RE: review of draft-wierenga-ietf-sasl-saml-00
"Scott Cantor" <cantor.2@osu.edu> Wed, 26 May 2010 20:18 UTC
Return-Path: <cantor.2@osu.edu>
X-Original-To: kitten@core3.amsl.com
Delivered-To: kitten@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0955C3A69CC for <kitten@core3.amsl.com>; Wed, 26 May 2010 13:18:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.566
X-Spam-Level:
X-Spam-Status: No, score=-1.566 tagged_above=-999 required=5 tests=[AWL=1.033, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oyFgy99XIR9a for <kitten@core3.amsl.com>; Wed, 26 May 2010 13:17:59 -0700 (PDT)
Received: from defang19.it.ohio-state.edu (defang19.it.ohio-state.edu [128.146.216.133]) by core3.amsl.com (Postfix) with ESMTP id 7009D3A69E5 for <kitten@ietf.org>; Wed, 26 May 2010 13:17:44 -0700 (PDT)
Received: from defang6.it.ohio-state.edu (defang6.it.ohio-state.edu [128.146.216.86]) by defang19.it.ohio-state.edu (8.13.7/8.13.1) with ESMTP id o4QKHYfJ013122; Wed, 26 May 2010 16:17:34 -0400
Received: from SNOWDOG (SNOWDOG.dyn.cio.osu.edu [164.107.161.86]) by defang6.it.ohio-state.edu (8.13.7/8.13.1) with ESMTP id o4QKHW3P027717; Wed, 26 May 2010 16:17:33 -0400
From: Scott Cantor <cantor.2@osu.edu>
To: 'Simon Josefsson' <simon@josefsson.org>
References: <tslzkzn67n5.fsf@mit.edu> <077001cafc4b$603f0510$20bd0f30$@osu.edu> <4BFD2ECE.5020600@cisco.com> <07e801cafce5$4cf7f7b0$e6e7e710$@osu.edu> <tslvdaa4izt.fsf@mit.edu> <082501cafd03$0fe0f250$2fa2d6f0$@osu.edu> <87fx1eo2o5.fsf@mocca.josefsson.org>
In-Reply-To: <87fx1eo2o5.fsf@mocca.josefsson.org>
Subject: RE: review of draft-wierenga-ietf-sasl-saml-00
Date: Wed, 26 May 2010 16:17:34 -0400
Organization: The Ohio State University
Message-ID: <084601cafd10$7b6633c0$72329b40$@osu.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQLRbl7pt5nj/GkkimyEmmW8RXcC0wEhdeLrAhdHfmYCs1lfWwFbRpYxAjty4KIB2IJ2bY/8aGGQ
Content-Language: en-us
X-CanIt-Geo: ip=128.146.216.86; country=US; region=OH; city=Columbus; latitude=39.9968; longitude=-82.9882; metrocode=535; areacode=614; http://maps.google.com/maps?q=39.9968,-82.9882&z=6
X-CanItPRO-Stream: outbound
X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.146.216.133
Cc: kitten@ietf.org, moonshot-community@jiscmail.ac.uk, 'Sam Hartman' <hartmans-ietf@mit.edu>, draft-wierenga-ietf-sasl-saml@tools.ietf.org
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2010 20:18:20 -0000
> I would prefer if channel bindings is done in a GS2 compatible way, to > allow a SAML SASL mechanism to be usable as a GSS-API mechanism as well. > By using the GS2 prefix, you also get support for authorization > identities. > > If authors are interested here, I could help with the GS2 prefix part so > that it causes minimal confusion for non-GSS-API people and still allows > that variant. I made this suggestion for the OpenID SASL mechanism as > well. I'm completely open to any and all SASL/GSS-related suggestions and improvements. This is sort of a 5 year old work item for me that dates back to SAML 2's initial design work, which I intended to demonstrate as a fit for SASL and never got the time or the perceived interest to get done. I just want to get a proposal out that "fits" my original intention for how this would look, and then let the experts on the non-SAML parts whack it into shape once there's an understanding of the compatibility trade-offs. -- Scott
- review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Simon Josefsson
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Martin Rex
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- Re: review of draft-wierenga-ietf-sasl-saml-00 Simon Josefsson
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- Re: review of draft-wierenga-ietf-sasl-saml-00 Simon Josefsson