From nobody Tue Jan 5 06:44:28 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E185C1A8748 for ; Tue, 5 Jan 2016 06:44:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.79 X-Spam-Level: X-Spam-Status: No, score=0.79 tagged_above=-999 required=5 tests=[BAYES_50=0.8, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YNAndTCvAhP1 for ; Tue, 5 Jan 2016 06:44:26 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33B751A8745 for ; Tue, 5 Jan 2016 06:44:26 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 09F0E20895; Tue, 5 Jan 2016 09:44:24 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vn3Z7CIqOSnw; Tue, 5 Jan 2016 09:44:23 -0500 (EST) Received: from [10.113.143.111] (c-73-182-250-48.hsd1.ma.comcast.net [73.182.250.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: mark@mail.suchdamage.org) by mail.painless-security.com (Postfix) with ESMTPSA; Tue, 5 Jan 2016 09:44:23 -0500 (EST) To: Sam Hartman References: <56384E83.3050200@sunet.se> <56385DB5.5030804@painless-security.com> <56385FEF.2020404@sunet.se> <564F6008.7070507@painless-security.com> From: Mark Donnelly X-Enigmail-Draft-Status: N1110 Message-ID: <568BD6BF.10307@painless-security.com> Date: Tue, 5 Jan 2016 09:44:15 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Archived-At: Cc: abfab@ietf.org Subject: Re: [abfab] getting finished X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 14:44:28 -0000 On 11/20/2015 1:14 PM, Sam Hartman wrote: > Mark, do we want to try and put together a conference call with Rhys and > others interested for discussing error handling, say for early January? I would love to pick this up again. Sam, Rhys, would you be available for this Friday (January 8) at 14:00 GMT / 9:00 EST? Leif, I've never done one of these calls before. Will the IETF provide a telephone conference number? Am I responsible for that on my own? Should we just publish a Google Hangout for anyone to join? Thanks, --Mark From nobody Tue Jan 5 07:27:32 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 978C41A87C1 for ; Tue, 5 Jan 2016 07:27:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.91 X-Spam-Level: X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3LfOJOvPhcI4 for ; Tue, 5 Jan 2016 07:27:30 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9C6D1A87BF for ; Tue, 5 Jan 2016 07:27:30 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id CBAE5207BF for ; Tue, 5 Jan 2016 10:27:28 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JjaUwmoxKNK6; Tue, 5 Jan 2016 10:27:28 -0500 (EST) Received: from carter-zimmerman.suchdamage.org (c-98-217-125-224.hsd1.ma.comcast.net [98.217.125.224]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Tue, 5 Jan 2016 10:27:28 -0500 (EST) Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id BB411872E8; Tue, 5 Jan 2016 10:27:27 -0500 (EST) From: Sam Hartman To: Mark Donnelly References: <56384E83.3050200@sunet.se> <56385DB5.5030804@painless-security.com> <56385FEF.2020404@sunet.se> <564F6008.7070507@painless-security.com> <568BD6BF.10307@painless-security.com> Date: Tue, 05 Jan 2016 10:27:27 -0500 In-Reply-To: <568BD6BF.10307@painless-security.com> (Mark Donnelly's message of "Tue, 5 Jan 2016 09:44:15 -0500") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Archived-At: Cc: abfab@ietf.org Subject: Re: [abfab] getting finished X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 15:27:31 -0000 I'm available Friday. There is a procedure for getting the IETF to give us a webex, but if we're all happy with a hangout that'll be far easier. From nobody Tue Jan 5 11:39:37 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 085541A90A2; Tue, 5 Jan 2016 11:39:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nrpq47kNFfk1; Tue, 5 Jan 2016 11:39:34 -0800 (PST) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CECE1A1A47; Tue, 5 Jan 2016 11:39:31 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 50F0DBE9C; Tue, 5 Jan 2016 19:39:29 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gh_m5elgJ3ZT; Tue, 5 Jan 2016 19:39:28 +0000 (GMT) Received: from [10.87.48.91] (unknown [86.42.25.36]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 45503BE53; Tue, 5 Jan 2016 19:39:27 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1452022767; bh=Y1ZWvRTeu1sL6GlE+RrTQK5ALiSZRXa+g2HdRkC/mxQ=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=n5MdvJ9hwqOn7+tbtyYi66jBF5p6aGEaTEjXQlFDFShda3Z01RpSSvmPALOOqxbk8 A9MDZvIAoWF1JRFRq5VsCUJ86MtUqBwyszVtSb5E19SVzY57S5lzuyUnTVuCX4v7LB ddQiZhDvBCLXHJ3f3S56HSFJyd29NTjwl9pqlMFI= To: Alissa Cooper , The IESG References: <20160105183928.14669.69310.idtracker@ietfa.amsl.com> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <568C1BEE.5040606@cs.tcd.ie> Date: Tue, 5 Jan 2016 19:39:26 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <20160105183928.14669.69310.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Alissa Cooper's Discuss on draft-ietf-abfab-aaa-saml-13: (with DISCUSS and COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 19:39:37 -0000 Hiya, On 05/01/16 18:39, Alissa Cooper wrote: > Alissa Cooper has entered the following ballot position for > draft-ietf-abfab-aaa-saml-13: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Regarding Section 4.3.3, do we typically use IETF documents to > normatively extend OASIS specs? Wanted to check since we try to keep an > eye on this kind of thing when other SDOs extend/alter IETF specs. Yes, various folks involved in OASIS SAML work reviewed this. I think the last was Scott Cantor, who's secretary of the OASIS security services TC that does SAML. I think we're good on that and it's just using planned extensibility points. > > And relatedly, the document's intended status is listed in the header as > Standards Track but the shepherd write-up says: > > "Informational. It could be experimental as well, but since the > specification of various SAML constructs lies outside the realm of the > IETF and the definition of the 2 RADIUS attributes is not really > experimental, informational seems the right classification." > > So I'm wondering what is going on with that. My fault. The document was initially last called as Informational, but as a result of comments received folks wanted PS. I re-did the last call (no further comments received) but neglected to update the writeup. > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > The use of normative MAYs in Section 9 does not seem appropriate. The authors/shepherd can handle that:-) Cheers, S. > > From nobody Tue Jan 5 11:42:55 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59DCE1B2C2F for ; Tue, 5 Jan 2016 11:42:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.661 X-Spam-Level: X-Spam-Status: No, score=-1.