[secdir] Secdir review of draft-ietf-abfab-aaa-saml
"Paul Hoffman" <paul.hoffman@vpnc.org> Mon, 14 December 2015 03:57 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 307621A8712 for <secdir@ietfa.amsl.com>; Sun, 13 Dec 2015 19:57:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Level:
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UIGRDw1O5pyW for <secdir@ietfa.amsl.com>; Sun, 13 Dec 2015 19:57:23 -0800 (PST)
Received: from hoffman.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 836E61A86FD for <secdir@ietf.org>; Sun, 13 Dec 2015 19:57:23 -0800 (PST)
Received: from [10.32.60.44] (50-1-98-110.dsl.dynamic.fusionbroadband.com [50.1.98.110]) (authenticated bits=0) by hoffman.proper.com (8.15.2/8.14.9) with ESMTPSA id tBE3vKFd058136 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 13 Dec 2015 20:57:21 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 50-1-98-110.dsl.dynamic.fusionbroadband.com [50.1.98.110] claimed to be [10.32.60.44]
From: Paul Hoffman <paul.hoffman@vpnc.org>
To: secdir <secdir@ietf.org>
Date: Sun, 13 Dec 2015 19:57:20 -0800
Message-ID: <C7067E43-506A-414E-BD3E-85A4E7002857@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.3r5187)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/FCM3c6CyfJ1FpzEzVRD4S1gr160>
Cc: Josh.Howlett@ja.net, hartmans-ietf@mit.edu, alex@um.es
Subject: [secdir] Secdir review of draft-ietf-abfab-aaa-saml
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Dec 2015 03:57:24 -0000
Greetings. I'm the SecDir reviewer for draft-ietf-abfab-aaa-saml. I
apologize for the lateness of this review, particularly because I have
what might be a significant question on the draft.
The first two paragraphs of the Security Considerations section read:
In this specification, the Relying Party MUST trust any statement in
the SAML messages from the IdP in the same way that it trusts
information contained in RADIUS attributes. These entities MUST
trust the RADIUS infrastructure to provide integrity of the SAML
messages.
Furthermore, the Relying Party MUST apply policy and filter the
information based on what information the IdP is permitted to assert
and on what trust is reasonable to place in proxies between them.
These seem like pretty important considerations. I fully admit that I
might have missed it, but are they actually mentioned earlier in the
document? I would have expected them in the Introduction, or at least in
Section 7.
If those requirements are not listed early, shouldn't they be?
--Paul Hoffman
- [secdir] Secdir review of draft-ietf-abfab-aaa-sa… Paul Hoffman
- Re: [secdir] Secdir review of draft-ietf-abfab-aa… Alejandro Pérez Méndez
- Re: [secdir] Secdir review of draft-ietf-abfab-aa… Paul Hoffman