[Emu] Proposed bar BOF on federated authentication for non-web applications at IETF 77
Sam Hartman <hartmans-ietf@mit.edu> Sat, 13 February 2010 00:32 UTC
Return-Path: <hartmans@painless-security.com>
X-Original-To: emu@core3.amsl.com
Delivered-To: emu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EDAE828C165; Fri, 12 Feb 2010 16:32:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.665
X-Spam-Level:
X-Spam-Status: No, score=-1.665 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, J_CHICKENPOX_83=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jsWu9VOomE0K; Fri, 12 Feb 2010 16:32:48 -0800 (PST)
Received: from mail.suchdamage.org (permutation-city.suchdamage.org [69.25.196.28]) by core3.amsl.com (Postfix) with ESMTP id 1D2273A7926; Fri, 12 Feb 2010 16:32:47 -0800 (PST)
Received: from carter-zimmerman.suchdamage.org (carter-zimmerman.suchdamage.org [69.25.196.178]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id D320B202C8; Fri, 12 Feb 2010 19:34:07 -0500 (EST)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id E9C0643E8; Fri, 12 Feb 2010 19:34:00 -0500 (EST)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: ietf@ietf.org, kitten@ietf.org, emu@ietf.org
mail-followups-to: moonshot-community@jiscmail.ac.uk
mail-copies-to: moonshot-community@jiscmail.ac.uk
Date: Fri, 12 Feb 2010 19:34:00 -0500
Message-ID: <tsld40aynwn.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: moonshot-community@jiscmail.ac.uk
Subject: [Emu] Proposed bar BOF on federated authentication for non-web applications at IETF 77
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Feb 2010 00:32:50 -0000
I've been working with JaNet(UK) on providing a federation solution for client applications such as mail readers, filesystem clients, XMPP clients and the like. There are fairly good solutions such as Open ID, Information Card and SAML for web applications. Within an enterprise, you have Kerberos. JaNet(UK) runs one of the world's largest SAML federations. As their customers are beginning to take advantage of federated access for web applications they are also asking how they can gain the same flexibility for client-server applications. This customer demand appears to have traction across the entire European academic community. I suspect that it may find traction within enterprises and other environments. We'd like to have a bar BOF at IETF 77 in California with a goal of an actual BOF this summer in Europe at IETF 78. We invite you to join our mailing list at https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=moonshot-community where we can discuss timing. We plan to discuss the general problem and a proposed solution at the bar BOF. I've already prepared a feasibility analysis for JaNet(UK)'s solution; the analysis does discuss the problem some, gives an outline of the solution and discusses technical issues and required standards work in detail. By IETF we'll have a use case paper, an internet draft on the solution,and a slide set. we look forward to your input. You can find a bit more detail on my blog at http://www.painless-security.com/blog/2010/02/12/moonshot1 You can find the feasibility analysis at http://www.painless-security.com/wp/wp-content/uploads/2010/02/moonshot-feasibility-analysis.pdf Thanks, Sam Hartman Painless Security