Re: [abfab] Direction Forward for aaa-saml

"Cantor, Scott" <cantor.2@osu.edu> Wed, 22 July 2015 16:36 UTC

Return-Path: <cantor.2@osu.edu>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0DC31A89FB for <abfab@ietfa.amsl.com>; Wed, 22 Jul 2015 09:36:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k7KcTbuNU3zH for <abfab@ietfa.amsl.com>; Wed, 22 Jul 2015 09:36:41 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0728.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:728]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE5061A8A9A for <abfab@ietf.org>; Wed, 22 Jul 2015 09:36:40 -0700 (PDT)
Received: from BN1BFFO11FD008.protection.gbl (10.58.144.32) by BN1BFFO11HUB013.protection.gbl (10.58.144.160) with Microsoft SMTP Server (TLS) id 15.1.213.8; Wed, 22 Jul 2015 16:36:24 +0000
Authentication-Results: spf=pass (sender IP is 164.107.81.220) smtp.mailfrom=osu.edu; ietf.org; dkim=none (message not signed) header.d=none;
Received-SPF: Pass (protection.outlook.com: domain of osu.edu designates 164.107.81.220 as permitted sender) receiver=protection.outlook.com; client-ip=164.107.81.220; helo=cio-tnc-pf06.osuad.osu.edu;
Received: from cio-tnc-pf06.osuad.osu.edu (164.107.81.220) by BN1BFFO11FD008.mail.protection.outlook.com (10.58.144.71) with Microsoft SMTP Server (TLS) id 15.1.225.13 via Frontend Transport; Wed, 22 Jul 2015 16:36:23 +0000
Received: from CIO-KRC-HT04.osuad.osu.edu (localhost [127.0.0.1]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by cio-tnc-pf06.osuad.osu.edu (Postfix) with ESMTPS id 124453C004C; Wed, 22 Jul 2015 12:34:08 -0400 (EDT)
Received: from CIO-TNC-D2MBX02.osuad.osu.edu ([fe80::3960:dd86:ba2:ad26]) by CIO-KRC-HT04.osuad.osu.edu ([fe80::2d93:5c00:ad4e:861d%10]) with mapi id 14.03.0224.002; Wed, 22 Jul 2015 12:36:21 -0400
From: "Cantor, Scott" <cantor.2@osu.edu>
To: Sam Hartman <hartmans@painless-security.com>
Thread-Topic: [abfab] Direction Forward for aaa-saml
Thread-Index: AQHQxJvuqOsHJ1Kgwk2OrlaTR/AXL53nr9yA
Date: Wed, 22 Jul 2015 16:36:21 +0000
Message-ID: <27CB306A-81E3-496E-8CBE-461CC58B8352@osu.edu>
