IETF Logo Mail Archive

Re: [abfab] I-D Action: draft-ietf-abfab-aaa-saml-10.txt

Stefan Paetow <oss@eons.net> Tue, 17 February 2015 18:59 UTC

Return-Path: <stefan@eons.net>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F110C1A907C for <abfab@ietfa.amsl.com>; Tue, 17 Feb 2015 10:59:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fVfMzc9B4QZE for <abfab@ietfa.amsl.com>; Tue, 17 Feb 2015 10:59:43 -0800 (PST)
Received: from mail-ie0-f171.google.com (mail-ie0-f171.google.com [209.85.223.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5786A1A908A for <abfab@ietf.org>; Tue, 17 Feb 2015 10:59:28 -0800 (PST)
Received: by iebtr6 with SMTP id tr6so32541614ieb.7 for <abfab@ietf.org>; Tue, 17 Feb 2015 10:59:27 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:content-type; bh=qvoH3P2PWKSiFHg7yO5K1543LJ/62r4/OIyJCAgGLIs=; b=Q/C25gWA0jaJ126SdIbPVjXDo5w8oglhQBsgEduw+ZgOmCvewiq1M5RBPQehYFsjZs cgljVoSDli+Z+L2+lSc/4L3t34SWRmqyC6cX1zfweGFvBp972+Hj9RhZw5gzia+a69Fc +99FL3O0l71sDp2xh+v188snVQKSsTWBfFDPRYatQJLQhE2feLn3gDCzCkMlxv0yv1sW jonR3mbtdHfOLIo8oBMyeibD2c5FQkjj5Tn1d1NBCLyLMhSFck/r1h9FkDAw6Cg2q+5G Ao3Is6oS8gg2m4HI54RQSI3e6BLr42LhCirJb2rim6pLUb8Mfc2SfHo0A5yOTx132PfK w11A==
X-Gm-Message-State: ALoCoQmlb7WgurQnb1coQ/4lVfqTd6STA2Sy310FNU7O7LQMsXhIoyWIkKcvteK82Dw8xBMBF4Le
X-Received: by 10.50.50.140 with SMTP id c12mr29619907igo.5.1424199566468; Tue, 17 Feb 2015 10:59:26 -0800 (PST)
MIME-Version: 1.0
Sender: stefan@eons.net
Received: by 10.107.17.38 with HTTP; Tue, 17 Feb 2015 10:59:06 -0800 (PST)
In-Reply-To: <54E08964.4040102@sunet.se>
References: <20150206154301.31967.50182.idtracker@ietfa.amsl.com> <54D4E501.5020701@um.es> <54D89D9F.3050307@um.es> <54E08964.4040102@sunet.se>
From: Stefan Paetow <oss@eons.net>
Date: Tue, 17 Feb 2015 18:59:06 +0000
X-Google-Sender-Auth: SW5oNwGMV2N23nBe6bbA9mjy6gE
Message-ID: <CAGmwA8qaoO0Lq7UsiCSdsYX64uPD7tGw93uLUe3YNXMRzbzGYA@mail.gmail.com>
To: abfab@ietf.org
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/V7GwxsGHklLm5JsawD2SXAbSas8>
Subject: Re: [abfab] I-D Action: draft-ietf-abfab-aaa-saml-10.txt
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Feb 2015 19:01:57 -0000

> > with the submission of the updated version of the aaa-saml
> > (draft-ietf-abfab-aaa-saml-10), we consider the document is now ready
> > for a Last Call.

[...]
>
> Hmm, I'd feel more comfortable if we'd had one or two reviewers...


Ok, mostly grammatical and syntax nits:

1. Introduction:

Two sets of bullets in the introduction. The first set ends each
bullet with a full-stop. The second doesn't. Thus the corrected text
is:

   o  A URI that uniquely identifies the protocol binding or profile.

   o  Postal or electronic contact information for the author.

   o  A reference to previously defined bindings or profiles that the
      new binding updates or obsoletes.

   o  In the case of a profile, any SAML confirmation method identifiers
      defined and/or utilized by the profile.

2. Section 4.3.2:

Missing full-stop after <entityId>. Thus the corrected text is (in
keeping with the later Relying Parties paragraph):

   Identity Providers MAY apply policy based on the Relying Party's SAML
   <entityId>. In such cases, at least one of the following methods is
   required in order to establish a relation between the SAML name and
   the AAA name of the Relying Party:

3. Section 4.3.4:

Is a comma missing after 'provide policy' in the last sentence of this
section, i.e:

   RADIUS configuration is used to provide policy, including
   which attributes are accepted from a Relying Party and which
   attributes are sent by an Identity Provider.

4. Section 6.2:

Again a missing comma, this time after 'this scenario', i.e:

   To implement this scenario, a profile of the SAML Authentication
   Request protocol is used in conjunction with the SAML RADIUS binding
   defined in Section 4.

5. Finally, Section 9:

Is that a Relaying or a Relying Party in the first sentence of the
first paragraph in this section? Based on the remainder of the text,
it should be 'Relying'? Corrected text:

   The profiles defined in this document allow a Relying Party to
   request specific information about the Client, and allow an IdP to
   disclose information about that Client.

I haven't spotted anything else... feel free to tell me I'm wrong :-)

With Regards

Stefan

v2.8.7 | Report a Bug | By Email