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_SE=0.35, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RHCe6g1_iLTQ for ; Tue, 5 Jan 2016 11:42:50 -0800 (PST) Received: from e-mailfilter01.sunet.se (e-mailfilter01.sunet.se [IPv6:2001:6b0:8:2::201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 787E11A6F62 for ; Tue, 5 Jan 2016 11:42:50 -0800 (PST) Received: from smtp1.sunet.se (smtp1.sunet.se [192.36.171.214]) by e-mailfilter01.sunet.se (8.14.4/8.14.4/Debian-4) with ESMTP id u05JglE3026601 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 5 Jan 2016 20:42:47 +0100 Received: from kerio.sunet.se (kerio.sunet.se [192.36.171.210]) by smtp1.sunet.se (8.14.9/8.14.7) with ESMTP id u05Jgi7J024118 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 5 Jan 2016 20:42:46 +0100 (CET) VBR-Info: md=sunet.se; mc=all; mv=swamid.se DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sunet.se; s=default; t=1452022966; bh=IFzXUC0aMJVcUH5H6n5QmYTc1NMiKjzpXDpUWF8rwa0=; h=Subject:To:References:From:Date:In-Reply-To; b=It2GXVNwhUTJAl9ZUKSnr56UW2PgZVYKLxK25jDTlXHCnAtfVmeMr5M3bJaOVsyjO jII7dtQfx5jq59k5z85HC8bZcJhrZnChT2FnwV8ZVH69tvqdHLB06nU5SUVO4TFwAw 76qf+7BTJZjanMi1d+OdV7ntdjO2xfNZ6oAZaxII= X-Footer: c3VuZXQuc2U= Received: from [10.0.0.109] ([62.102.145.131]) (authenticated user leifj@sunet.se) by kerio.sunet.se (Kerio Connect 8.5.2) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128 bits)) for abfab@ietf.org; Tue, 5 Jan 2016 20:42:41 +0100 To: abfab@ietf.org References: <20160105183928.14669.69310.idtracker@ietfa.amsl.com> <568C1BEE.5040606@cs.tcd.ie> From: Leif Johansson Message-ID: <568C1CB1.9020204@sunet.se> Date: Tue, 5 Jan 2016 20:42:41 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <568C1BEE.5040606@cs.tcd.ie> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-CanIt-Geo: ip=192.36.171.210; country=SE; latitude=59.3294; longitude=18.0686; http://maps.google.com/maps?q=59.3294,18.0686&z=6 X-CanItPRO-Stream: outbound-sunet-se:outbound (inherits from outbound-sunet-se:default, sunet-se:default, base:default) X-Canit-Stats-ID: 09Q2jGLoU - 9c5e77e653b5 - 20160105 X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw Received-SPF: neutral (e-mailfilter01.sunet.se: 192.36.171.210 is neither permitted nor denied by domain leifj@sunet.se) receiver=e-mailfilter01.sunet.se; client-ip=192.36.171.210; envelope-from=; helo=smtp1.sunet.se; identity=mailfrom X-Scanned-By: CanIt (www . roaringpenguin . com) on 192.36.171.201 Archived-At: Subject: Re: [abfab] Alissa Cooper's Discuss on draft-ietf-abfab-aaa-saml-13: (with DISCUSS and COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 19:42:53 -0000 >> >> Regarding Section 4.3.3, do we typically use IETF documents to >> normatively extend OASIS specs? Wanted to check since we try to keep an >> eye on this kind of thing when other SDOs extend/alter IETF specs. > > Yes, various folks involved in OASIS SAML work reviewed this. > I think the last was Scott Cantor, who's secretary of the OASIS > security services TC that does SAML. I think we're good on that > and it's just using planned extensibility points. Scott was very clear that there is very little energy left in the SSTC so the chance to get stuff done over there was very slight. Hence we kept it all in the IETF. Also this is partly about Radius so at least those bits would have needed to stay as RFCs anyway. Cheers Leif From nobody Tue Jan 5 11:44:32 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F84A1B2C3A for ; Tue, 5 Jan 2016 11:44:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.661 X-Spam-Level: X-Spam-Status: No, score=-1.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_SE=0.35, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YLvFj8McEUGB for ; Tue, 5 Jan 2016 11:44:29 -0800 (PST) Received: from e-mailfilter01.sunet.se (e-mailfilter01.sunet.se [IPv6:2001:6b0:8:2::201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AAFD1B2C2F for ; Tue, 5 Jan 2016 11:44:29 -0800 (PST) Received: from smtp1.sunet.se (smtp1.sunet.se [192.36.171.214]) by e-mailfilter01.sunet.se (8.14.4/8.14.4/Debian-4) with ESMTP id u05JiRDF026951 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 5 Jan 2016 20:44:27 +0100 Received: from kerio.sunet.se (kerio.sunet.se [192.36.171.210]) by smtp1.sunet.se (8.14.9/8.14.7) with ESMTP id u05JiOfP000569 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 5 Jan 2016 20:44:26 +0100 (CET) VBR-Info: md=sunet.se; mc=all; mv=swamid.se DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sunet.se; s=default; t=1452023066; bh=kWYFLnSnkKThqQRj2Z+3RDOuxD5NN1F1LJBnoqD84hQ=; h=Subject:To:References:From:Date:In-Reply-To; b=yOMtREUqTGZ9lPdLOkvPb0/KBPpx+YmVwkbbFEdRZOF5Dr92Yv5ysTXnzmxC/3dxw pYDYZjf9a0RFRqoxCjn5/RqF2I2gI0r4IDNW0s0X8HkHJRu3w2kFWPbdZbTlLK9eas qZKQ3pQ0aLkQg09UWbN0BYW48eX1ud/Y6DrJU0gY= X-Footer: c3VuZXQuc2U= Received: from [10.0.0.109] ([62.102.145.131]) (authenticated user leifj@sunet.se) by kerio.sunet.se (Kerio Connect 8.5.2) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128 bits)) for abfab@ietf.org; Tue, 5 Jan 2016 20:44:22 +0100 To: abfab@ietf.org References: <56384E83.3050200@sunet.se> <56385DB5.5030804@painless-security.com> <56385FEF.2020404@sunet.se> <564F6008.7070507@painless-security.com> <568BD6BF.10307@painless-security.com> From: Leif Johansson Message-ID: <568C1D16.5060104@sunet.se> Date: Tue, 5 Jan 2016 20:44:22 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <568BD6BF.10307@painless-security.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-CanIt-Geo: ip=192.36.171.210; country=SE; latitude=59.3294; longitude=18.0686; http://maps.google.com/maps?q=59.3294,18.0686&z=6 X-CanItPRO-Stream: outbound-sunet-se:outbound (inherits from outbound-sunet-se:default, sunet-se:default, base:default) X-Canit-Stats-ID: 09Q2jIrpM - 8fce82a699c2 - 20160105 X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw Received-SPF: neutral (e-mailfilter01.sunet.se: 192.36.171.210 is neither permitted nor denied by domain leifj@sunet.se) receiver=e-mailfilter01.sunet.se; client-ip=192.36.171.210; envelope-from=; helo=smtp1.sunet.se; identity=mailfrom X-Scanned-By: CanIt (www . roaringpenguin . com) on 192.36.171.201 Archived-At: Subject: Re: [abfab] getting finished X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 19:44:30 -0000 On 2016-01-05 15:44, Mark Donnelly wrote: > On 11/20/2015 1:14 PM, Sam Hartman wrote: >> Mark, do we want to try and put together a conference call with Rhys and >> others interested for discussing error handling, say for early January? > > I would love to pick this up again. Sam, Rhys, would you be available > for this Friday (January 8) at 14:00 GMT / 9:00 EST? > > Leif, I've never done one of these calls before. Will the IETF provide > a telephone conference number? Am I responsible for that on my own? > Should we just publish a Google Hangout for anyone to join? > > Thanks, > --Mark > > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab > I'm not available on Friday but just do the call on hangout or skype or whatever and progress this pls :-) Cheers Leif From nobody Tue Jan 5 14:20:08 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 015F01AC3CA; Tue, 5 Jan 2016 14:20:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.002 X-Spam-Level: X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CUXF29_cqt06; Tue, 5 Jan 2016 14:20:04 -0800 (PST) Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0115.outbound.protection.outlook.com [207.46.100.