IETF Logo Mail Archive

Re: [KAML] Re: Chicago bar-BOF summary

"Henry B. Hotz" <hotz@jpl.nasa.gov> Wed, 12 September 2007 18:15 UTC

Return-path: <kaml-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IVWkm-0008GI-Bw; Wed, 12 Sep 2007 14:15:56 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IVWkk-0008FW-QI for kaml@ietf.org; Wed, 12 Sep 2007 14:15:54 -0400
Received: from nmta.jpl.nasa.gov ([137.78.160.215] helo=nmta2.jpl.nasa.gov) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IVWkj-0006Dv-HC for kaml@ietf.org; Wed, 12 Sep 2007 14:15:54 -0400
Received: from xmta3.jpl.nasa.gov (xmta3.jpl.nasa.gov [137.78.160.111]) by nmta2.jpl.nasa.gov (Switch-3.2.6/Switch-3.2.6) with ESMTP id l8CIFnsZ027606; Wed, 12 Sep 2007 11:15:49 -0700
Received: from [137.78.61.96] (laphotz.jpl.nasa.gov [137.78.61.96]) by xmta3.jpl.nasa.gov (Switch-3.2.6/Switch-3.2.6) with ESMTP id l8CIFgQC029891; Wed, 12 Sep 2007 11:15:42 -0700
In-Reply-To: <46E79162.2010402@it.su.se>
References: <46DE5CC1.10204@it.su.se> <8158D751-0EE0-4D58-81DB-549C4A413B68@jpl.nasa.gov> <9B9324ACE4CA354EAF122E7D0E0673B64BDF23@NDMSEVS22.ndc.nasa.gov> <D80F0FFA-D9FF-48F1-B410-75078B40E8D7@jpl.nasa.gov> <46E1A274.1080600@anl.gov> <D208EBD0-1182-49C6-9A6F-B3210C4627E5@jpl.nasa.gov> <46E79162.2010402@it.su.se>
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <C5437591-6811-4087-9C89-D7959A6872D4@jpl.nasa.gov>
Content-Transfer-Encoding: 7bit
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
Subject: Re: [KAML] Re: Chicago bar-BOF summary
Date: Wed, 12 Sep 2007 11:15:40 -0700
To: Leif Johansson <leifj@it.su.se>
X-Mailer: Apple Mail (2.752.3)
X-Source-IP: laphotz.jpl.nasa.gov [137.78.61.96]
X-Source-Sender: hotz@jpl.nasa.gov
X-AUTH: Authorized
X-Spam-Score: -4.0 (----)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: "Taylor, Dennis C. (GSFC-720.0)[INDUS]" <Dennis.C.Taylor@nasa.gov>, kaml@ietf.org
X-BeenThere: kaml@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about SAML and Kerberos intersections <kaml.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/kaml>, <mailto:kaml-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/kaml>
List-Post: <mailto:kaml@ietf.org>
List-Help: <mailto:kaml-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/kaml>, <mailto:kaml-request@ietf.org?subject=subscribe>
Errors-To: kaml-bounces@ietf.org

Jeffrey Altman just posted a link on the krbdev list.  I guess it's  
no longer even nominally proprietary.

http://msdn.microsoft.com/library/en-us/dnkerb/html/MSDN_PAC.asp

On Sep 12, 2007, at 12:12 AM, Leif Johansson wrote:

>
>>
>> I would be happier with this solution if the PAC format were at least
>> an informational RFC.  The format is now well known and widely
>> implemented, but AFAIK the description document isn't available
>> without all the old warnings.  People have also found in practice  
>> that
>> the PAC scales to an unpleasant size in many real deployments.
>
> What we are trying to do here is probably a bit more general than  
> PAC which afaik contains information about group membership. By  
> comparison a SAML attribute assertion is far more portable, based  
> on published standards and equiped with more expressive power. In  
> addition SAML is a very short stretch for MSFT to implement at  
> least technically.
>
>     Cheers Leif

------------------------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu



_______________________________________________
KAML mailing list
KAML@ietf.org
https://www1.ietf.org/mailman/listinfo/kaml

v2.23.0 | Report a Bug | By Email