Re: [abfab] Comments on draft-ietf-abfab-aaa-saml-11

"Cantor, Scott" <cantor.2@osu.edu> Mon, 10 August 2015 15:31 UTC

Return-Path: <cantor.2@osu.edu>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C7BB1B36E9 for <abfab@ietfa.amsl.com>; Mon, 10 Aug 2015 08:31:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.002
X-Spam-Level:
X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZPDjx-aa905j for <abfab@ietfa.amsl.com>; Mon, 10 Aug 2015 08:31:13 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0106.outbound.protection.outlook.com [207.46.100.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 164421B36E8 for <abfab@ietf.org>; Mon, 10 Aug 2015 08:31:12 -0700 (PDT)
Received: from BN1BFFO11FD025.protection.gbl (10.58.144.31) by BN1BFFO11HUB051.protection.gbl (10.58.144.198) with Microsoft SMTP Server (TLS) id 15.1.243.9; Mon, 10 Aug 2015 15:31:11 +0000
Authentication-Results: spf=pass (sender IP is 164.107.81.210) smtp.mailfrom=osu.edu; ietf.org; dkim=none (message not signed) header.d=none;
Received-SPF: Pass (protection.outlook.com: domain of osu.edu designates 164.107.81.210 as permitted sender) receiver=protection.outlook.com; client-ip=164.107.81.210; helo=cio-krc-pf03.osuad.osu.edu;
Received: from cio-krc-pf03.osuad.osu.edu (164.107.81.210) by BN1BFFO11FD025.mail.protection.outlook.com (10.58.144.88) with Microsoft SMTP Server (TLS) id 15.1.243.9 via Frontend Transport; Mon, 10 Aug 2015 15:31:12 +0000
Received: from CIO-TNC-HT05.osuad.osu.edu (localhost [127.0.0.1]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by cio-krc-pf03.osuad.osu.edu (Postfix) with ESMTPS id E724820134; Mon, 10 Aug 2015 11:31:10 -0400 (EDT)
Received: from CIO-TNC-D2MBX02.osuad.osu.edu ([fe80::3960:dd86:ba2:ad26]) by CIO-TNC-HT05.osuad.osu.edu ([fe80::d0be:603:484c:5a2f%10]) with mapi id 14.03.0224.002; Mon, 10 Aug 2015 11:31:09 -0400
From: "Cantor, Scott" <cantor.2@osu.edu>
To: Sam Hartman <hartmans@painless-security.com>
Thread-Topic: [abfab] Comments on draft-ietf-abfab-aaa-saml-11
Thread-Index: AQHQ03ooof7mlEQFmE+WSlziI+4vfp4FXDMA
Date: Mon, 10 Aug 2015 15:31:08 +0000
Message-ID: <2700B470-ED12-4E67-B1BF-130D2BD9C318@osu.edu>
References: <75CEE38C-77DD-438B-BECD-6FF8ADB6826E@osu.edu> <55C5AF0A.2060000@um.es> <0EB79B20-E2CE-451A-9139-CC581DFD28B7@osu.edu> <tslk2t35hv9.fsf@mit.edu>