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9247D1AC3CC; Tue, 5 Jan 2016 14:20:04 -0800 (PST) Received: from BL2FFO11OLC007.protection.gbl (10.173.160.31) by BL2FFO11HUB018.protection.gbl (10.173.160.110) with Microsoft SMTP Server (TLS) id 15.1.355.15; Tue, 5 Jan 2016 22:20:02 +0000 Authentication-Results: spf=pass (sender IP is 164.107.81.222) smtp.mailfrom=osu.edu; cooperw.in; dkim=none (message not signed) header.d=none;cooperw.in; dmarc=bestguesspass action=none header.from=osu.edu; Received-SPF: Pass (protection.outlook.com: domain of osu.edu designates 164.107.81.222 as permitted sender) receiver=protection.outlook.com; client-ip=164.107.81.222; helo=cio-tnc-pf08.osuad.osu.edu; Received: from cio-tnc-pf08.osuad.osu.edu (164.107.81.222) by BL2FFO11OLC007.mail.protection.outlook.com (10.173.160.142) with Microsoft SMTP Server (TLS) id 15.1.355.15 via Frontend Transport; Tue, 5 Jan 2016 22:20:02 +0000 Received: from CIO-KRC-HT02.osuad.osu.edu (localhost [127.0.0.1]) (using TLSv1.2 with cipher AES256-SHA256 (256/256 bits)) (No client certificate requested) by cio-tnc-pf08.osuad.osu.edu (Postfix) with ESMTPS id 7B4512E0081; Tue, 5 Jan 2016 17:20:01 -0500 (EST) Received: from CIO-TNC-D2MBX02.osuad.osu.edu ([fe80::3960:dd86:ba2:ad26]) by CIO-KRC-HT02.osuad.osu.edu ([fe80::8554:1787:2a7:72c9%12]) with mapi id 14.03.0248.002; Tue, 5 Jan 2016 17:20:00 -0500 From: "Cantor, Scott" To: Stephen Farrell , Alissa Cooper , The IESG Thread-Topic: [abfab] Alissa Cooper's Discuss on draft-ietf-abfab-aaa-saml-13: (with DISCUSS and COMMENT) Thread-Index: AQHRR/DSbSMbZ4f0RkyQsMrR0hLJ0p7tflBw Date: Tue, 5 Jan 2016 22:19:59 +0000 Message-ID: <9846A6064BD102419D06814DD0D78DE1127EC78C@CIO-TNC-D2MBX02.osuad.osu.edu> References: <20160105183928.14669.69310.idtracker@ietfa.amsl.com> <568C1BEE.5040606@cs.tcd.ie> In-Reply-To: <568C1BEE.5040606@cs.tcd.ie> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [140.254.59.244] x-header-sapphire: true Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-EOPAttributedMessage: 0 X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11OLC007; 1:VOs9FR5+ptZDp6pMABmemZt32ZVxg58tilNf2d7667yB4spmr5TKQZyDLWNIjflFAyYrXIMh6eBbCkCzu1IRYZPK9/yk79lSxkE6V5QVP2qXN7oZ++pAd1eErBEbQbcf7xHHY4TzE25kdgbuB+KMndWTkKRc7lJ6SGbW0ini0sglANf0es4p9r8OwBAv9mo/ViRDU5KDkNK8E2yvazSmBcZhtTtW4JSW2BmYiLNU5Tk9WSF49oEO8nJeBC6fsgED/HVLIC3bzKcyA9c/6+Puomq/hU+9gzJAmvIJVF19uegEyTXSnbyxm2lpCpytKr62fSHjQ4myQA4ZxjpZ26nRoa/zf5h2PLSQMl47jJU3NRQYcqSremi+aY9cAZzbdH+EsE+2AcsGPeDyZHXPigdG0J3XNxaejG+71RPOatGpgN8= X-Forefront-Antispam-Report: CIP:164.107.81.222; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(2980300002)(438002)(199003)(189002)(97756001)(46406003)(50466002)(109096001)(92566002)(189998001)(86362001)(87936001)(88552001)(2950100001)(2900100001)(2920100001)(5250100002)(47776003)(5001770100001)(54356999)(50986999)(76176999)(66066001)(89122001)(75432002)(1220700001)(6116002)(106466001)(102836003)(1096002)(586003)(11100500001)(106116001)(230783001)(55846006)(3846002)(90282001)(5003600100002)(6806005)(33656002)(4326007)(5008740100001)(23726003)(93346002)(5004730100002); DIR:OUT; SFP:1102; SCL:1; SRVR:BL2FFO11HUB018; H:cio-tnc-pf08.osuad.osu.edu; FPR:; SPF:Pass; PTR:cio-tnc-pf08.osuad.osu.edu; A:1; MX:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11HUB018; 2:OawupGLkHyst8NjB/RDc65QQss2S6B1R+ZXm/GX3U7dggVHS3pSDynaog0tIIWYAFN0C1iBM9BA2V5GQ9T5BioMTVSlxuGBwoG3Gj0Uq8lmQwiMf2jAY6HDXLLLXZ3hOiDQ1wt+t5sJPYnYHBgHjaw==; 3:osQRwjXChq9G7Vsialw2TMZr2lRzOx298yVe+Q5ZLiBMjYw0JWsSiW0s4GtvnjD4WGQL3y/MXUrvRTQ4xWecYUYnnJ9sQkNIF7NzUmrr5Xz+pNEu66P7ToJkva4w8kwGDhlBC6KUB+rePbiOBFdymKI4JS4qs9Uimivj7Fq19Loijkxu4JExtyh9J2+S4jZp57WP7o03SDs9b2CHHfKjajuTbWZtLjfrarS0uNvpIyYoV5WNpBLzkdrHIxeoZjqynLuUGSqvwPGm3DtnMcdUOg==; 25:FaZ95l8WN3UjGT1WNIuVncdfS8mGAp2k9TJZ5G1yoLHw/SwMXPJQOsXGFWEJFvlWU9+LrNwmI8Fq0m2rE7vwd+4LLP1XRgV/BEz3VBxnnsA//jSbmq8gfLb1lgpuLLZJqHJEW4I2MHZUV6ieAJ6mvCugR9/eyTFVr83Sb9xGGUHKztc+A/iXH5fojHPz8SQLRas7MLzMVW0MdnzXUgYYuUSUbv/5In35wd6mUFdWGFGF/ZIH8lZ0TCeXmYNJ/u9ylZ+7Gk9LEn8jmldbL16NJQ== X-Exchange-Antispam-Report-Test: UriScan:; BCL:0; PCL:0; RULEID:(8251501002); SRVR:BL2FFO11HUB018; UriScan:; X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11HUB018; 20:cZnrNdnxKwOiNCxEL0llyM7k/VnDZ9CWBNpifzEXrwbuZHSS3k/xZbgF4wz224tpvsMOzH+V6GQxaUeJZYuD9g3H3C8vGkEzi/dxktWx4atwAvENAex3oA1wqfb8tvSwvow51T4Ie73qklRzTrH7QoCL1EOpMORJqsjSFMGLt2VgCjlA4FYnNnVg0RRRmkVUWFOVAVM8dRuBTJaKJYHoezpiqqxmlE75ledKbIeoLQFbn/y6kbIb8ejqkOFi+SsgSmzYw9vRLkTXv7UC0eX5myxv1gnUkJ/NAOQY7p4S/phWUymNYGx2HLSITwgQZdjrNfAUmWPx9JzuBqM0bWNAJGlEUizN4vcjgA3mQjFZl6d8dD+s1KD9h217Q+ryS8b3pkmpbDD3ZPXExerU7mBdvlV/jf/waYWH4BpNvU+wlf1ItB/d8B6nSWa9SOEQSVEUFOqwmr5PYi4b3b2KhbXDvz7y5sz+v5M3/2QpAQWC694QU+nTwknxMUNkJV2bNJXY; 4:K54uhG40E/fZTo3qDgKbjnT1CEKQZ6F4TYj3+UsqzRBk889/r7TQ4uaiTO10J49lm8f1DU0BuLIeS24sr8043xp54wqWMEMJIgTzZIZJcsM7Rb41nyHFd+E1jjpZzaZ8+gzjjZ74CA84bbGrjY66BKh7tPUACRrpJe6hvZAhCTrgS1rEaMH+Zlp/BdQPHQsSFiSdaRjt8NlK6v0paNhM5JxosU8Zats+3+tzVjcXFusjN2kIt+SZXIMv3774SA2LZ8N8PHlAx37JHVTeVhmIXiMuz/FNr9SWEQXlZ3g2RzYOKZDltHAOG5Opfhoh7Zogfu06pTQCPP84GOcUeOP70Z8XxrxFPkb8dZruHqOdwC9BiLyQfY53ZU7Sgx1JAWPQ X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(520078)(3002001)(10201501046); SRVR:BL2FFO11HUB018; BCL:0; PCL:0; RULEID:; SRVR:BL2FFO11HUB018; X-Forefront-PRVS: 0812095267 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL2FFO11HUB018; 23:g6LnT/XpGjNVlKuGANkdYfNL+g+OXuhmjXkyMVee?= =?us-ascii?Q?/awH0dXG38BMa6Dh6lRb7A+800DE61HRNhVbIlr3pO6vxg9+sZfk9hbSAJk3?= =?us-ascii?Q?csb+Utx3MBFMCwa/UUKqGpuwhxwEO2KiEaBMkAPNM632R69kZmsydW/C/6rL?= =?us-ascii?Q?JMHGjdSFVNY9hBbxqboSyEQf75Amayy+jjKs8Bo+82nJI9LXiH2LSuEObPI5?= =?us-ascii?Q?7yDIcUUYJtKY4BZVkQRGZmn5HtkyTZ+a8VoYnYdaYL6krOvQLx4HgCUTe1GF?= =?us-ascii?Q?TyuyM2Ubiwjz/RynjV05mb1QEiUxl8i/dXPMp844OmRThfvjI8l77t9ma+Be?= =?us-ascii?Q?JqyERcPETZ/exX/oubxEs9IW1s4QyJrSOFpgakMlKjSdJPb1ArodQMoZAaDY?= =?us-ascii?Q?spcDvCzpYSN8MaNRM+SCl6mlfcj1438TBCtGqLlBwrNdnZvl2yIznYPmDmLs?= =?us-ascii?Q?Rgc3vs1thJvJifr7f4QF3Ikrdwi264D8bYhA7rwhyXHyfkyUdX8sryrxOYef?= =?us-ascii?Q?PscfkM6vc7UWafet7893YKR7nnajwCNRGNDwzg/2HNsXH+HPR9zT1SD3uYfU?= =?us-ascii?Q?/sY4XpVrZQei91VwRGN55fQUZvZrl+i1v9f16aMSh4ll38p99oDIU+SPoskw?= =?us-ascii?Q?0+xMkQWDzd/iw3WYUXO/GlWGsceHS/sgBVXhlNontDXDiL6wvGW6X22GmVT/?= =?us-ascii?Q?Fkseoy47J0ZkpD15rbcRm9Dxuq+7hBmWMvmyfDzpzrn1JmQ/ozZT1joKIjn5?= =?us-ascii?Q?Q5scv3IJsvFrZSacv8UcVyz/N9VQrN7jbMoSPNAAyiNSDaSS5NDBstPPu43n?= =?us-ascii?Q?VBqDRTFRnymJrTitrPDGxkTXmmoxY1n8mEqbk9Mem0qinWrTZiY2AO7m3Nzo?= =?us-ascii?Q?YkD5keS/2u7a4ypXer+LuiiA32yUS6a8+MJP5xRMEYJTjRgbt5FAnOYv9k+2?= =?us-ascii?Q?a+xq2oZRO/zLv9XBR6nnyMYwY+QiE8qa5LTU0w6lPdtrOI6PBOXQnRz6avAJ?= =?us-ascii?Q?r00yW4RbQbNzWh1emWTaoRJ4GVj+74mqc2j+kKplWRmw1VM9NoMOkcEJr89K?= =?us-ascii?Q?++qqFrCMIKGwyG3EXXWlwyfQ+0JHyBRzs/X4Jx9i1a5YuW2NRRCVMmejO/6Q?= =?us-ascii?Q?d8LSVzDIC1ayLhtuUWN9wn1tiHQCRCoqepVLkqrXeMB8p96TYTKhRVG00/bb?= =?us-ascii?Q?79iY7meadinm3NY=3D?= X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11HUB018; 5:UFaTlgjL6/acmKcEGIn8SxVuwzvP60QjDTgJtXTwqaMAn10hFff33O89kllBkW+EE9dpiFt+L+QcgJruvSVfTDMA070Lk9Vt/kh5RT8DJFKlmXybpQeGR0I1uwLiNqQFeWuhxbF1c3R+BAZ9EG8lvg==; 24:KsSKVz5DtJZ3DUC3gjUg2X2ODdbB8MtXpqfSSoaXtLa9QhkaWaJk6Ke4xf2R7yV++Zu9dOHuk/i5xwXxWP6QkxAru+AP1MuwjB7JTa9iLiY= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: osu.edu X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jan 2016 22:20:02.4929 (UTC) X-MS-Exchange-CrossTenant-Id: b4d138ca-1815-4a9b-a3a7-130a33b1e692 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=b4d138ca-1815-4a9b-a3a7-130a33b1e692; Ip=[164.107.81.222]; Helo=[cio-tnc-pf08.osuad.osu.edu] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2FFO11HUB018 Archived-At: Cc: "abfab@ietf.org" , "abfab-chairs@ietf.org" , "draft-ietf-abfab-aaa-saml@ietf.org" Subject: Re: [abfab] Alissa Cooper's Discuss on draft-ietf-abfab-aaa-saml-13: (with DISCUSS and COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 22:20:07 -0000 > Yes, various folks involved in OASIS SAML work reviewed this. > I think the last was Scott Cantor, who's secretary of the OASIS security > services TC that does SAML. I think we're good on that and it's just usin= g > planned extensibility points. Not disputing your point, but for the record I'm not Secretary, just a TC m= ember, and yes, I advised that if you