Re: [abfab] Direction Forward for aaa-saml

Leif Johansson <leifj@mnt.se> Wed, 22 July 2015 16:24 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B4071A89EB for <abfab@ietfa.amsl.com>; Wed, 22 Jul 2015 09:24:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7lUePo76rXE5 for <abfab@ietfa.amsl.com>; Wed, 22 Jul 2015 09:24:50 -0700 (PDT)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8FBA1A89A5 for <abfab@ietf.org>; Wed, 22 Jul 2015 09:24:44 -0700 (PDT)
Received: by wicmv11 with SMTP id mv11so88677249wic.0 for <abfab@ietf.org>; Wed, 22 Jul 2015 09:24:43 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=KOM1ZytG/ZVkKHeNysUjyybowJKzKvkd6okAZM4K1uw=; b=PyWltbQdcd69v079GmpEqJbtcCKuL8cAt9oZ+gHBTZ56PLy3/0WfCcgnKO9Yz7lXGO ROWE1n0KtWsUm9eLRYPJUOxZ+BuUAJ4x5IfDZ/Ji/RBbDIn1LNWBYikx6YpiVnEuRj5J BVd4zugMXvyygMg903hZUjlH850d4wQ8K2LZSi0Rw5RCKpVQB6YLrmlrPrWbhHTLT76D eK1LJQMnW+rj9lSPK8sHzSOroNA58UInBxGGLQq8eGX8MMvPu8sxFV1nnAFu4q0sOFgN uVTbEazyaEq6KIDlbemj3F0MtOh/0PqFDY8YdjG1K44QJsa4bzEPH6Lv4WNSf370C80P erDw==
X-Gm-Message-State: ALoCoQnMttixWXc96fvDDgxA1cot0EcXS87jxTpLXuiVIg8WBatsaFE6xNAkN+eNKVUyJBUvcSH7
X-Received: by 10.194.58.109 with SMTP id p13mr7412092wjq.36.1437582283246; Wed, 22 Jul 2015 09:24:43 -0700 (PDT)
Received: from ?IPv6:2001:67c:370:152:76da:38ff:fe3a:15dd? ([2001:67c:370:152:76da:38ff:fe3a:15dd]) by smtp.googlemail.com with ESMTPSA id bm9sm22787108wib.10.2015.07.22.09.24.42 for <abfab@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Jul 2015 09:24:42 -0700 (PDT)
Message-ID: <55AFC37D.1040607@mnt.se>
Date: Wed, 22 Jul 2015 18:23:25 +0200
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: abfab@ietf.org
References: <tslwpxsy0ql.fsf@mit.edu> <8E4E5965-0E43-4ABD-8853-8A6C7C6926C5@mnt.se> <tsloaj4xzvr.fsf@mit.edu> <0B96365A-4F6B-427A-9A87-70F069473F84@mnt.se> <tsl7fpsxrve.fsf@mit.edu> <0A08B89E-5533-4E34-9014-97C0D7877B6E@osu.edu> <tslio9cw8yd.fsf@mit.edu> <D143C9FB-F878-49C1-89C4-6A494714A3EC@mnt.se> <tslegk0w7iw.fsf@mit.edu> <1FA8CCED-221E-4A88-B525-BF46FAA53A3F@mnt.se> <55AFC0E3.8030500@um.es> <tslpp3kuq2f.fsf@mit.edu> <55AFC24C.3070205@sunet.se> <tslh9owuptm.fsf@mit.edu>
In-Reply-To: <tslh9owuptm.fsf@mit.edu>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/VbS1D4X9PJ7flwnIEjPiiHwCHKQ>
Subject: Re: [abfab] Direction Forward for aaa-saml
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 16:24:51 -0000

On 2015-07-22 18:20, Sam Hartman wrote:
>>>>>> "Leif" == Leif Johansson <leifj@sunet.se> writes:

(I am and was speaking entirely wo any chair hats on btw)

> 
> 
>     Leif> Right but we _could_ add Endpoint and leave the work of
>     Leif> specifying the URL format of radius radsec servers to whomever
>     Leif> wanted to deploy it
> 
> I'm very against that.
> It's not guaranteed to be interoperable without the URI and I don't
> think we'd have confidence in the semantics without going through the
> URI spec.

Thats why we have the Binding parameter! If you don't understand the
Binding then you can't use the Endpoint.

If your position made sense (which it doesn't) then we could never
deploy new bindings in SAML which actually does happen.

	Cheers Leif