RE: review of draft-wierenga-ietf-sasl-saml-00
"Scott Cantor" <cantor.2@osu.edu> Wed, 26 May 2010 18:41 UTC
Return-Path: <cantor.2@osu.edu>
X-Original-To: kitten@core3.amsl.com
Delivered-To: kitten@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D5DCA3A692E for <kitten@core3.amsl.com>; Wed, 26 May 2010 11:41:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.5
X-Spam-Level:
X-Spam-Status: No, score=0.5 tagged_above=-999 required=5 tests=[AWL=0.499, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QcDHNpvo4Tf2 for <kitten@core3.amsl.com>; Wed, 26 May 2010 11:41:44 -0700 (PDT)
Received: from defang19.it.ohio-state.edu (defang19.it.ohio-state.edu [128.146.216.133]) by core3.amsl.com (Postfix) with ESMTP id EC7983A6915 for <kitten@ietf.org>; Wed, 26 May 2010 11:41:42 -0700 (PDT)
Received: from defang10.it.ohio-state.edu (defang10.it.ohio-state.edu [128.146.216.79]) by defang19.it.ohio-state.edu (8.13.7/8.13.1) with ESMTP id o4QIfVva030254; Wed, 26 May 2010 14:41:31 -0400
Received: from SNOWDOG (SNOWDOG.dyn.cio.osu.edu [164.107.161.86]) by defang10.it.ohio-state.edu (8.13.7/8.13.1) with ESMTP id o4QIfUTp004960; Wed, 26 May 2010 14:41:30 -0400
From: Scott Cantor <cantor.2@osu.edu>
To: 'Sam Hartman' <hartmans-ietf@mit.edu>
References: <tslzkzn67n5.fsf@mit.edu> <077001cafc4b$603f0510$20bd0f30$@osu.edu> <4BFD2ECE.5020600@cisco.com> <07e801cafce5$4cf7f7b0$e6e7e710$@osu.edu> <tslvdaa4izt.fsf@mit.edu>
In-Reply-To: <tslvdaa4izt.fsf@mit.edu>
Subject: RE: review of draft-wierenga-ietf-sasl-saml-00
Date: Wed, 26 May 2010 14:41:32 -0400
Organization: The Ohio State University
Message-ID: <082501cafd03$0fe0f250$2fa2d6f0$@osu.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQLRbl7pt5nj/GkkimyEmmW8RXcC0wEhdeLrAhdHfmYCs1lfWwFbRpYxkBzsvvA=
Content-Language: en-us
X-CanIt-Geo: ip=128.146.216.79; country=US; region=OH; city=Columbus; latitude=39.9968; longitude=-82.9882; metrocode=535; areacode=614; http://maps.google.com/maps?q=39.9968,-82.9882&z=6
X-CanItPRO-Stream: outbound
X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.146.216.133
Cc: kitten@ietf.org, moonshot-community@jiscmail.ac.uk, draft-wierenga-ietf-sasl-saml@tools.ietf.org
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2010 18:41:45 -0000
> Scott, I'm happy to work with you to figure out if channel binding > support is possible in your approach. I plan to take you up on it. To ease the process of comparing the approaches, I think it's easiest to produce a simple draft initially, which highlights some of the issues you mentioned, but leaves things as is for the same compatibility reasons that Klaas had. The result may be a merging of the proposals, or not. Related to this, for example, I'm in favor of supporting a way to tie the SAML assertion in the response to a key at the TLS layer (holder of key via client TLS, in other words). That's an addition to the SAML profile I'm basing this work on, which is why I'm not starting there, to simplify the compatibility story. I probably will go back to OASIS to get a HoK version of the ECP profile created, and then I can just reference it. I'm fairly far along since starting on this last night so I should have something soon. -- Scott
- review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Simon Josefsson
- RE: review of draft-wierenga-ietf-sasl-saml-00 Scott Cantor
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Klaas Wierenga
- Re: review of draft-wierenga-ietf-sasl-saml-00 Martin Rex
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- Re: review of draft-wierenga-ietf-sasl-saml-00 Simon Josefsson
- Re: review of draft-wierenga-ietf-sasl-saml-00 Sam Hartman
- Re: review of draft-wierenga-ietf-sasl-saml-00 Simon Josefsson