RE: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

"Josh Howlett" <Josh.Howlett@ja.net> Fri, 13 February 2009 09:47 UTC

Return-Path: <Josh.Howlett@ja.net>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 98BC328C188 for <ietf@core3.amsl.com>; Fri, 13 Feb 2009 01:47:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sasUNc7QbykI for <ietf@core3.amsl.com>; Fri, 13 Feb 2009 01:47:52 -0800 (PST)
Received: from umhost1.ukerna.ac.uk (umhost1.ukerna.ac.uk [193.62.83.67]) by core3.amsl.com (Postfix) with ESMTP id 89B9C28C17B for <ietf@ietf.org>; Fri, 13 Feb 2009 01:47:52 -0800 (PST)
Received: from har003676.ukerna.ac.uk ([194.82.140.75]) by umhost1.ukerna.ac.uk with esmtp (Exim 4.50) id 1LXueM-0006nj-Ms for ietf@ietf.org; Fri, 13 Feb 2009 09:47:58 +0000
Received: from har003676.ukerna.ac.uk (localhost.localdomain [127.0.0.1]) by localhost (Email Security Appliance) with SMTP id D42374A6B27_99541C1B for <ietf@ietf.org>; Fri, 13 Feb 2009 09:47:45 +0000 (GMT)
Received: from uxsrvr20.atlas.ukerna.ac.uk (uxsrvr20.ukerna.ac.uk [193.62.83.209]) by har003676.ukerna.ac.uk (Sophos Email Appliance) with ESMTP id CCBBC4A6B26_99541C1F for <ietf@ietf.org>; Fri, 13 Feb 2009 09:47:45 +0000 (GMT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
Date: Fri, 13 Feb 2009 09:48:04 -0000
Message-ID: <6ED388AA006C454BA35B0098396B9BFB04CD3D30@uxsrvr20.atlas.ukerna.ac.uk>
In-Reply-To: <tsleiy3wa8b.fsf@live.mit.edu>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
Thread-Index: AcmNYtVdEsT7fqTZT/mTzYeg8vfXDAAXIxKA
References: <07d901c98d3e$0fdb9f70$0201a8c0@nsnintra.net><C5B9DD87.327A%mshore@cisco.com><081b01c98d46$d8c731d0$0201a8c0@nsnintra.net><6ED388AA006C454BA35B0098396B9BFB04CD3CC5@uxsrvr20.atlas.ukerna.ac.uk> <tsleiy3wa8b.fsf@live.mit.edu>
From: Josh Howlett <Josh.Howlett@ja.net>
To: ietf@ietf.org
Cc: Josh Howlett <Josh.Howlett@ja.net>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Feb 2009 09:47:53 -0000

Sam Hartman wrote:
> The Kerberos community has many years of experience that 
> within an infrastructure, carrying authorizations in-band has 
> been useful and has reduced the effort required to fit an 
> application into a larger infrastructure. 

Just a quick plug, following Sam's comments: augmenting Kerberos with
SAML is one of the possibilities discussed within a paper that was
recently published by the MIT Kerberos Consortium.

http://kerberos.org/software/kerbweb.pdf

josh.

JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024 
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG