Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 08 January 2016 13:33 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADF661B29BB for <abfab@ietfa.amsl.com>; Fri, 8 Jan 2016 05:33:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.011
X-Spam-Level:
X-Spam-Status: No, score=-4.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EvlMEeRtTuBX for <abfab@ietfa.amsl.com>; Fri, 8 Jan 2016 05:33:47 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CA681B29BA for <abfab@ietf.org>; Fri, 8 Jan 2016 05:33:44 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 5CAFBBE58; Fri, 8 Jan 2016 13:33:42 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id igHcjvRmmicl; Fri, 8 Jan 2016 13:33:40 +0000 (GMT)
Received: from [10.87.48.91] (unknown [86.46.21.60]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 7C0B9BE2C; Fri, 8 Jan 2016 13:33:40 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1452260020; bh=49RImdRIWhbiPHHjgEN4x2/HMvphUBoMNRSP30iUbzM=; h=Subject:To:References:From:Date:In-Reply-To:From; b=HfqLwG3Xx0RHydTp8FuQUHL3MuxU2zGPlXZB2ZJexSfAj2dvGTprjKb2feGUf6ssZ J5OK560ThuJqYgLM8hpJLcM7yQSd+JDY4EPWdNL5N6O23dbkhkVs9phVAsw5YL8Ffh Vag2Hxm+U/ESF3PhhsSdSFWqjgB7LiQm+d7CCJbQ=
To: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= <alex@um.es>, abfab@ietf.org
References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> <568F8678.3070108@um.es>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <568FBAB4.5010909@cs.tcd.ie>
Date: Fri, 8 Jan 2016 13:33:40 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <568F8678.3070108@um.es>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/8exRagzMRP1BlpFbmLx9-Ownd8Y>
Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT)
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2016 13:33:49 -0000

Hiya,

On 08/01/16 09:50, Alejandro Pérez Méndez wrote:
> Hi Barry, Alice,

I'm not sure if Barry and Alissa are on this list but in any
case, the thing to do is to reply to their comments and then
if there are changes needed, yes please shoot out a -14 with
*only* those changes. At that point I can send the approved
message and the document will be sent to the RFC editor for
processing.

Cheers,
S.

> 
> thanks for the review. Should I generate a -14 version in order to
> address these comments or can this be done in an editing phase without a
> new version?
> 
> Regards,
> Alejandro
> 
> El 07/01/16 a las 02:46, Barry Leiba escribió:
>> Barry Leiba has entered the following ballot position for
>> draft-ietf-abfab-aaa-saml-13: No Objection
>>
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>>
>>
>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>> for more information about IESG DISCUSS and COMMENT positions.
>>
>>
>> The document, along with other ballot positions, can be found here:
>> https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/
>>
>>
>>
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>>
>> Because abfab-arch defines the terms "Client", "Relying Party", and
>> "Identity Provider", I think abfab-arch should be a normative reference.
>>
>> -- Section 3 --
>>
>>     The RADIUS SAML binding defined in Section 4 of this document uses
>>     two attributes to convey SAML assertions and protocol messages
>>     respectively [OASIS.saml-core-2.0-os]
>>
>> Nit: "respectively" is out of place here, and should be removed.  You
>> would only use "respectively" if you named the two attributes ("...uses
>> two attributes, SAML-Assertion and SAML-Protocol, to convey SAML
>> assertions and protocol messages, respectively.").
>>
>> -- Section 7.3.5 --
>>
>>     If issued by the Identity Provider, the Relying Party MUST process
>>     the <samlp:Response> message and any enclosed assertion elements as
>>     described in [OASIS.saml-core-2.0-os]
>>
>> "If issued" is dangling, and  makes it look like the Relying Party is
>> issued by the Identity Provider.
>>
>> NEW
>>     If a <samlp:Response> message is issued by the Identity Provider,
>>     the Relying Party MUST process that message and any enclosed
>>     assertion elements as described in [OASIS.saml-core-2.0-os]
>> END
>>
>> -- Section 11.2 --
>> Thank you; this section is well done.
>>
>>
>> _______________________________________________
>> abfab mailing list
>> abfab@ietf.org
>> https://www.ietf.org/mailman/listinfo/abfab
> 
> _______________________________________________
> abfab mailing list
> abfab@ietf.org
> https://www.ietf.org/mailman/listinfo/abfab