IETF Logo Mail Archive

Re: [Ietf-krb-wg] Review of draft-sorce-krbwg-general-pac-02

"Cantor, Scott E." <cantor.2@osu.edu> Tue, 05 July 2011 20:46 UTC

Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C63421F85CC for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Tue, 5 Jul 2011 13:46:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j5ILCOxyEbPy for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Tue, 5 Jul 2011 13:46:02 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfa.amsl.com (Postfix) with ESMTP id 2267421F891A for <krb-wg-archive@lists.ietf.org>; Tue, 5 Jul 2011 13:46:02 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id CD46E7C; Tue, 5 Jul 2011 15:46:01 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 817F488; Tue, 5 Jul 2011 15:46:01 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 1044B80E9C; Tue, 5 Jul 2011 15:46:01 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by lists.anl.gov (Postfix) with ESMTP id ECC3680E88 for <ietf-krb-wg@lists.anl.gov>; Tue, 5 Jul 2011 15:45:59 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id CD8AF7CC0B6; Tue, 5 Jul 2011 15:45:59 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19181-02; Tue, 5 Jul 2011 15:45:59 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id B1BB37CC09A for <ietf-krb-wg@lists.anl.gov>; Tue, 5 Jul 2011 15:45:59 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AsECADJ3E06AktiCe2dsb2JhbABTqAkUAQEWJgQhwyiIeoY2BKJs
X-IronPort-AV: E=Sophos;i="4.65,481,1304312400"; d="scan'208";a="62922049"
Received: from defang16.it.ohio-state.edu ([128.146.216.130]) by mailgateway.anl.gov with ESMTP; 05 Jul 2011 15:45:59 -0500
Received: from CIO-KRC-HT01.osuad.osu.edu (cio-krc-ht01.osuad.osu.edu [164.107.81.37]) by defang16.it.ohio-state.edu (8.13.7/8.13.1) with ESMTP id p65KjpVU014383; Tue, 5 Jul 2011 16:45:55 -0400
Received: from CIO-KRC-D1MBX01.osuad.osu.edu ([fe80::450b:35e6:80f4:f3e0]) by CIO-KRC-HT01.osuad.osu.edu ([fe80::6d8f:7dea:5691:1620%13]) with mapi; Tue, 5 Jul 2011 16:44:15 -0400
From: "Cantor, Scott E." <cantor.2@osu.edu>
To: Nico Williams <nico@cryptonector.com>
Thread-Topic: [Ietf-krb-wg] Review of draft-sorce-krbwg-general-pac-02
Thread-Index: AQHMMBDXxpNwazRfuUGGoPQt8s0XypTH7U4AgBacrYD//77ugA==
Date: Tue, 05 Jul 2011 20:45:49 +0000
Message-ID: <CA38EF96.F48D%cantor.2@osu.edu>
In-Reply-To: <CAK3OfOj7bP-+VYjX1f-YgpcPr0J8kEnJJG2tkzCbWTkMmFBtgw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-ID: <11bae177-200d-4ea0-a9c1-1a0d38607df7>
MIME-Version: 1.0
X-CanIt-Geo: ip=164.107.81.37; country=US; region=OH; city=Columbus; latitude=39.9968; longitude=-82.9882; metrocode=535; areacode=614; http://maps.google.com/maps?q=39.9968,-82.9882&z=6
X-CanItPRO-Stream: outbound
X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.146.216.130
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: "ietf-krb-wg@lists.anl.gov" <ietf-krb-wg@lists.anl.gov>
Subject: Re: [Ietf-krb-wg] Review of draft-sorce-krbwg-general-pac-02
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov

On 7/5/11 4:38 PM, "Nico Williams" <nico@cryptonector.com> wrote:
>>Perhaps somebody should simply define an ASN.1 encoding for SAML
>> assertions.
>
>Well, there's XER (XML encoding rules for ASN.1) and FastInfoSet,
>which is an application of PER (ASN.1 Packed Encoding Rules) to an
>ASN.1 module derived from an XML schema.  Thus it's possible to
>convert between ASN.1 and XML.
>
>The key issue is: does the necessary toolchain exist?  Probably not.
>I believe the right thing to do here is to use ASN.1 with DER, because
>we have tools for that (e.g., Heimdal's ASN.1 compiler).

Since you were responding to my comment, let me note that what I was
advocating was NOT an encoding of XML into ASN.1, but an encoding of an
existing assertion format into ASN.1, so that the semantics would be
consistent.

If the data is, well, just data, then there are no semantics other than
within the attribute data elements themselves (which in SAML is left to
the definition of those attributes).

-- Scott

_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg

v2.23.0 | Report a Bug | By Email