wanted the work done, you'd have to d= o it, not rely on the SSTC to do it. -- Scott From nobody Tue Jan 5 14:24:27 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38DEA1AC3D6; Tue, 5 Jan 2016 14:24:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BC2Uj3p-6s1m; Tue, 5 Jan 2016 14:24:24 -0800 (PST) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 148AE1AC3CC; Tue, 5 Jan 2016 14:24:24 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 59895BEA0; Tue, 5 Jan 2016 22:24:22 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nHnN3NHeKU9N; Tue, 5 Jan 2016 22:24:21 +0000 (GMT) Received: from [10.87.48.91] (unknown [86.42.25.36]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id B61D1BE9C; Tue, 5 Jan 2016 22:24:20 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1452032661; bh=kkMx6cXfRQJmcnD91jssvlJB3q2NyRsl13nZyP4Rx+U=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=gLK3WwCbr38eM+9LaI2H4tuwZYauiNnIoMynsNN3W8fmnIFozD2ay6CwhBittvpCo cH3RfIEOO4IJrT5oTi4OiWS/qVnQDked4IgBjiTgbm5WmoG1A0eWUvGQEI3BGREk54 0nLbQXZ351rp4xyD47DyUquk4uAQevpZPioGj2TI= To: "Cantor, Scott" , Alissa Cooper , The IESG References: <20160105183928.14669.69310.idtracker@ietfa.amsl.com> <568C1BEE.5040606@cs.tcd.ie> <9846A6064BD102419D06814DD0D78DE1127EC78C@CIO-TNC-D2MBX02.osuad.osu.edu> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <568C4293.7050103@cs.tcd.ie> Date: Tue, 5 Jan 2016 22:24:19 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <9846A6064BD102419D06814DD0D78DE1127EC78C@CIO-TNC-D2MBX02.osuad.osu.edu> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Cc: "abfab@ietf.org" , "abfab-chairs@ietf.org" , "draft-ietf-abfab-aaa-saml@ietf.org" Subject: Re: [abfab] Alissa Cooper's Discuss on draft-ietf-abfab-aaa-saml-13: (with DISCUSS and COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jan 2016 22:24:26 -0000 On 05/01/16 22:19, Cantor, Scott wrote: >> Yes, various folks involved in OASIS SAML work reviewed this. I >> think the last was Scott Cantor, who's secretary of the OASIS >> security services TC that does SAML. I think we're good on that and >> it's just using planned extensibility points. > > Not disputing your point, but for the record I'm not Secretary, just > a TC member, and yes, I advised that if you wanted the work done, > you'd have to do it, not rely on the SSTC to do it. Ah sorry. I just went by [1]. Main point is you know what's what:-) Cheers, S. [1] https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security > > -- Scott > From nobody Wed Jan 6 02:33:05 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98E6E1ACE58 for ; Wed, 6 Jan 2016 02:33:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.801 X-Spam-Level: X-Spam-Status: No, score=-2.801 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aWH1FcjMWuXD for ; Wed, 6 Jan 2016 02:33:01 -0800 (PST) Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [146.101.78.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10C1B1ACE5F for ; Wed, 6 Jan 2016 02:33:00 -0800 (PST) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01lp0181.outbound.protection.outlook.com [213.199.154.181]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-11-aabMJ33eTRqlNd7MrAuN6w-1; Wed, 06 Jan 2016 10:32:48 +0000 X-MC-Unique: aabMJ33eTRqlNd7MrAuN6w-1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=bpQsz7veCF/jNOlWTO7wyOED5PAVjcjPR5+wNbZ7erk=; b=VPVIckjISMSyD5ZJiKvqbhWink6KrViQ7tdJDKhR+GkGeKWy9egEqtK1h5+hbEu+tBvhFieAtwLPg88jB7PMbAcuienKu711pWlxOCRav4AEZrAoBg9ZX/bpEKVf0WqArX+kOgSRsoSCev9k/G7YPqPFezjBd0XwGVZwbUuFHgY= Received: from HE1PR07MB0811.eurprd07.prod.outlook.com (10.162.24.15) by HE1PR07MB0810.eurprd07.prod.outlook.com (10.162.24.149) with Microsoft SMTP Server (TLS) id 15.1.361.13; Wed, 6 Jan 2016 10:32:45 +0000 Received: from HE1PR07MB0811.eurprd07.prod.outlook.com ([10.162.24.15]) by HE1PR07MB0811.eurprd07.prod.outlook.com ([10.162.24.15]) with mapi id 15.01.0361.006; Wed, 6 Jan 2016 10:32:45 +0000 From: Rhys Smith To: Mark Donnelly Thread-Topic: [abfab] getting finished Thread-Index: AQHRFf2e5quo2aXSQ029hbI6Ll+YSJ6J4TyAgAACp4CAG2spAIAAA6bkgEgQa4CAAUwOgA== Date: Wed, 6 Jan 2016 10:32:45 +0000 Message-ID: References: <56384E83.3050200@sunet.se> <56385DB5.5030804@painless-security.com> <56385FEF.2020404@sunet.se> <564F6008.7070507@painless-security.com> <568BD6BF.10307@painless-security.com> In-Reply-To: <568BD6BF.10307@painless-security.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-mailer: Apple Mail (2.3112) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rhys.Smith@jisc.ac.uk; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [81.136.207.22] x-microsoft-exchange-diagnostics: 1; HE1PR07MB0810; 5:mCKYqlHU8Vv3erZddss2jf1y78G6i/nsZJhbLZGscvN9mk/zhKbqgQf6HTOXfmQD14LM0AAdZJY5afWBzn2zxTELYDnAyhfsiiF2aUxhgyzg1sAjROO6GCdTnFijmI4jg3iIBLhRXvMqOrAFacPCOA==; 24:Crgdh6pbudU+IUSKOWmdH12vD9/Ur5gbb+FslNhMEYc+ZJVYUBFNKHJ3Z1e5W49EBPrNzZgLywkRWntBsjRdaDiZSBI1mPzjMNXSOuiv9n4=; 20:DuSAM7fhHPmKigo5DDs2iKouAzvrxLCsmxNceR6c7XALkIsH3dSYowBW+fHlTZ0Sj2wBT1ePZ0y6pCKHfhOhL+8KdLqFaVzXi8W+wQgXNNE495Vz/qP9yQby1VZfL3wuFFOiECP/Hl94SgiMc1n9M+ki8CtdKNoHi0P2xsHyTgI= x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:HE1PR07MB0810; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(274715658323672); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102615240)(601004)(2401047)(8121501046)(5005006)(520078)(3002001)(10201501046); SRVR:HE1PR07MB0810; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB0810; x-forefront-prvs: 0813C68E65 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(199003)(46034005)(24454002)(189002)(479174004)(61684002)(377454003)(76176999)(6116002)(102836003)(4326007)(586003)(1220700001)(1096002)(19580395003)(3846002)(110136002)(81156007)(5001960100002)(189998001)(97736004)(5002640100001)(50226001)(5008740100001)(66066001)(19580405001)(50986999)(93886004)(99936001)(33656002)(101416001)(5004730100002)(2950100001)(40100003)(122556002)(2900100001)(77096005)(92566002)(86362001)(11100500001)(57306001)(36756003)(74482002)(106116001)(87936001)(83716003)(106356001)(105586002)(82746002)(10400500002)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB0810; H:HE1PR07MB0811.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: jisc.ac.uk does not designate permitted sender hosts) spamdiagnosticoutput: 1:23 spamdiagnosticmetadata: NSPM Content-Type: multipart/signed; boundary="Apple-Mail=_F696D564-1CF8-4BE0-A15B-4C52DCA8A59B"; protocol="application/pkcs7-signature"; micalg=sha1 MIME-Version: 1.0 X-OriginatorOrg: jisc.ac.uk X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2016 10:32:45.6009 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205 X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB0810 Archived-At: Cc: "abfab@ietf.org" Subject: Re: [abfab] getting finished X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jan 2016 10:33:04 -0000 --Apple-Mail=_F696D564-1CF8-4BE0-A15B-4C52DCA8A59B Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 On 5 Jan 2016, at 14:44, Mark Donnelly = wrote: >=20 > On 11/20/2015 1:14 PM, Sam Hartman wrote: >> Mark, do we want to try and put together a conference call with Rhys = and >> others interested for discussing error handling, say for early = January? >=20 > I would love to pick this up again. Sam, Rhys, would you be available > for this Friday (January 8) at 14:00 GMT / 9:00 EST? >=20 > Leif, I've never done one of these calls before. Will the IETF = provide > a telephone conference number? Am I responsible for that on my own? > Should we just publish a Google Hangout for anyone to join? Hi Mark, Not really available friday I=92m afraid. I=92m out of office mon-wed = next week. So first day I could do is thursday 14th, any time. Any times = that day good for you and Sam? Happy to do google hangout, or we can just use the Jisc phone bridge = thing, whatever is easiest for you both. Rhys. -- Dr Rhys Smith Chief Technical Architect, Trust & Identity Jisc T: +44 (0) 1235 822145 M: +44 (0) 7968 087821 Skype: rhys-smith GPG: 0x4638C985 Lumen House, Library Avenue, Harwell Oxford, Didcot, OX11 0SG jisc.ac.uk Jisc is a registered charity (number 1149740) and a company limited by = guarantee which is registered in England under Company No. 5747339, VAT = No. GB 197 0632 86. Jisc=92s registered office is: One Castlepark, Tower = Hill, Bristol, BS2 0JA. T 0203 697 5800.