References: <tslwpxsy0ql.fsf@mit.edu> <8E4E5965-0E43-4ABD-8853-8A6C7C6926C5@mnt.se> <tsloaj4xzvr.fsf@mit.edu> <0B96365A-4F6B-427A-9A87-70F069473F84@mnt.se> <tsl7fpsxrve.fsf@mit.edu> <0A08B89E-5533-4E34-9014-97C0D7877B6E@osu.edu> <tslio9cw8yd.fsf@mit.edu> <D143C9FB-F878-49C1-89C4-6A494714A3EC@mnt.se> <tslegk0w7iw.fsf@mit.edu> <1FA8CCED-221E-4A88-B525-BF46FAA53A3F@mnt.se> <55AFC0E3.8030500@um.es> <tslpp3kuq2f.fsf@mit.edu> <55AFC24C.3070205@sunet.se> <tslh9owuptm.fsf@mit.edu> <55AFC37D.1040607@mnt.se> <tsl4mkwupis.fsf@mit.edu> <A03FA174-B811-4B78-96D7-4C18C84CB30B@osu.edu> <tslzj2otaps.fsf@mit.edu>
In-Reply-To: <tslzj2otaps.fsf@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [128.146.14.100]
Content-Type: text/plain; charset="utf-8"
Content-ID: <5EA297FB7DB81148BF08421C2A171BFE@osu.edu>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11FD008; 1:RRIHzKNl6vQ81nDhba85QWpf8XprOsk7dG/m5I56nl74UENDWYeooonS3dygP2hccZndFAfGUGyGcKObRAGjC7yuVjPnFwE4HBac1tW6i2wEqHN4gF9kiG+dUR1uNuEQ0IZOloIdM6XoHgxPnN3ihrbtRuCzEroTDcwN2xekIVq91kGfD9RSYe2++TPD2OCKuoqqq2dBQZ8gNhfesEwIj/TyFaIaHIzw5D19ulFIJzxu5rah6JVJSYLmU5+KL33SW0P/BDfTALIGRdxnB3dDnXWeA3GMexSMKYI2EDBXYzQcDMBEGUwQHkw8Kv3YnXsA
X-Forefront-Antispam-Report: CIP:164.107.81.220; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(2980300002)(438002)(377454003)(189002)(479174004)(24454002)(199003)(82746002)(77156002)(110136002)(90282001)(36756003)(6806004)(19580395003)(54356999)(93346002)(19580405001)(5003600100002)(50466002)(23676002)(83716003)(189998001)(75432002)(2656002)(87936001)(93886004)(92566002)(86362001)(76176999)(47776003)(66066001)(2950100001)(89122001)(102836002)(106466001)(5250100002)(109096001)(2900100001)(106116001)(50986999)(33656002)(46102003)(62966003); DIR:OUT; SFP:1102; SCL:1; SRVR:BN1BFFO11HUB013; H:cio-tnc-pf06.osuad.osu.edu; FPR:; SPF:Pass; MLV:sfv; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11HUB013; 2:NaPry15/+13qYtjnpEWvIuznZj4y6nbiwNoe83pPhgQiN7usmB+C1+RbP73KTcyT; 3:oqXv/B9uyC0yLTn1N9F52LSC8hrxSyGVsX4tv63OiHmGO1nMwDX3/tvLKw5DrX+SQHeYim9e2SbttLEf7vMbSAUco36PGKp/g/QTixDBEZYspGhpHC0/4YraMdH11cUNjt2qBxnQOhEV1ZQcMV7qfAqF+VT7kT+FBAyQS2t6ANFzldGZnznjmhwSQokGcrvhisY0kvCJnJ6HOSnZnRQb85Cc06JvGe++rchrp0F2MLcKRjeu7weKmt8GLQXbXd50; 25:gsVe+byWN7u/RVcQJZWOSmhwSGjQiISZXBgEu2BQ/l1LkiFF3X3BQyCDAaG3F+qY7igCL5aemoFVxcJf7jxWaWwogvQqEaZ2YRkkbaNDVAaMgzyrYP51a26gK5E53ap5SqKj8/ZH4N/A9uIoRBT8QNBumIiGLAndsl7Ak5me0ZjTmB570BjDiMx3tgQqLP/EUdAWt0JyYyt85/JulNH1RVRVvFOXSLNqU/gQwra6jR90dL9YcPckYdN6c0TUdgkqrzk9rXiNJeq2nDEM+Z2/AQ==
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN1BFFO11HUB013;