In-Reply-To: <tslk2t35hv9.fsf@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [128.146.94.90]
Content-Type: text/plain; charset="utf-8"
Content-ID: <2A84A6CFDDED074EBC08953D975496BF@osu.edu>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11FD025; 1:IFPD3ZK4DDkd6nxTxaD9vvf8iX4ToDyDR7VVHDHYirz9EGyzvh4fW4/ReALShLinvDvJ5LLPhK359tw0yp1PNOYaHrdwxNsnE7Vc9t4rJcoC5wH02INGCwFyh/1IwudKI8wDrbMAkW2R5lGRu+EWe2hGLoXjTOVZ/t9LPccsIr1qUM9xCpAqs264bHdHjjx36OM4shl2MnfIqpipNu07zkGpikjTCrm2SvTzf34oNOJr1oFrVs4+C+nWlOjfJyD6FvIiUN8TwOhw5ROyt0EwQ48f54CMFtR/T2h1TcCGaIykE8nQCUzV0m49pMUn5l5Q
X-Forefront-Antispam-Report: CIP:164.107.81.210; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(2980300002)(438002)(189002)(479174004)(24454002)(377454003)(199003)(33656002)(19580395003)(36756003)(2950100001)(46102003)(86362001)(47776003)(93886004)(2900100001)(4001540100001)(230783001)(90282001)(88552001)(92566002)(5001830100001)(110136002)(5250100002)(82746002)(75432002)(5001860100001)(89122001)(64706001)(102836002)(19580405001)(109096001)(6806004)(2656002)(106466001)(62966003)(76176999)(66066001)(5003600100002)(23676002)(106116001)(83716003)(50466002)(54356999)(93346002)(87936001)(50986999)(77156002)(189998001)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN1BFFO11HUB051; H:cio-krc-pf03.osuad.osu.edu; FPR:; SPF:Pass; PTR:cio-krc-pf03.osuad.osu.edu; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11HUB051; 2:gV6lTRrfkfwFkkZHlkxpKizGq3brptB2iSCUnIX56n1v+cbYaWalo/gnJ6lpBoHerCO3BERIxXE4VY4RXB4LKjPeBj4HuWbon8GBnjbn15WalofOzQ2fqumPVCwyc8o48RM7EIiOhmUxdl8Pg66y5pPH0NtlQgGdTtsmSXGW5VM=; 3:yb/O6LXH8EOvKi52B19TJWiLMYtcHtCqFEq3+6d3mLb+iR8t91DEgrFWVHcjddvpkEubUC0U0lfrL4YTT3GGPd4J024JkLNAa6c41W9FCQNIHvLpA8UqVZkcuCu2mNRPSMo/5Nt8fvrdy0QD3blZwAcUMkVaFjAoaS41GqAmPGfL8zy3OYYjNbszW9WPe1A2VVYR0Cdk6Gv680SEAduqyklaWNLfaprVXDWWtWA5oiw6HArxY2h3c9e9vxiVa7v+; 25:wErC9uEUjOkLRuX7auU/ybPx43Ljs56iWB5wWIjbHqi0y5F92EyGRy4cd2VTUcqGCs1DdqhbzXQJdgPutPCVhfwehhGGLYOmknmjAjTRdOFPfvLVRzkENq6b/FIJo9aRT53OAALHKvfrx7CCM12NINh7U/QVQK6bm9ZYphmdLgzyrrKwlqp3Zfnpt/EtRb3RvYSLpTxPGtJBGhG0rO/po1M5Y3H84s/3Q86bFmedglT249oBeMfInyECPZi3JTMx6l3QKuj8r6PeAxbTWZNG9g==
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN1BFFO11HUB051;