= --Apple-Mail=_F696D564-1CF8-4BE0-A15B-4C52DCA8A59B Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIILojCCBZ8w ggSHoAMCAQICFDdbittYXdJlQ+xDC4cAUwx+EP2eMA0GCSqGSIb3DQEBCwUAMH8xCzAJBgNVBAYT AkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRp b24gQXV0aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9y aXR5MB4XDTE0MDUzMDE4MTU0OVoXDTIxMDMxNzE4MzMzM1owaDELMAkGA1UEBhMCTkwxIDAeBgNV BAoTF1F1b1ZhZGlzIFRydXN0bGluayBCLlYuMTcwNQYDVQQDEy5RdW9WYWRpcyBFVSBJc3N1aW5n IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAlBRBbnMy0pZB34/kk8jnEovgphznCp1JvoZ1DDG/OaCusN1fgkglNJp/Evw+h59cobd/md2B Bc3d95yvERP9LEgWYIFxzkm4eqU7TARr926V06gX8T5+4EAusMApvT4rbcbQYaEpcC1HgKmEJd96 N3WHtXZdYmkW7y4bd1tJanTMdyudKmUwZKzlkCSNKzU0mV+AP1+DJzCtKiTzM4nBTPFjMrl73/AU f1m9hw7rblA226EEtyjMtfeEfN7zkuXqtXcVbWiQUjEdan8mBLz9miHPTjL0FvggDk/Oa94d6yEX 9pbVyjfjrRFbWzIOgeFo5yHUf0qA0TXdgHHGMjHt6aEX2fuAEWkvaEQ4Qi7l/2GvtH+S74ziOtEq 2JUtamrF434yYVXzYJLgmYtBXqg/WSazpyExXhNEsGsq6jAbqb4rQbNK7Vg4xux+JvaLPx/qPqpT QCHB3PAw9N1TSJ9XKLP8kyN5IME9A5ss9/8UIlLIHS76nZWQZ3GMcAKFr3C4ixaVrRVg55Vuqs3W 1GIxyGgyfjMgD1nclYXG831DZAMOdwE0zV4k8c0HrE4yGdOlN6nrEtCrtpguuyLYIs6JbHVcGkby 8NhOatTor2O5dP32FxeW3fVyjxeXmcBejHys/O+TMNY0EK7AfqALC6uKfpNaVd6OlKso3UiK+run T3UCAwEAAaOCASgwggEkMBIGA1UdEwEB/wQIMAYBAf8CAQAwEQYDVR0gBAowCDAGBgRVHSAAMHEG CCsGAQUFBwEBBGUwYzAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t MDUGCCsGAQUFBzAChilodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhLmNydDAO BgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUi0tt7dMpuQYZ7Dk5qfCXhGrL798wOAYDVR0fBDEw LzAtoCugKYYnaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EuY3JsMB0GA1UdDgQW BBRCqOm7Hqee0exyCLFux9EparVQwDANBgkqhkiG9w0BAQsFAAOCAQEAZajTI1M89DmOH/tGsTZE 3Naw+CVX2B0j8LvFG9jEUkTYz6Dsw8LfEb+Uid5ifBhC8zjXLH5UhYDBbjExzL3tDoFoXru1SgbS 7fwO0ZpdrbP04ej28itV8NZQ1ubk5yuX5hbacGZxaN9/yD05YOMmWsgpcZNwfx+vJRdb27d/uiSm CZEroXUV5P51/M3OTFzUcgLAwWTuerzTAZKHxaIyqRtBr+g6P2GkMKh4A8rh/8nDQ5OpnSnwbclu /8FAXA3T6cMBfOR5WSoOFjjFcTsRl0gfUH1RdkPZBmMcBwWghbbxAXAVVV7TVPSNvL4lOcHu+vrE VA8o5Nx+AjMoGd81njCCBfswggPjoAMCAQICFARL9j0DOV38SSjd4CRpIEm77dE3MA0GCSqGSIb3 DQEBCwUAMGgxCzAJBgNVBAYTAk5MMSAwHgYDVQQKExdRdW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3 MDUGA1UEAxMuUXVvVmFkaXMgRVUgSXNzdWluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBHMzAe Fw0xNTA0MDkxNDU5MzhaFw0xNzA0MDkxNDU5MzNaMIGAMQswCQYDVQQGEwJHQjENMAsGA1UEChME SmlzYzEaMBgGA1UECxMRSmlzYyBUZWNobm9sb2dpZXMxCzAJBgNVBAwTAkRyMRMwEQYDVQQDEwpS aHlzIFNtaXRoMSQwIgYJKoZIhvcNAQkBFhVyaHlzLnNtaXRoQGppc2MuYWMudWswggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHm7qYQRmq3Qj0kPNsbm8+YtNqIfIYUKnoHbpcxg1CJEZl Zotk256MHGC2xDm7F8ZLxfs0JHDb3VWNDo/nO9hicMgVA8GUiWLRRBYc0JQ0iHNim1sBcU3EpeTx lBUVyHfKOXRiYsLs8LRBAMKP1FZf1Nn2pYQyrIQCIo46oIDq1O6CyqClFz1zL1jjr0MORWLlqLPk QzSLbFx+LmR8rWiJRVZ7FvniwWqmRzsHQaVdNVPrwWVvSaNbfMrFjtee1PfbnGMUz1j7ANe8y44L vyrNhlMOGgcdsTmX7cJUZjJOrgLNHrq+XCfQ7qq2jTgUjjnhEkHiShOew5szo4I/hb1xAgMBAAGj ggGCMIIBfjB0BggrBgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlz Z2xvYmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9x dmV1Y2FnMy5jcnQwTgYDVR0gBEcwRTBDBgkrBgEEAb5YAWQwNjA0BggrBgEFBQcCARYoaHR0cDov L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBeAwKQYDVR0l BCIwIAYKKwYBBAGCNxQCAgYIKwYBBQUHAwIGCCsGAQUFBwMEMB8GA1UdIwQYMBaAFEKo6bsep57R 7HIIsW7H0SlqtVDAMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwu Y29tL3F2ZXVjYWczLmNybDAdBgNVHQ4EFgQUJOGvTZ4bAe/TgVUqyQErKBReRaUwDQYJKoZIhvcN AQELBQADggIBAGRiINJ5pj97yEtcYniWa39Y8aUmV7Md15GC8EndU+yKeaLucuhbexaanIOlvu2X koyPuHq6OgKaKFr1AkAnO6kkdZKlGhLZImrUeqtPKxAPb3uxFQc5kIvtwdDnmbujwJ2h6NHifDmM ab1PlyMwDGJJvMudhM1Wzvy6iFMFbXw1ZjUhoroAXcS+3HEPFebzgIcRcrgz7zZ9W6UkB0d9SzSy dSIWI0bdp8o1yzgcYxqC9pLkBVQsFYM2xt9M//u20QegSVICwJC02oWGtPTc/zZOpER5OZ6dkbTa zcCJoxs1akO87smjAtC4Ab4O/QT7QZ2WZTQ9CvQ5o3z7nUDZS/0GBiKOjcnxMhr5EZpvluq2k1/k uIY3upFBqheCOicvk/AiWvRASatdPysA/iIPJt2KArAjw2mndTse6ahSMP5l5PXPrcPHf4LASM3L U4r7PFOP0ix8GVr3Yz1oMmN55B57sb466tBycTG2CUMT72kc7X7ewB4tNC666MiqlivRx6qztO3L oJEHTVCvrwWUp8vzcSiuuzNFg9yj4sG0nqDY6Dcr5Dt3hFPS622Akd5NrsI8nhmfv4pukxYiC9KF 6LL4kIbR5jY27J5BiZ53/9wGEYAEvZ9rH90dJRlJ9ncdNciDHH8h0jyHmOwFA7wrEMtz2nC7MS+d IuVV7TzmBLgXMYIDMzCCAy8CAQEwgYAwaDELMAkGA1UEBhMCTkwxIDAeBgNVBAoTF1F1b1ZhZGlz IFRydXN0bGluayBCLlYuMTcwNQYDVQQDEy5RdW9WYWRpcyBFVSBJc3N1aW5nIENlcnRpZmljYXRp b24gQXV0aG9yaXR5IEczAhQES/Y9Azld/Eko3eAkaSBJu+3RNzAJBgUrDgMCGgUAoIIBhzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNjAxMDYxMDMyNDRaMCMGCSqG SIb3DQEJBDEWBBSFkFyj8E0HqatQpqyIr9E9zKHVRzCBkQYJKwYBBAGCNxAEMYGDMIGAMGgxCzAJ BgNVBAYTAk5MMSAwHgYDVQQKExdRdW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3MDUGA1UEAxMuUXVv VmFkaXMgRVUgSXNzdWluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBHMwIUBEv2PQM5XfxJKN3g JGkgSbvt0TcwgZMGCyqGSIb3DQEJEAILMYGDoIGAMGgxCzAJBgNVBAYTAk5MMSAwHgYDVQQKExdR dW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3MDUGA1UEAxMuUXVvVmFkaXMgRVUgSXNzdWluZyBDZXJ0 aWZpY2F0aW9uIEF1dGhvcml0eSBHMwIUBEv2PQM5XfxJKN3gJGkgSbvt0TcwDQYJKoZIhvcNAQEB BQAEggEAceLHT9Ym/TAZysDjEu1aSpSI4pydYAdLmX8PUn1ObeUht+QMAJLvFF3WWSVUrKLKQFeP kOr3LIbah0Ngyq0YxAQIWBq1VrFDk1e6ywm/tcybUkLRTgNgx/mRhas9gnAmo7Y82F9Ty0wTKKm9 RcLUOMY2ro7EDRFbg6yuvTjM+gIuQHijxKSW84oFtNyFDGFzo8bUH12bVCwx8QHYUK3Au0D6/3e4 Lu+U1/zwMRvOnIEF41GzBZ9lLIEQtjQakNw8MojSBs4FxNI4wJTbEEzEUifPmCbDD3feOhoF6VYP Q4cNZju2iRPGGMwppSOiGCcY2G4bIJcL9f0OXCVRTBlFdQAAAAAAAA== --Apple-Mail=_F696D564-1CF8-4BE0-A15B-4C52DCA8A59B-- From nobody Wed Jan 6 17:46:41 2016 Return-Path: X-Original-To: abfab@ietf.org Delivered-To: abfab@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7212A1A6F11; Wed, 6 Jan 2016 17:46:38 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "Barry Leiba" To: "The IESG" X-Test-IDTracker: no X-IETF-IDTracker: 6.11.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> Date: Wed, 06 Jan 2016 17:46:38 -0800 Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, draft-ietf-abfab-aaa-saml@ietf.org Subject: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jan 2016 01:46:38 -0000 Barry Leiba has entered the following ballot position for draft-ietf-abfab-aaa-saml-13: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Because abfab-arch defines the terms "Client", "Relying Party", and "Identity Provider", I think abfab-arch should be a normative reference. -- Section 3 -- The RADIUS SAML binding defined in Section 4 of this document uses two attributes to convey SAML assertions and protocol messages respectively [OASIS.saml-core-2.0-os] Nit: "respectively" is out of place here, and should be removed. You would only use "respectively" if you named the two attributes ("...uses two attributes, SAML-Assertion and SAML-Protocol, to convey SAML assertions and protocol messages, respectively."). -- Section 7.3.5 -- If issued by the Identity Provider, the Relying Party MUST process the message and any enclosed assertion elements as described in [OASIS.saml-core-2.0-os] "If issued" is dangling, and makes it look like the Relying Party is issued by the Identity Provider. NEW If a message is issued by the Identity Provider, the Relying Party MUST process that message and any enclosed assertion elements as described in [OASIS.saml-core-2.0-os] END -- Section 11.2 -- Thank you; this section is well done. From nobody Fri Jan 8 01:50:56 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF0FC1ACF07 for ; Fri, 8 Jan 2016 01:50:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.911 X-Spam-Level: X-Spam-Status: No, score=-3.