Shayne Miel (he/him)
Shayne Miel (he/him)
In section 7.1.1.1, we say that the stream creation request MAY include any Receiver-supplied fields, and then we list `events_requested` and `delivery`. We should either include `description` as well, or...
Start from [this interop document](https://docs.google.com/document/d/1VXftKfqZuIaYH_pC8QO0A27UhTBVUdad4BeSO_elXTA/edit) We can discuss the details in the comments of this issue.
The second recommendation from the final security audit: As we note in Section 2.6, poll endpoint URLs are not required to be secret, i.e., SETs could be requested by any...
The first recommendation from the final security audit: While Receivers are mandated to validate the audience value in SETs (due to [RFC7519, Section 4.1.3]), they are currently not required to...
We describe the `delivery` field of the Transmitter configuration twice, once in 7.1.1 and again in 10.3.1. In 7.1.1 we point out that it contains a `method` and an `endpoint_url`,...
In section 7.1.3 we explain how Complex Subjects match when field types are undefined. We need to add an example or two because this text is fairly dense. We should...
Fixes: - #194 - #186
The SSF spec talks a lot about the moment that a Transmitter sends an event to a Receiver. However, that is not the only moment in the lifecycle of an...
The SSF spec made a good choice relying on the Subject Identifiers specification to identify the subjects being referred to in the events flowing over the stream. However, that same...
Once v1 is finalized, we can add "invalid_state" to the official SET error codes recognized in the IANA registry here: https://www.iana.org/assignments/secevent/secevent.xhtml#secevent-error-codes