Difference between revisions of "Subject"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(Solutions)
Line 11: Line 11:
 
==Solutions==
 
==Solutions==
 
*See [[C2B]] and [[C2G]] for descriptions of interactions of the [[Consumer]] with [[Business]] or [[Government]].
 
*See [[C2B]] and [[C2G]] for descriptions of interactions of the [[Consumer]] with [[Business]] or [[Government]].
*The Subject Identifier in OpenID Connect is an identifier that (if pairwise is specified) is only valid for representing the subject of an interchange between one OpenID Provider and one Relying Party (Client.)
+
*The Subject Identifier in [[OpenID Connect]] is an identifier that (if pairwise is specified) is only valid for representing the subject of an interchange between one OpenID Provider and one Relying Party (Client.)
 
*In a recent draft RFC<ref>A. Backman +1, ''Subject Identifiers for Security Event Tokens'' https://datatracker.ietf.org/doc/draft-ietf-secevent-subject-identifiers/</ref> the subject identifiers as named sets of well-defined claims describing the subject, a mechanism for representing subject identifiers within a [JSON] object such as a JSON Web Token [JWT] or Security Event Token [SET], and a registry for defining and allocating names for these claim sets.
 
*In a recent draft RFC<ref>A. Backman +1, ''Subject Identifiers for Security Event Tokens'' https://datatracker.ietf.org/doc/draft-ietf-secevent-subject-identifiers/</ref> the subject identifiers as named sets of well-defined claims describing the subject, a mechanism for representing subject identifiers within a [JSON] object such as a JSON Web Token [JWT] or Security Event Token [SET], and a registry for defining and allocating names for these claim sets.
  

Revision as of 14:22, 25 July 2018

Full Title or Meme

The subject of a transaction on the internet

Context

  • Depending on the context the Subject can be a natural individual, also known as a carbon-based life form, or a legal person, which will be either a Business or Government.
  • Typically the term User is more likely to be a natural individual, also known as a carbon-based life form.

Problems

Usages of the terms related to the subject of an interchange are not consistent, even within a single document, so caution is advised.

Solutions

  • See C2B and C2G for descriptions of interactions of the Consumer with Business or Government.
  • The Subject Identifier in OpenID Connect is an identifier that (if pairwise is specified) is only valid for representing the subject of an interchange between one OpenID Provider and one Relying Party (Client.)
  • In a recent draft RFC[1] the subject identifiers as named sets of well-defined claims describing the subject, a mechanism for representing subject identifiers within a [JSON] object such as a JSON Web Token [JWT] or Security Event Token [SET], and a registry for defining and allocating names for these claim sets.

References

Alternate terms for the Subject are Consumer, User, and Principal which terms have slightly different connotations.
  1. A. Backman +1, Subject Identifiers for Security Event Tokens https://datatracker.ietf.org/doc/draft-ietf-secevent-subject-identifiers/