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ms070bLdcVbd for ; Fri, 8 Jan 2016 01:50:52 -0800 (PST) Received: from xenon24.um.es (xenon24.um.es [155.54.212.164]) by ietfa.amsl.com (Postfix) with ESMTP id 61AC41ACF04 for ; Fri, 8 Jan 2016 01:50:52 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon24.um.es (Postfix) with ESMTP id D80F085AF for ; Fri, 8 Jan 2016 10:50:50 +0100 (CET) X-Virus-Scanned: by antispam in UMU at xenon24.um.es Received: from xenon24.um.es ([127.0.0.1]) by localhost (xenon24.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id yITPBe2kjRFp for ; Fri, 8 Jan 2016 10:50:50 +0100 (CET) Received: from [155.54.204.2] (alex.inf.um.es [155.54.204.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: alex) by xenon24.um.es (Postfix) with ESMTPSA id C75E12AFB for ; Fri, 8 Jan 2016 10:50:48 +0100 (CET) To: abfab@ietf.org References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> From: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= Message-ID: <568F8678.3070108@um.es> Date: Fri, 8 Jan 2016 10:50:48 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2016 09:50:55 -0000 Hi Barry, Alice, thanks for the review. Should I generate a -14 version in order to address these comments or can this be done in an editing phase without a new version? Regards, Alejandro El 07/01/16 a las 02:46, Barry Leiba escribió: > Barry Leiba has entered the following ballot position for > draft-ietf-abfab-aaa-saml-13: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Because abfab-arch defines the terms "Client", "Relying Party", and > "Identity Provider", I think abfab-arch should be a normative reference. > > -- Section 3 -- > > The RADIUS SAML binding defined in Section 4 of this document uses > two attributes to convey SAML assertions and protocol messages > respectively [OASIS.saml-core-2.0-os] > > Nit: "respectively" is out of place here, and should be removed. You > would only use "respectively" if you named the two attributes ("...uses > two attributes, SAML-Assertion and SAML-Protocol, to convey SAML > assertions and protocol messages, respectively."). > > -- Section 7.3.5 -- > > If issued by the Identity Provider, the Relying Party MUST process > the message and any enclosed assertion elements as > described in [OASIS.saml-core-2.0-os] > > "If issued" is dangling, and makes it look like the Relying Party is > issued by the Identity Provider. > > NEW > If a message is issued by the Identity Provider, > the Relying Party MUST process that message and any enclosed > assertion elements as described in [OASIS.saml-core-2.0-os] > END > > -- Section 11.2 -- > Thank you; this section is well done. > > > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab From nobody Fri Jan 8 05:33:51 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADF661B29BB for ; Fri, 8 Jan 2016 05:33:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.011 X-Spam-Level: X-Spam-Status: No, score=-4.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EvlMEeRtTuBX for ; Fri, 8 Jan 2016 05:33:47 -0800 (PST) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CA681B29BA for ; Fri, 8 Jan 2016 05:33:44 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 5CAFBBE58; Fri, 8 Jan 2016 13:33:42 +0000 (GMT) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id igHcjvRmmicl; Fri, 8 Jan 2016 13:33:40 +0000 (GMT) Received: from [10.87.48.91] (unknown [86.46.21.60]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 7C0B9BE2C; Fri, 8 Jan 2016 13:33:40 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1452260020; bh=49RImdRIWhbiPHHjgEN4x2/HMvphUBoMNRSP30iUbzM=; h=Subject:To:References:From:Date:In-Reply-To:From; b=HfqLwG3Xx0RHydTp8FuQUHL3MuxU2zGPlXZB2ZJexSfAj2dvGTprjKb2feGUf6ssZ J5OK560ThuJqYgLM8hpJLcM7yQSd+JDY4EPWdNL5N6O23dbkhkVs9phVAsw5YL8Ffh Vag2Hxm+U/ESF3PhhsSdSFWqjgB7LiQm+d7CCJbQ= To: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= , abfab@ietf.org References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> <568F8678.3070108@um.es> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <568FBAB4.5010909@cs.tcd.ie> Date: Fri, 8 Jan 2016 13:33:40 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <568F8678.3070108@um.es> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2016 13:33:49 -0000 Hiya, On 08/01/16 09:50, Alejandro Pérez Méndez wrote: > Hi Barry, Alice, I'm not sure if Barry and Alissa are on this list but in any case, the thing to do is to reply to their comments and then if there are changes needed, yes please shoot out a -14 with *only* those changes. At that point I can send the approved message and the document will be sent to the RFC editor for processing. Cheers, S. > > thanks for the review. Should I generate a -14 version in order to > address these comments or can this be done in an editing phase without a > new version? > > Regards, > Alejandro > > El 07/01/16 a las 02:46, Barry Leiba escribió: >> Barry Leiba has entered the following ballot position for >> draft-ietf-abfab-aaa-saml-13: No Objection >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ >> >> >> >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> Because abfab-arch defines the terms "Client", "Relying Party", and >> "Identity Provider", I think abfab-arch should be a normative reference. >> >> -- Section 3 -- >> >> The RADIUS SAML binding defined in Section 4 of this document uses >> two attributes to convey SAML assertions and protocol messages >> respectively [OASIS.saml-core-2.0-os] >> >> Nit: "respectively" is out of place here, and should be removed. You >> would only use "respectively" if you named the two attributes ("...uses >> two attributes, SAML-Assertion and SAML-Protocol, to convey SAML >> assertions and protocol messages, respectively."). >> >> -- Section 7.3.5 -- >> >> If issued by the Identity Provider, the Relying Party MUST process >> the message and any enclosed assertion elements as >> described in [OASIS.saml-core-2.0-os] >> >> "If issued" is dangling, and makes it look like the Relying Party is >> issued by the Identity Provider. >> >> NEW >> If a message is issued by the Identity Provider, >> the Relying Party MUST process that message and any enclosed >> assertion elements as described in [OASIS.saml-core-2.0-os] >> END >> >> -- Section 11.2 -- >> Thank you; this section is well done. >> >> >> _______________________________________________ >> abfab mailing list >> abfab@ietf.org >> https://www.ietf.org/mailman/listinfo/abfab > > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab From nobody Fri Jan 8 13:10:37 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7D261B2BA1; Fri, 8 Jan 2016 13:10:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.91 X-Spam-Level: