Re: [KAML] latest status
Luke Howard <lukeh@padl.com> Sat, 19 September 2009 18:04 UTC
Return-Path: <lukeh@padl.com>
X-Original-To: kaml@core3.amsl.com
Delivered-To: kaml@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B579A3A6934 for <kaml@core3.amsl.com>; Sat, 19 Sep 2009 11:04:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.972
X-Spam-Level:
X-Spam-Status: No, score=-0.972 tagged_above=-999 required=5 tests=[AWL=-0.973, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id caRnirkx-yox for <kaml@core3.amsl.com>; Sat, 19 Sep 2009 11:04:42 -0700 (PDT)
Received: from us.padl.com (us.padl.com [216.154.215.154]) by core3.amsl.com (Postfix) with ESMTP id 92EBD3A689A for <kaml@ietf.org>; Sat, 19 Sep 2009 11:04:42 -0700 (PDT)
Received: by us.padl.com with ESMTP id n8JI59jF009392; Sat, 19 Sep 2009 14:05:13 -0400
Message-Id: <B4275EF3-278C-4CB0-875D-E284BCCF8C9D@padl.com>
From: Luke Howard <lukeh@padl.com>
To: "Henry B. Hotz" <hotz@jpl.nasa.gov>
In-Reply-To: <0AC447C8-C281-4432-BC43-93FD295B8FDC@jpl.nasa.gov>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Sat, 19 Sep 2009 20:05:09 +0200
References: <46fc8a10909180713x3116deb5l2cfade36f6b85a2e@mail.gmail.com> <0AC447C8-C281-4432-BC43-93FD295B8FDC@jpl.nasa.gov>
X-Mailer: Apple Mail (2.936)
X-SMTP-Vilter-Version: 1.3.6
X-Spamd-Symbols: AWL,BAYES_00,RDNS_NONE
X-SMTP-Vilter-Spam-Backend: spamd
X-Spam-Threshold: 5.0
X-Spam-Probability: -0.4
Cc: kaml@ietf.org
Subject: Re: [KAML] latest status
X-BeenThere: kaml@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussions about SAML and Kerberos intersections <kaml.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kaml>, <mailto:kaml-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kaml>
List-Post: <mailto:kaml@ietf.org>
List-Help: <mailto:kaml-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kaml>, <mailto:kaml-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Sep 2009 18:04:43 -0000
> I think there is interest in solving the authorization problem in a > way that scales better than the MS PAC. There's interest on > Microsoft's part as well. Nobody's come up with a solution that > enough people find attractive though. I'm interested in this, when I get some cycles to work on it. The GSS naming extensions and S4U projects recently committed to MIT will help, also I've created a couple of placeholder projects at: http://k5wiki.kerberos.org/wiki/Projects/SAMLInKerberos http://k5wiki.kerberos.org/wiki/Projects/KerberosInSAML Last I heard from MS (earlier this week), they are moving towards claims-based authorisation but are undecided whether they will support claims with "legacy" services such as the file server, and thus whether they will support claims in the PAC. (This statement was couched in very vague terms, so I might be misinterpreting.) Their whitepapers on Geneva are worth reading, too: http://www.microsoft.com/downloads/details.aspx?FamilyID=9ca5c685-3172-4d8f-81cb-1a59bdc9f7e3&displaylang=en -- Luke
- Re: [KAML] latest status Luke Howard
- [KAML] latest status James Ryan
- Re: [KAML] latest status Henry B. Hotz
- Re: [KAML] latest status Taylor, Dennis C. (GSFC-750.0)[INDUS CORPORATION]
- Re: [KAML] latest status Henry B. Hotz
- Re: [KAML] latest status Josh Howlett
- Re: [KAML] latest status Henry B. Hotz
- Re: [KAML] latest status Scott Cantor
- Re: [KAML] latest status Josh Howlett