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11HUB013; 20:dBYxAp3cIF6NX9Vx7OWkpHh+M+yUtJ+UrLjKBtqW6fEevElXaj9GuzcTeOapLKwYSv4Rpu4vLcPw8y6UAkgiOtzUmqvjcQrWLZFO0JZKBlJZ6tFn0sR932MYgQDGAtyMtxMOkUIDSvhx+QyOmGk2/z/tsI4kEKCuUm/D2fn8X3tC4UEw88e3vo5NFeBhtCphaylmanVFjut+/8XAj3REmXYigPDTLMKUtY58h+pnwfM8YTAxe+sZmEctHD8kLfuKjwxonObxObrlQkvzsbiOt6dL+Omi1LTDpPoTgoE3klUWRCBvXxk+SudU5aw2n1jtXhu5c3l05OmRMse0mkpyvubxTZgyJAo0HlSeVMa7ZIsGHxJofRV5hyml2mFXLeNBck3+yjZ2k/9OimTIeyCNq/gKgmoB+C4B/cCUQcXP1aiyYwKe493w+OTbBO1FlpHExq0ERx2EuxnGDCOWnNGAJrtANAbHnRgGWD+ZAe4og8z8cBSDGf8DsFZAFHBqOkb9; 4:+atio1NdXl07WQvwvpmvup3JfxkJry8HqT1wJT+yy7kjmgnl6hzyZlPzikCIHI5fL/8t474akmRJGBeGhObTF3N8F4u+7axpEyqN4uxh2GL9Hwde3k1/0eaFpeh7ve6MZR5bJfnFkjW6CafGzogtZhZTvPb/2aZB0MgVbvSZeXtCFdIs6y+HmlM/IhSwLkb3aV03kk1tZqhgBYZdkp+MLJ9Pt1hfRfbpBxpo0743twuf2Iu5Ug2VI0UfD/DCxg4y55ayKVYNu6HcCatyKdoaqZRfC6H0LOK8A3Z4D+rDGAw=
BN1BFFO11HUB013: X-MS-Exchange-Organization-RulesExecuted
X-Microsoft-Antispam-PRVS: <BN1BFFO11HUB013CC8CE0BDA82F11A0E0F7D0830@BN1BFFO11HUB013.protection.gbl>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:BN1BFFO11HUB013; BCL:0; PCL:0; RULEID:; SRVR:BN1BFFO11HUB013;
X-Forefront-PRVS: 0645BEB7AA
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjFCRkZPMTFIVUIwMTM7MjM6OW1tTUdWbXhGLzBBWlVhcmx0RkdwbGFD?= =?utf-8?B?NVk4VFhDTSt2eG5RQUhvUmUzVHd3TEJtRWEwR2ZuZW0wOVdFU2J6MjRaRnda?= =?utf-8?B?SHRWNnFDVXQ4ZzRTQ3RDdmNnSzdoR0xVYjZodFlNZ3VXd2dYbkV3aEpvNUw2?= =?utf-8?B?aTRTbWo3dC9TUGljZVk2WnNENW84ajJuNlM0SnVIK2FrQzFURjZxTHY0am93?= =?utf-8?B?Y3VXMkZDbUhHU1dqUWJPM0owSHJrR2Ixdm1jVnlpS3k1eWw0cXAyM25QSmdn?= =?utf-8?B?eEQxR3dKYzlKc3VuR1ZLTnVpSDVvdkU2Rit2MWw3eURwQzBVVE55eHFTakZ4?= =?utf-8?B?NGN2Vk9ZakMyOHFCMUdEUGJYcmQ3cHN2MWk5ZitQdG00cTFNZXlieHlZbDRK?= =?utf-8?B?dTQyaGNGRS9MSk1xR3h3VE9JcEVBbU5Ja1A1TWVSTDdjcWNFVjZBUlY2ZjdM?= =?utf-8?B?U2JHaE8weTArR2o4bmdzSlFGOTVMTW5rQUJMOTFEeFVyTFBuMWx1N0R4ZHdo?= =?utf-8?B?L0pFekJyU2d4K3lERWd6bUd4WjFmUjF0b3ZwWWsrWmtXZXVTVXdIdXpoOXph?= =?utf-8?B?b1VYMVpLblIwNTAxM2ZSeXd6ZVRVR21XVDhVUERhais1VWpkcjlpeXg3UzJL?= =?utf-8?B?d0lZMTJhUktZNjZMQzNPbXBKVlhOdmtlaXJKWjZNeWg0WVV0S2VLbmo4Z2Jj?= =?utf-8?B?SlJwK0R3VXRWME5lbUJlYy9zN3VHWU9Bc1dPalRJZXgrcERIUGxGbHBBbnNl?= =?utf-8?B?eUpPWWxMak5nV0M0QjdaUjBXQmt6cFgwOTdhVUxmRVMrVk43TDg4eTJkMGFr?= =?utf-8?B?K21oM3A1c3RqR2xVWWRBWkZKYjZTMnJ3Mlk4MXVKVll0bTlvZVFTaUlydTFp?= =?utf-8?B?ckVvMGF6a2pBek11dzRTK3lmNjIzM1daVE1xTHF4clovSlRlbGtoMkFxWjcx?= =?utf-8?B?c0l1ZE5QR3VCOW5xQlZxd1ptZGtqSXFDMDVsbEZUWmVUSkZaTnRyekZQL3pQ?