So where this might fit together is that SET simply profiles JWT so that an
event can be expressed in secureable JSON format. We define only a set of
attributes necessary to validate and secure events, but pretty much leave the
data of the event up to “profiling” specifications that build on it.
A number of us ended up bringing this together because there was a number of
independent efforts to express very different events doing almost the same
From my quick scan, one of the options would be that these events could be
expressed as a profile of SET.
I plan to do the same for SCIM, as does RISC, etc. The OpenID Logout specs
already use SET.
> On Oct 14, 2016, at 7:33 AM, Adrian Farrel <adr...@olddog.co.uk> wrote:
> Just wanted to flag
> https://datatracker.ietf.org/doc/draft-zhang-i2nsf-info-model-monitoring/ in
> context of the Security Event BoF/WG.
> Not sure where this sits with the Security Event work, but I2NSF seems to see
> the draft as fairly important.
> Id-event mailing list
I2nsf mailing list