The IESG
2016-01-11 16:14:59 UTC
The IESG has approved the following document:
- 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and
Confirmation Methods for SAML'
(draft-ietf-abfab-aaa-saml-14.txt) as Proposed Standard
This document is the product of the Application Bridging for Federated
Access Beyond web Working Group.
The IESG contact persons are Stephen Farrell and Kathleen Moriarty.
A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/
Technical Summary:
The document describes the use of the Security Assertion Mark-up
Language (SAML) with RADIUS in the context of the ABFAB architecture.
It defines two RADIUS attributes, a SAML binding, a SAML name
identifier format, two SAML profiles, and two SAML confirmation
methods. The RADIUS attributes permit encapsulation of SAML
assertions and protocol messages within RADIUS, allowing SAML
entities to communicate using the binding. The two profiles describe
the application of this binding for ABFAB authentication and
assertion query/request, enabling a Relying Party to request
authentication of, or assertions for, users or machines (Clients).
These Clients may be named using a NAI name identifier format.
Finally, the subject confirmation methods allow requests and queries
to be issued for a previously authenticated user or machine without
needing to explicitly identify them as the subject. These artifacts
have been defined to permit application in AAA scenarios other than
ABFAB, such as network access.
Working Group Summary:
This document had a few false starts before it really got traction.
That has resulted in a rather lengthy process to get going. The challenge
was getting the right set of experts on RADIUS and SAML together, now
consensus is strong that this is the right approach.
Document Quality:
There is as far as I know 1 implementation of the protocol. At
this stage there are no indications for wide industry take-up.
Special mention deserves Scott Cantor (editor of the SAML2.0 spec
and member of OASIS SSTC) for doing a thorough review and guide
the authors on the SAML side.
Personnel:
Document Shepherd: Klaas Wierenga
Responsible Area Director: Stephen Farrell
RFC Editor Note
There was one, but it's included in -14, so now there isn't one:-)
- 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and
Confirmation Methods for SAML'
(draft-ietf-abfab-aaa-saml-14.txt) as Proposed Standard
This document is the product of the Application Bridging for Federated
Access Beyond web Working Group.
The IESG contact persons are Stephen Farrell and Kathleen Moriarty.
A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/
Technical Summary:
The document describes the use of the Security Assertion Mark-up
Language (SAML) with RADIUS in the context of the ABFAB architecture.
It defines two RADIUS attributes, a SAML binding, a SAML name
identifier format, two SAML profiles, and two SAML confirmation
methods. The RADIUS attributes permit encapsulation of SAML
assertions and protocol messages within RADIUS, allowing SAML
entities to communicate using the binding. The two profiles describe
the application of this binding for ABFAB authentication and
assertion query/request, enabling a Relying Party to request
authentication of, or assertions for, users or machines (Clients).
These Clients may be named using a NAI name identifier format.
Finally, the subject confirmation methods allow requests and queries
to be issued for a previously authenticated user or machine without
needing to explicitly identify them as the subject. These artifacts
have been defined to permit application in AAA scenarios other than
ABFAB, such as network access.
Working Group Summary:
This document had a few false starts before it really got traction.
That has resulted in a rather lengthy process to get going. The challenge
was getting the right set of experts on RADIUS and SAML together, now
consensus is strong that this is the right approach.
Document Quality:
There is as far as I know 1 implementation of the protocol. At
this stage there are no indications for wide industry take-up.
Special mention deserves Scott Cantor (editor of the SAML2.0 spec
and member of OASIS SSTC) for doing a thorough review and guide
the authors on the SAML side.
Personnel:
Document Shepherd: Klaas Wierenga
Responsible Area Director: Stephen Farrell
RFC Editor Note
There was one, but it's included in -14, so now there isn't one:-)