[abfab] Last Call: <draft-ietf-abfab-aaa-saml-13.txt> (A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML) to Proposed Standard
The IESG <iesg-secretary@ietf.org> Mon, 14 December 2015 14:38 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: abfab@ietf.org
Delivered-To: abfab@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 841261A1B92; Mon, 14 Dec 2015 06:38:00 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.11.0
Auto-Submitted: auto-generated
Precedence: bulk
Sender: iesg-secretary@ietf.org
Message-ID: <20151214143800.13506.88879.idtracker@ietfa.amsl.com>
Date: Mon, 14 Dec 2015 06:38:00 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/4yzmWz_3jeqHMVZmSYJqGf700j4>
Cc: abfab@ietf.org, abfab-chairs@ietf.org, draft-ietf-abfab-aaa-saml@ietf.org
Subject: [abfab] Last Call: <draft-ietf-abfab-aaa-saml-13.txt> (A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML) to Proposed Standard
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Dec 2015 14:38:00 -0000
The IESG has received a request from the Application Bridging for Federated Access Beyond web WG (abfab) to consider the following document: - 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML' <draft-ietf-abfab-aaa-saml-13.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-12-28. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes the use of the Security Assertion Mark-up Language (SAML) with RADIUS in the context of the ABFAB architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion query/request, enabling a Relying Party to request authentication of, or assertions for, users or machines (Clients). These Clients may be named using a NAI name identifier format. Finally, the subject confirmation methods allow requests and queries to be issued for a previously authenticated user or machine without needing to explicitly identify them as the subject. The use of the artifacts defined in this document is not exclusive to ABFAB. They can be applied in any AAA scenario, such as the network access control. This is a second last call. The previous one was for this as an informational RFC, but turns out that was an error so this repeats the last call but for proposed standard. There is also a normative downref to RFC6614 which is experimental. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ballot/ No IPR declarations have been submitted directly on this I-D.