/openid-sharedsignals-framework-1_0.txt
@@ -127,6 +127,7 @@ Tulshibagwale, et al.        Standards Track                    [Page 2]
      13.2.  Informative References . . . . . . . . . . . . . . . . .  54
    Appendix A.  Acknowledgements . . . . . . . . . . . . . . . . . .  54
    Appendix B.  Notices  . . . . . . . . . . . . . . . . . . . . . .  54
+   Contributors  . . . . . . . . . . . . . . . . . . . . . . . . . .  55
    Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  55
 
 1.  Introduction
@@ -164,7 +165,6 @@ Tulshibagwale, et al.        Standards Track                    [Page 2]
 
 
 
-
 Tulshibagwale, et al.        Standards Track                    [Page 3]
 
                               SharedSignals                   March 2023
@@ -189,9 +189,10 @@ Tulshibagwale, et al.        Standards Track                    [Page 3]
 3.2.  Complex Subject Members
 
    A Complex Subject Member has a name and a value that is a JSON
-   [RFC7159] object that has one or more Simple Subject Members.  The
-   name of each Simple Subject Member in this value MAY be one of the
-   following:
+   [RFC7159] object that has a format field, and one or more Simple
+   Subject Members.  The name of the format field is "format", and its
+   value is "complex".  The name of each Simple Subject Member in this
+   value MAY be one of the following:
 
    user
 
@@ -220,7 +221,6 @@ Tulshibagwale, et al.        Standards Track                    [Page 3]
 
 
 
-
 Tulshibagwale, et al.        Standards Track                    [Page 4]
 
                               SharedSignals                   March 2023
@@ -238,6 +238,7 @@ Tulshibagwale, et al.        Standards Track                    [Page 4]
    event.
 
    "transferee": {
+     "format": "complex",
      "user" : {
        "format": "email",
        "email": "bar@example.com"
@@ -276,7 +277,6 @@ Tulshibagwale, et al.        Standards Track                    [Page 4]
 
 
 
-
 Tulshibagwale, et al.        Standards Track                    [Page 5]
 
                               SharedSignals                   March 2023
@@ -420,6 +420,7 @@ Tulshibagwale, et al.        Standards Track                    [Page 7]
      "events": {
        "https://schemas.openid.net/secevent/caep/event-type/session-revoked": {
          "subject": {
+             "format": "complex",
              "user": {
                  "format": "iss_sub",
                  "iss": "https://idp.example.com/3957ea72-1b66-44d6-a044-d805712b9288/",
@@ -444,7 +445,6 @@ Tulshibagwale, et al.        Standards Track                    [Page 7]
 
 
 
-
 Tulshibagwale, et al.        Standards Track                    [Page 8]
 
                               SharedSignals                   March 2023
@@ -1831,6 +1831,7 @@ Tulshibagwale, et al.        Standards Track                   [Page 32]
    {
      "status": "enabled",
      "subject": {
+       "format": "complex",
        "tenant" : {
          "format" : "iss_sub",
          "iss" : "http://example.com/idp1",
@@ -1841,7 +1842,6 @@ Tulshibagwale, et al.        Standards Track                   [Page 32]
 
               Figure 30: Example: Check Stream Status Response
 
-   Errors are signaled with HTTP status codes as follows:
 
 
 
@@ -1850,6 +1850,8 @@ Tulshibagwale, et al.        Standards Track                   [Page 33]
                               SharedSignals                   March 2023
 
 
+   Errors are signaled with HTTP status codes as follows:
+
      +======+========================================================+
      | Code | Description                                            |
      +======+========================================================+
@@ -1896,8 +1898,6 @@ Tulshibagwale, et al.        Standards Track                   [Page 33]
 
       REQUIRED.  The stream whose status is being updated.
 
-   status
-
 
 
 
@@ -1906,6 +1906,8 @@ Tulshibagwale, et al.        Standards Track                   [Page 34]
                               SharedSignals                   March 2023
 
 
+   status
+
       REQUIRED.  The new status of the Event Stream.
 
    subject
@@ -1955,8 +1957,6 @@ Tulshibagwale, et al.        Standards Track                   [Page 34]
 
 
 
-
-
 Tulshibagwale, et al.        Standards Track                   [Page 35]
 
                               SharedSignals                   March 2023
@@ -1970,6 +1970,7 @@ Tulshibagwale, et al.        Standards Track                   [Page 35]
      "stream_id": "f67e39a0a4d34d56b3aa1bc4cff0069f",
      "status": "paused",
      "subject": {
+       "format": "complex",
        "tenant" : {
          "format" : "iss_sub",
          "iss" : "http://example.com/idp1",
@@ -2012,7 +2013,6 @@ Tulshibagwale, et al.        Standards Track                   [Page 35]
 
 
 
-
 Tulshibagwale, et al.        Standards Track                   [Page 36]
 
                               SharedSignals                   March 2023
@@ -2478,6 +2478,7 @@ Tulshibagwale, et al.        Standards Track                   [Page 44]
      "events": {
        "https://schemas.openid.net/secevent/ssf/event-type/stream-updated": {
          "subject": {
+           "format" : "complex",
            "tenant" : {
              "format": "iss_sub",
              "iss" : "http://example.com/idp1",
@@ -2516,7 +2517,6 @@ Tulshibagwale, et al.        Standards Track                   [Page 44]
 
 
 
-
 Tulshibagwale, et al.        Standards Track                   [Page 45]
 
                               SharedSignals                   March 2023
@@ -3038,6 +3038,15 @@ Tulshibagwale, et al.        Standards Track                   [Page 54]
    patents, patent applications, or other proprietary rights that may
    cover technology that may be required to practice this specification.
 
+Contributors
+
+   Steve Venema
+   ForgeRock
+   Email: steve.venema@forgerock.com
+
+
+   Steve defined the format field of Complex Subjects
+
 Authors' Addresses
 
    Atul Tulshibagwale
@@ -3065,6 +3074,14 @@ Authors' Addresses
    Email: secevemt@ve7jtb.com
 
 
+
+
+
+Tulshibagwale, et al.        Standards Track                   [Page 55]
+
+                              SharedSignals                   March 2023
+
+
    Shayne Miel
    Cisco
    Email: smiel@cisco.com
@@ -3077,4 +3094,43 @@ Authors' Addresses
 
 
 
-Tulshibagwale, et al.        Standards Track                   [Page 55]
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Tulshibagwale, et al.        Standards Track                   [Page 56]
