Re: [abfab] Review of draft-ietf-abfab-aaa-saml-11

Alejandro Pérez Méndez <alex@um.es> Tue, 20 October 2015 07:27 UTC

Return-Path: <alex@um.es>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBCA01ACE7F for <abfab@ietfa.amsl.com>; Tue, 20 Oct 2015 00:27:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.911
X-Spam-Level:
X-Spam-Status: No, score=-3.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z3R6E3MkNKfM for <abfab@ietfa.amsl.com>; Tue, 20 Oct 2015 00:27:45 -0700 (PDT)
Received: from xenon21.um.es (xenon21.um.es [155.54.212.161]) by ietfa.amsl.com (Postfix) with ESMTP id F06BD1ACE0F for <abfab@ietf.org>; Tue, 20 Oct 2015 00:27:43 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by xenon21.um.es (Postfix) with ESMTP id 92F53402AB; Tue, 20 Oct 2015 09:27:42 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon21.um.es
Received: from xenon21.um.es ([127.0.0.1]) by localhost (xenon21.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Wp46fS9w2CRJ; Tue, 20 Oct 2015 09:27:42 +0200 (CEST)
Received: from [192.168.1.5] (79.109.150.87.dyn.user.ono.com [79.109.150.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: alex) by xenon21.um.es (Postfix) with ESMTPSA id 8D73440279; Tue, 20 Oct 2015 09:27:39 +0200 (CEST)
To: Stefan Paetow <Stefan.Paetow@jisc.ac.uk>, Sam Hartman <hartmans@painless-security.com>
References: <9846A6064BD102419D06814DD0D78DE112712074@CIO-TNC-D2MBX02.osuad.osu.edu> <5620C974.30400@um.es> <tslmvvjug51.fsf@mit.edu> <D24AD52D.C0B3%stefan.paetow@jisc.ac.uk>
From: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= <alex@um.es>
Message-ID: <5625ECEB.6060007@um.es>
Date: Tue, 20 Oct 2015 09:27:39 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <D24AD52D.C0B3%stefan.paetow@jisc.ac.uk>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/cS8vQmm8SyGE9WRF26ttV9MHrHw>
Cc: "abfab@ietf.org" <abfab@ietf.org>
Subject: Re: [abfab] Review of draft-ietf-abfab-aaa-saml-11
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2015 07:27:48 -0000


El 19/10/15 a las 23:38, Stefan Paetow escribió:
>>     "In the case of a SAML processing error, the RADIUS
>> server MAY include a SAML response message with an
>> appropriate value for the <samlp:Status> element within
>> the Access-Accept or Access-Reject packet to notify the client.
>> Alternatively, the RADIUS server can respond without a SAML-Message
>> attribute.".
>>
>> Or did we end up calling it SAML-Protocol?
> Which? The RADIUS attribute? SAML-AAA-Assertion. I don't see any other
> SAML-named attributes anywhere in a FR dictionary.

The "SAML-Message" attribute is now called "SAML-Protocol". The 
"SAML-Assertion" keeps the name.

The attribute in FR is a Vendor-Specific one, assigned to UKERNA, so it 
can be called whichever they want, since the one in the IETF draft has 
not been standardized yet.
When the RFC is published, that will change to the proper name. 
Something similar happended with RFC 7055's attributes. They were moved 
from dictionary.ukerna to dictionary.7055, with proper asignements of 
attribute numbers.

Regards,
Alejandro

>
> Stefan Paetow
> Moonshot Industry & Research Liaison Coordinator
>
> t: +44 (0)1235 822 125
> gpg: 0x3FCE5142
> xmpp: stefanp@jabber.dev.ja.net
> skype: stefan.paetow.janet
>
> jisc.ac.uk
>
> Jisc is a registered charity (number 1149740) and a company limited by
> guarantee which is registered in England under Company No. 5747339, VAT
> No. GB 197 0632 86. Jisc¹s registered office is: One Castlepark, Tower
> Hill, Bristol, BS2 0JA. T 0203 697 5800.
>
> Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a
> company limited by guarantee which is registered in England under Company
> No. number 2881024, VAT No. GB 197 0632 86. The registered office is:
> Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T
> 01235 822200.
>
>
>