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11HUB051; 20:zMEnVP/f5RAR7xqS3MIEeBiHvzlWvUi4UaZrFl4iiMBBmDBM22YiP9WbHr+HKbkhSG7LvvALG3/iJTKgyED2xsR3MncbvRIFT6uugIF6ONM+qki54sFslJEqT1kARk4MgQjp0mvMO/sjM9UocCeY02zATduaKs0VFpmRiDY7TqWhfC95Q/gdo+bgAkM9C/E+7C5u5iS89Hf5NPa/rFOHXW8yIkR94sFMyE40MJg/96AO+KnbDDyZBzhIa4IgKOlzDYWfdURIK0tNe4vxWCNX4jdfykhKccHM5SsTZ3RfI+QteAG68nmQ++yYK3bINRbZe9xHWn2lzpvOPXaZJUCfrCLH/3dlFvSyyR4d/dCPy3xi4v2SB64Z9dU7tQPE+zACsi4bBL61o0bIpDuEYZYsfW4/LNYQ+pjE4YRC7Wpv1SOgxgLXCOYM4TNraFqmxQ/N2CqQiI3ZN35TX1elDL/dW5IT+zuSDVIaTLDUsVSOzDSTImZipdbeQX7GY5Ap3odc; 4:Y8LvHIVcMaDnfBKDWK/PgnhwFOBMxhgSazpMeDu4Hfs6z/eJ250WrmYVz6F1weX+fToPYgOzqelppm7APb+oh6YT3AbSa1nOWsnSfkWXJDqTQC+jzPLUivAUUfBJRO3T46F1sJF5F9V/Xbl07nlF4zrbFkxbXKiux8/eeCRu5oroRNRyWxY1iNCvxESE2bhifjGpz6Ebl7Rgf68WVbb4qnXwo5hWZq7kgvahQs94qMokTWyvYTJWTwWsvUZdXn2KlQRy1CEvHd9wUBsoCmOCnoOqo5bnB6eDKkOEG6OJTcI=
X-Microsoft-Antispam-PRVS: <BN1BFFO11HUB0514A8DF6F086903AD79DD7D0700@BN1BFFO11HUB051.protection.gbl>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:BN1BFFO11HUB051; BCL:0; PCL:0; RULEID:; SRVR:BN1BFFO11HUB051;
X-Forefront-PRVS: 06640999CA
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjFCRkZPMTFIVUIwNTE7MjM6TWNhb3pjSThaTjF4MUxsdk90bjJwNzN0?= =?utf-8?B?RWtPY1FoY0tDRjRhVlBwL3p6WVpKZUwwKzVTeHZMS2w4MVc1MFNtUGpFNm1u?= =?utf-8?B?U3IxOU5Sbm8xYkl0UXgxTTlXalFubnVaaVN1c2xPZlFEeEY4clhFeWZzWHYv?= =?utf-8?B?ZWhDQm53MkpaMzJ5akJkSWhTWWh4aTZSenYrUkpxS1hQRENjZzZ0NjYxVzlM?= =?utf-8?B?VWNWdnFNMkcxZHp2a1J6Y291enkrMVpXV3JsMGVjMW5JQkVhK0hja1FUYlNM?= =?utf-8?B?M0dQMEJuTVAvYjE2Yk55WmRKbStUamFvRkxaekZkNUc3VGhHdGN5Unh5YU81?= =?utf-8?B?azZUNjY3VGdqMFlqN3FHc3k4NnVXcVJNdVdWYXNmb05Mb1U3cWlhdmkxUW91?= =?utf-8?B?UjBXZXJJaFppU1hWbkJxUkFJTTF5ZEJ3UmZaV1lPemNMQ3RXZXhyRmlLdlIz?= =?utf-8?B?Tm9MeCtIVHMwRmRvTlpDcEdObVVHZ09aSWQzQTdoSVRiYTk0ZWh3enA2c2pz?= =?utf-8?B?WE9Ub1FqQnJ2blpSTE5CWERTZUlaSEdSSHhCVUdBc1I4Tng5TGYyL0NMRDl5?= =?utf-8?B?N0RkY21xd0M0dFZuWUVLb0Z1RGNnOWNYOGljRmh0bEx0NnFpUkdsdDcyalMw?= =?utf-8?B?UW5VdWM1dm5ZSk51RW53YXlWdzNWWElSZlhFS3Z3Mk5ndGVVTVNvQkR5MHd6?= =?utf-8?B?NU4wazRnUVJicGt1TGZ2eHlZM0drNDR5S0lURWl6RkhsQ0NXeWdWZnhranlv?= =?utf-8?B?TDNRY25LaXEyamthdWlvdmJRVFRmcWN6Sk5nZEFucWdHMGE1TG9Xc3o0dXdP?= =?utf-8?B?OUpZcU5FUXR5VTBCTnp6akphc1h0RXJFbWIydjFmbGNIVDcxbTJkZElwZ2hx?= =?utf-8?B?UkFwYWY2ZWFDMkRTQmI5Q3NZS09ySGVhQkdaL2UxRkozbEVKajhwYUZZcG5J?