Re: [sasl] New Work Items - Kitten Recharter
Eliot Lear <lear@cisco.com> Mon, 09 August 2010 09:12 UTC
Return-Path: <lear@cisco.com>
X-Original-To: sasl@core3.amsl.com
Delivered-To: sasl@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4305A3A6AB7; Mon, 9 Aug 2010 02:12:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.398
X-Spam-Level:
X-Spam-Status: No, score=-110.398 tagged_above=-999 required=5 tests=[AWL=0.200, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dDpxojSNTvJk; Mon, 9 Aug 2010 02:12:15 -0700 (PDT)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 849E63A68C3; Mon, 9 Aug 2010 02:12:15 -0700 (PDT)
Authentication-Results: rtp-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EAD5jX0xAZnwN/2dsb2JhbACDFZ0vcac7iVKRD4RHcwSJOw
X-IronPort-AV: E=Sophos; i="4.55,341,1278288000"; d="scan'208,217"; a="145158696"
Received: from rtp-core-2.cisco.com ([64.102.124.13]) by rtp-iport-1.cisco.com with ESMTP; 09 Aug 2010 09:12:49 +0000
Received: from dhcp-10-61-97-133.cisco.com (dhcp-10-61-97-133.cisco.com [10.61.97.133]) by rtp-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id o799CmGa000905; Mon, 9 Aug 2010 09:12:48 GMT
Message-ID: <4C5FC699.8060902@cisco.com>
Date: Mon, 09 Aug 2010 11:12:57 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: Shawn Emery <shawn.emery@oracle.com>
References: <4C5CF47F.5040102@oracle.com>
In-Reply-To: <4C5CF47F.5040102@oracle.com>
X-Enigmail-Version: 1.1.1
Content-Type: multipart/alternative; boundary="------------070407040704040805060506"
Cc: "kitten@ietf.org" <kitten@ietf.org>, sasl@ietf.org
Subject: Re: [sasl] New Work Items - Kitten Recharter
X-BeenThere: sasl@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SASL Working Group <sasl.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sasl>
List-Post: <mailto:sasl@ietf.org>
List-Help: <mailto:sasl-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2010 09:12:17 -0000
> > We are looking for consensus on whether the Kitten WG should adopt the > following drafts as work items: > > draft-cantor-ietf-sasl-saml-ec > draft-mills-kitten-sasl-oauth > > You can respond to lists (kitten or SASL), but please indicate your > decision regardless if you are for or against the proposal. I support the inclusion of both drafts in our milestones. To answer Alexey's reaonable question, draft-wierenga-ietf-sasl-saml attempts to rely on existing infrastructure as much as possible, both on the client and on the IdP, while requiring some substantial changes to the RP. draft-cantor-ietf-sasl-saml-ec requires more substantial changes to the client, but keeps SAML within the application protocol. The implication of the design choices relate more to how actual authentication gets performed between the SASL client and the IdP. Existing IdPs make use of HTTP/HTML and unstructured exchanges for that authentication. In Scott's draft, that occurs in step (4). This requires the client to have substantially more capabilities than it might have today with either a fully functional web browser either built into the application or tied to the application via some form of IPC with sufficient semantic abilities to discern when to move through step 4 to step 5, but at the same time, provides for an overall simpler protocol flow than the document that Klaas and I have put forth. Discovery is also handled in Scott's draft. That is something that we should consider incorporating into the other. Eliot
- [sasl] New Work Items - Kitten Recharter Shawn Emery
- Re: [sasl] New Work Items - Kitten Recharter Klaas Wierenga
- Re: [sasl] New Work Items - Kitten Recharter Alexey Melnikov
- Re: [sasl] New Work Items - Kitten Recharter Eliot Lear
- Re: [sasl] New Work Items - Kitten Recharter Alexey Melnikov
- Re: [sasl] New Work Items - Kitten Recharter Scott Cantor
- Re: [sasl] New Work Items - Kitten Recharter Scott Cantor
- Re: [sasl] New Work Items - Kitten Recharter Hannes Tschofenig
- Re: [sasl] New Work Items - Kitten Recharter Jeffrey Hutzelman
- Re: [sasl] New Work Items - Kitten Recharter Alexey Melnikov