RE: [KAML] Reminder: BOF proposals to me by October 1

"Paul Rabinovich" <Paul.Rabinovich@exostar.com> Thu, 27 September 2007 14:43 UTC

Return-path: <kaml-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iaua3-0006Al-0o; Thu, 27 Sep 2007 10:43:07 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iaua1-00065z-6Z for kaml@ietf.org; Thu, 27 Sep 2007 10:43:05 -0400
Received: from netmail1.exostar.com ([208.47.83.14]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IauZp-0000Fy-EP for kaml@ietf.org; Thu, 27 Sep 2007 10:43:00 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Subject: RE: [KAML] Reminder: BOF proposals to me by October 1
Date: Thu, 27 Sep 2007 10:42:32 -0400
Message-ID: <0E2D64FCAEB5C5458A494DC28270548E06EFBE96@Netmail1.exostar.com>
In-Reply-To: <ea2af9bd0709251452y114ee29bs91fcfb6f490e6ffc@mail.gmail.com>
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: [KAML] Reminder: BOF proposals to me by October 1
Thread-Index: Acf/vn5yy/SDqKPHS4SeK7cgtAAJMQBVckcQ
From: "Paul Rabinovich" <Paul.Rabinovich@exostar.com>
To: "Leif Johansson" <leifj@it.su.se>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e472ca43d56132790a46d9eefd95f0a5
Cc: kaml@ietf.org
X-BeenThere: kaml@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about SAML and Kerberos intersections <kaml.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/kaml>, <mailto:kaml-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/kaml>
List-Post: <mailto:kaml@ietf.org>
List-Help: <mailto:kaml-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/kaml>, <mailto:kaml-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0383600612=="
Errors-To: kaml-bounces@ietf.org

	Leif,

	Based on your feedback I'll hold off sending my proposal as an I-D.

	Regards,
	PR

Paul Rabinovich | Software Architect | EXOSTAR LLC
13530 Dulles Technology Dr., Suite 200, Herndon, VA 20171

PH +1.703.793.7808 | FAX +1.703.793.7741

-----Original Message-----
From: Tom Scavo [mailto:trscavo@gmail.com] 
Sent: Tuesday, September 25, 2007 5:53 PM
To: Leif Johansson
Cc: Paul Rabinovich; kaml@ietf.org
Subject: Re: [KAML] Reminder: BOF proposals to me by October 1

On 9/25/07, Leif Johansson <leifj@it.su.se> wrote:
> Paul Rabinovich wrote:
> >
> >       IMO it's preferable to keep the LoA piece under the Kerberos WG
> > rather than under the KAML WG since - in the short-term - out-of-the-box
> > SAML 2.0 seems not to be able to help with LoA. Whatever we design,
however,
> >
> I think you are wrong. There are at least two ways to model LoA
> using SAML - using an AC class or using an attribute.

That's correct.  If you decide to use AuthnContext, that means the
Kerberos-bound SAML assertion would contain an AuthnStatement.  On the
other hand, an Attribute would require an AttributeStatement.
(Personally, I think AuthnContext is the way to go for LoA, but the
jury's still out on that issue.)

Tom
_______________________________________________
KAML mailing list
KAML@ietf.org
https://www1.ietf.org/mailman/listinfo/kaml