= =?utf-8?B?WWZYVzNFZGowQVJEeFkrVUdneXltUlNnVG5VcWVDQjVRWVZ1MU42SlBDNDZs?= =?utf-8?B?cjB4OXZhMkhhLzZvMTN2QjBsOHFiUW51UC95ZzN0RU5iSnRHNWc0aWdIY3Nv?= =?utf-8?B?OVN4d1RpNlptc0lIaDlZdnNKTWUyVXpYMUluekV5UHp2ZDVoSkFLa2hQYkxn?= =?utf-8?B?ZzhaLzZELzJLclFHUk1qOTJOb2MxcHdBTWN3R0VuVjFYLzV3UmtXWUcrTEN1?= =?utf-8?B?WDRadTIzTXg4T0Yxa1ZTTVlPOGZvYWhBcU5zazZSN3QzamJCS2ZPZHpxbEVW?= =?utf-8?B?dFpxMHkxMDRyTGJxUStTQUo4NG83VEJ2bHJLM0YxNGlYRzNnT3lBTjJDekJX?= =?utf-8?B?WGRXaHlWTUVjMkdjS0dZcHJxNjNIa1BwSjhtakpqS2pSMnR6Z2pwR0huMDY4?= =?utf-8?B?VnhzRTYrWk8yZktOM2FMa0dZaHB2VFN5NGFnS2YxZE5QT3lMdGR5emJjMW1D?= =?utf-8?B?WGlsQ1hIamgyUWdkTDNHcnN5ZThsRzZPb0xEWks2WUt1S1dkY0Z2UUNxZTBK?= =?utf-8?B?WHpGUnNPWXNvRGZYYUJma0VMRXQ0OEhpT1RUWTFUTlJ6clhsS3RrcEpYYUlI?= =?utf-8?B?YVFrVkZRdVFKdWhtVXp6NkgyQ2RvdUx0MU5xQ051MEVKRm1rWFU2OFAwdkxj?= =?utf-8?B?L2duN0l4ejIyNFlMdFVxaTNyY3c0QWlvQmJISmhqQ2NGVWFkTCtPUmE2ZEgr?= =?utf-8?B?Z1BBVzNHL3BvWU1KVUVlcVpNckpDQUgyVmJmcVFXUy90a3dacStYbDNkcmFY?= =?utf-8?Q?+GtVXvP+ERc/v5/1nRR2dCz3ujQ85U8nAx5bJ30=3D?=
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11HUB051; 5:bh5l8KCDAM2WkG5tU9CpmBjFhHRHY9YaUQZoFab87LB3xJqN1rdnHy5B36ptzbneJm5iiMHVAhuNDG1b2+y8yfLmDuw6Z5d4J3IXxLuR1rXPMsnQ8hXPCkpP9cyrzCJ5z/FaYRNRajyTjY+X8yFIxg==; 24:ELV+2N3bd72lA4hXt1PMXlmTuMoGtl0S5zNqo342zy92gT8nONmR5M90HZ1+Vr72RFpAmkWehvEEIxd+5OVZOUAHkSukHQHvlzPyc1uJTxM=
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: osu.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Aug 2015 15:31:12.0563 (UTC)
X-MS-Exchange-CrossTenant-Id: b4d138ca-1815-4a9b-a3a7-130a33b1e692
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=b4d138ca-1815-4a9b-a3a7-130a33b1e692; Ip=[164.107.81.210]; Helo=[cio-krc-pf03.osuad.osu.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1BFFO11HUB051
Archived-At: <http://mailarchive.ietf.org/arch/msg/abfab/xyDg95akFfieeD_FWsRInvHSuMI>
Cc: "abfab@ietf.org" <abfab@ietf.org>
Subject: Re: [abfab] Comments on draft-ietf-abfab-aaa-saml-11
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 15:31:15 -0000

On 8/10/15, 10:38 AM, "Sam Hartman" <hartmans@painless-security.com> wrote:
>
>These are in fact RADIUS entities that can communicate using SAML 2.0
>using the binding defined in this document.
>Currently, that is the only use for these roles.

Ok. Then I would say staying silent on it is fine after all.

-- Scott