= =?utf-8?B?ekl4TTg4K25qZ3h3ZnZoQmMwdjAyWjNhdHlwd0dZNllJVXVMZTlRVlp1aWlq?= =?utf-8?B?QnhQL3hKek9XZkhmRmlWdlFMbkt0QWl6ZDFDZW93STNxUUl4MmtsQ2czcU1Y?= =?utf-8?B?VlJXY2xySnllN0U4em5iRjlZZlg3VVlrR2trM0FtckU0bWdhcHhVN216c2hT?= =?utf-8?B?UXBzY3pzSTFOUkVzVWhRMTVkYTNTa1JVNjNmSzE0MmExeHJCU0ZaWXplSi8w?= =?utf-8?B?VzhQa1BMYkxrY1ZORWpxSWI5dzd2MDRWcUlYemlkT1JpN0NhVjhnbXlSV0di?= =?utf-8?B?TndhK0tpV3VzQ0V3Z1pHVkY0YndKUjdJOVE5bkI5dnZPR1ZjWHVYdm9POTgr?= =?utf-8?B?WWYyTlNYV1JvWk1ZSTZ0MXdwR0pzaDZ2TE0rWFlMa3dKd1pNQXIrblZlaXgw?= =?utf-8?B?OVdrdURVNEMvUEQ4YlV1UVg1QVNma0NhWitSa0UwbTRKS2FUamljRXZkMlpm?= =?utf-8?Q?zIchBGhbsnNFvBH9YN6NTeBiwXo=3D?=
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11HUB013; 5:xuL9TMn8IpYCMb5SjO3+ao2gP01YGODqmJTmyVqGCqchdJGJL9sNEr23XraGRohNYpY4PHRxzsxsVcCtmBsMe50mDT8HSoz8IX5eYFGl/EkUArb0wUNehPO4mRMKkcZbcoFkBV8MDPaQAUzG5xCwYg==; 24:Krjb6q7cCr5yxrNytttIg+zABcX2uCMLRAyU/IjFS3dg4EeTEI0MuznG0PHL5nY+Gou49VXRb2a6B0rUF3ccnY7om9HvyPoMbSxxbkbeaqE=
X-OriginatorOrg: osu.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jul 2015 16:36:23.8171 (UTC)
X-MS-Exchange-CrossTenant-Id: b4d138ca-1815-4a9b-a3a7-130a33b1e692
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=b4d138ca-1815-4a9b-a3a7-130a33b1e692; Ip=[164.107.81.220]; Helo=[cio-tnc-pf06.osuad.osu.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1BFFO11HUB013
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/U30Dq5UC7sDBR3S4sme_mkeAxZ4>
Cc: "abfab@ietf.org" <abfab@ietf.org>
Subject: Re: [abfab] Direction Forward for aaa-saml
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 16:36:43 -0000





On 7/22/15, 12:31 PM, "Sam Hartman" <hartmans@painless-security.com> wrote:

>>>>>> "Cantor," == Cantor, Scott <cantor.2@osu.edu> writes:
>
>
>    Cantor,> Leif's point is that if you don't specify any bindings, you
>    Cantor,> won't have any interop issue. But if you don't account for
>    Cantor,> the endpoint element(s) in the schema, you can't add them
>    Cantor,> later.
>
>O, that's irritating.

Well, it's not an absolute, you could do extensions to get them in later, but it's annoying to have to do that if you actually have a technical rationale for defining an endpoint type up front. It's better to just do it so it's a well-defined element and not buried inside an extension.

Of course, you can make them minOccurs="0" initially so they're optional and don't matter for now.

-- Scott