X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fyZJp7f9g1uH; Fri, 8 Jan 2016 13:10:21 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBDBB1B2BD8; Fri, 8 Jan 2016 13:08:16 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 64C0E209FB; Fri, 8 Jan 2016 16:08:07 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hc_xxdJ-VQNb; Fri, 8 Jan 2016 16:08:06 -0500 (EST) Received: from carter-zimmerman.suchdamage.org (c-98-217-125-224.hsd1.ma.comcast.net [98.217.125.224]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Fri, 8 Jan 2016 16:08:06 -0500 (EST) Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 003C48D5EC; Fri, 8 Jan 2016 16:08:13 -0500 (EST) From: Sam Hartman To: "Barry Leiba" References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> Date: Fri, 08 Jan 2016 16:08:13 -0500 In-Reply-To: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> (Barry Leiba's message of "Wed, 06 Jan 2016 17:46:38 -0800") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, The IESG , draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2016 21:10:25 -0000 >>>>> "Barry" == Barry Leiba writes: Barry> ---------------------------------------------------------------------- Barry> COMMENT: ---------------------------------------------------------------------- Barry> Because abfab-arch defines the terms "Client", "Relying Barry> Party", and "Identity Provider", I think abfab-arch should be Barry> a normative reference. I don't think abfab-arch can be a normative reference because I think it's an informational document. I note this is a comment not a discuss, but wanted to explain why we won't be able to address it. I think your other comments look good. From nobody Fri Jan 8 14:35:34 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FF111B2C57; Fri, 8 Jan 2016 14:35:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.278 X-Spam-Level: X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gHkxWyUU-1JJ; Fri, 8 Jan 2016 14:35:22 -0800 (PST) Received: from mail-io0-x230.google.com (mail-io0-x230.google.com [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A8511A0173; Fri, 8 Jan 2016 14:35:22 -0800 (PST) Received: by mail-io0-x230.google.com with SMTP id 1so253654822ion.1; Fri, 08 Jan 2016 14:35:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=NdHtwu3ReqRf+B0Lxe+O2FC0mYRlIsATPX3Vl/M+eEw=; b=JV1EFDhxn87uCunbEnGlkCX/wqyzKQ5YLP13WrnW0hd+BW6IWUQ+oHbcseL9ZNG+fn z3lHSQxri8wGfX56T4CjZNWLsi7zxdD8DQ8F+uutivO5fvO4ooCorZVMIiZ+sD3k8P8c dKNdQqm/4XComJMNlOa+ey25+m2TRjkKr/rUEQPVv6kaEMIDAv9UcwmFh2skDjCR6FNI L1JjPSOakNDowEj3BAR1p2WLPywE4Va8wrlJyqfMUFfHyPSnCPvqSN3OfD4pSinBf0Pm 3CabJjZ/1t3P0HwHwj+BX2DjX5NI7TUG+2YGZeKcPYCbh91c8oKlb9lRIl0zqbG+i72U IYHA== MIME-Version: 1.0 X-Received: by 10.107.131.86 with SMTP id f83mr89833955iod.189.1452292521955; Fri, 08 Jan 2016 14:35:21 -0800 (PST) Sender: barryleiba@gmail.com Received: by 10.36.117.83 with HTTP; Fri, 8 Jan 2016 14:35:21 -0800 (PST) In-Reply-To: References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> Date: Sat, 9 Jan 2016 06:35:21 +0800 X-Google-Sender-Auth: A7bqaID0uWGi5iYKRG7bV52lkbM Message-ID: From: Barry Leiba To: Sam Hartman Content-Type: text/plain; charset=UTF-8 Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, The IESG , draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2016 22:35:23 -0000 Thanks for the response, Sam, but we've allowed normative references to Informational documents for more than ten years, since RFC 3967, and there are a great many examples where a normative reference to an informational document is used when the latter is needed for terminology definitions. Yes, this isn't a DISCUSS, and I won't block publication on this point. But please consider whether it's really the right thing to have necessary terminology definitions in an informative reference. Can someone fully understand this document without having definitions for "relying party" and "identity provider"? (No need for further response, unless you want to discuss it. I've said all I need to, and, again, thanks for the reply.) Barry On Sat, Jan 9, 2016 at 5:08 AM, Sam Hartman wrote: >>>>>> "Barry" == Barry Leiba writes: > > Barry> ---------------------------------------------------------------------- > Barry> COMMENT: ---------------------------------------------------------------------- > > Barry> Because abfab-arch defines the terms "Client", "Relying > Barry> Party", and "Identity Provider", I think abfab-arch should be > Barry> a normative reference. > > I don't think abfab-arch can be a normative reference because I think > it's an informational document. > > I note this is a comment not a discuss, but wanted to explain why we > won't be able to address it. > > I think your other comments look good. From nobody Mon Jan 11 00:30:21 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 636B31A87E1; Mon, 11 Jan 2016 00:30:19 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.502 X-Spam-Level: X-Spam-Status: No, score=-2.502 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id myR1tVRp6QHM; Mon, 11 Jan 2016 00:30:16 -0800 (PST) Received: from xenon21.um.es (xenon21.um.es [155.54.212.161]) by ietfa.amsl.com (Postfix) with ESMTP id 324921A87E2; Mon, 11 Jan 2016 00:30:16 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon21.um.es (Postfix) with ESMTP id C7F8C3F836; Mon, 11 Jan 2016 09:30:13 +0100 (CET) X-Virus-Scanned: by antispam in UMU at xenon21.um.es Received: from xenon21.um.es ([127.0.0.1]) by localhost (xenon21.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id eOyFiF-xLvDr; Mon, 11 Jan 2016 09:30:13 +0100 (CET) Received: from [192.168.1.5] (79.109.150.87.dyn.user.ono.com [79.109.150.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: alex) by xenon21.um.es (Postfix) with ESMTPSA id 54EE13F893; Mon, 11 Jan 2016 09:30:05 +0100 (CET) To: Alissa Cooper , The IESG References: <20160106194300.4689.14922.idtracker@ietfa.amsl.com> From: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= Message-ID: <5693680C.90306@um.es> Date: Mon, 11 Jan 2016 09:30:04 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: <20160106194300.4689.14922.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Alissa Cooper's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 08:30:19 -0000 Hi Alissa, thanks for the comments. I agree with you. Thouse MAY should be replaced by may (in lowercase). Regards, Alejandro El 06/01/16 a las 20:43, Alissa Cooper escribió: > Alissa Cooper has entered the following ballot position for > draft-ietf-abfab-aaa-saml-13: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for answering my questions about extending the SAML spec. > > The use of normative MAYs in Section 9 does not seem appropriate. > > From nobody Mon Jan 11 00:45:15 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E85281A8823; Mon, 11 Jan 2016 00:45:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.902 X-Spam-Level: X-Spam-Status: No, score=-3.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b78__d_1nXAz; Mon, 11 Jan 2016 00:45:10 -0800 (PST) Received: from xenon21.um.es (xenon21.um.es [155.54.212.161]) by ietfa.amsl.com (Postfix) with ESMTP id A81FC1A87F1; Mon, 11 Jan 2016 00:45:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon21.um.es (Postfix) with ESMTP id F0F433F8C1; Mon, 11 Jan 2016 09:45:08 +0100 (CET) X-Virus-Scanned: by antispam in UMU at xenon21.um.es Received: from xenon21.um.es ([127.0.0.1]) by localhost (xenon21.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id v7v0na5Vl0f8; Mon, 11 Jan 2016 09:45:08 +0100 (CET) Received: from [192.168.1.5] (79.109.150.87.dyn.user.ono.com [79.109.150.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: alex) by xenon21.um.es (Postfix) with ESMTPSA id DD7A43F8C0; Mon, 11 Jan 2016 09:45:06 +0100 (CET) To: Barry Leiba , The IESG References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> From: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= Message-ID: <56936B91.4040508@um.es> Date: Mon, 11 Jan 2016 09:45:05 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 08:45:12 -0000 Hi Barry, thanks for your comments. See my responses inline, please. El 07/01/16 a las 02:46, Barry Leiba escribió: > Barry Leiba has entered the following ballot position for > draft-ietf-abfab-aaa-saml-13: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Because abfab-arch defines the terms "Client", "Relying Party", and > "Identity Provider", I think abfab-arch should be a normative reference. As per the discussion you had with Sam, I see your point and I'm not against it. On the other hand, I think that the terms "Client", "Relaying Party", and "Identity Provider" are common enough to don't require readers to go to the reference to understand them, specially when the document already contains a terminlogy table that matches these terms with their SAML and RADIUS correspondences. > > -- Section 3 -- > > The RADIUS SAML binding defined in Section 4 of this document uses > two attributes to convey SAML assertions and protocol messages > respectively [OASIS.saml-core-2.0-os] > > Nit: "respectively" is out of place here, and should be removed. You > would only use "respectively" if you named the two attributes ("...uses > two attributes, SAML-Assertion and SAML-Protocol, to convey SAML > assertions and protocol messages, respectively."). Right, thanks. Probably the result of an edit to remove the attribute names from that paragraph. > > -- Section 7.3.5 -- > > If issued by the Identity Provider, the Relying Party MUST process > the message and any enclosed assertion elements as > described in [OASIS.saml-core-2.0-os] > > "If issued" is dangling, and makes it look like the Relying Party is > issued by the Identity Provider. > > NEW > If a message is issued by the Identity Provider, > the Relying Party MUST process that message and any enclosed > assertion elements as described in [OASIS.saml-core-2.0-os] > END Thanks, the text you've provided sounds much more clear. I will include it. Best regards, Alejandro > > -- Section 11.2 -- > Thank you; this section is well done. > > From nobody Mon Jan 11 06:05:22 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A62BB1A00E1; Mon, 11 Jan 2016 06:05:21 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.978 X-Spam-Level: X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cuPhzn5ruhaI; Mon, 11 Jan 2016 06:05:16 -0800 (PST) Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E30D61A00D0; Mon, 11 Jan 2016 06:05:15 -0800 (PST) Received: by mail-io0-x232.google.com with SMTP id g73so152896335ioe.3; Mon, 11 Jan 2016 06:05:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=jWJMZMdyT0jLxN0/+o+Qpjsa0EBTxtz0Pu1srgDm1Tw=; b=QoDLREvqsLrhIz5GBsM5WXx/j2S/C1dpYIc3W6tw0avdfl3S5A4yR1o6FFpboj6D8R N/GFtd36ic0qk3EyW62ipEQ+JrpcaA6BV8VdFwJsLjkW39z2+t6G/gLl69a+RmtP8Gxd +rlQl5CnmuZhrTPwBToWGmWg32pklrwcMZWxJSp3W7IcnSHR+GSNjrPesGG2GTIzsxWn FgFfRnhmTFj6kc1n/2fUqj2B/LoSGFf0OLLXIIfwuCs4V8Q1ma9s8xRO7cwenYxP+NGE cATonztqbyOApNS0mHEUpiScM/cNda0gRki0VnwLsrJB1MhsSWkn2h6VxUCgiBljadPo UC4g== MIME-Version: 1.0 X-Received: by 10.107.131.86 with SMTP id f83mr99796854iod.189.1452521115303; Mon, 11 Jan 2016 06:05:15 -0800 (PST) Sender: barryleiba@gmail.com Received: by 10.36.117.83 with HTTP; Mon, 11 Jan 2016 06:05:15 -0800 (PST) In-Reply-To: <56936B91.4040508@um.es> References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> <56936B91.4040508@um.es> Date: Mon, 11 Jan 2016 09:05:15 -0500 X-Google-Sender-Auth: RFDrlw24_dOWMTEQlLEPDUVxnOI Message-ID: From: Barry Leiba To: =?UTF-8?B?QWxlamFuZHJvIFDDqXJleiBNw6luZGV6?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, The IESG , draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 14:05:21 -0000 Thanks for the response, Alejandro, and for addressing my comments. Barry On Mon, Jan 11, 2016 at 3:45 AM, Alejandro P=C3=A9rez M=C3=A9ndez wrote: > Hi Barry, > > thanks for your comments. See my responses inline, please. > > El 07/01/16 a las 02:46, Barry Leiba escribi=C3=B3: >> >> Barry Leiba has entered the following ballot position for >> draft-ietf-abfab-aaa-saml-13: No Objection >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.htm= l >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ >> >> >> >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> Because abfab-arch defines the terms "Client", "Relying Party", and >> "Identity Provider", I think abfab-arch should be a normative reference. > > > As per the discussion you had with Sam, I see your point and I'm not agai= nst > it. > On the other hand, I think that the terms "Client", "Relaying Party", and > "Identity Provider" are common enough to don't require readers to go to t= he > reference to understand them, specially when the document already contain= s a > terminlogy table that matches these terms with their SAML and RADIUS > correspondences. > >> >> -- Section 3 -- >> >> The RADIUS SAML binding defined in Section 4 of this document uses >> two attributes to convey SAML assertions and protocol messages >> respectively [OASIS.saml-core-2.0-os] >> >> Nit: "respectively" is out of place here, and should be removed. You >> would only use "respectively" if you named the two attributes ("...uses >> two attributes, SAML-Assertion and SAML-Protocol, to convey SAML >> assertions and protocol messages, respectively."). > > > Right, thanks. Probably the result of an edit to remove the attribute nam= es > from that paragraph. > >> >> -- Section 7.3.5 -- >> >> If issued by the Identity Provider, the Relying Party MUST process >> the message and any enclosed assertion elements as >> described in [OASIS.saml-core-2.0-os] >> >> "If issued" is dangling, and makes it look like the Relying Party is >> issued by the Identity Provider. >> >> NEW >> If a message is issued by the Identity Provider, >> the Relying Party MUST process that message and any enclosed >> assertion elements as described in [OASIS.saml-core-2.0-os] >> END > > > Thanks, the text you've provided sounds much more clear. I will include i= t. > > Best regards, > Alejandro > > >> >> -- Section 11.2 -- >> Thank you; this section is well done. >> >> > From nobody Mon Jan 11 06:23:10 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95F511A0107; Mon, 11 Jan 2016 06:23:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bewk7WKn4BNB; Mon, 11 Jan 2016 06:23:04 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 964D21A010E; Mon, 11 Jan 2016 06:23:04 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 9EA20209C2; Mon, 11 Jan 2016 09:22:48 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2KJNWfmyym8b; Mon, 11 Jan 2016 09:22:48 -0500 (EST) Received: from carter-zimmerman.suchdamage.org (unknown [10.1.10.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Mon, 11 Jan 2016 09:22:48 -0500 (EST) Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 67B46872E7; Mon, 11 Jan 2016 09:23:03 -0500 (EST) From: Sam Hartman To: Barry Leiba References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> <56936B91.4040508@um.es> Date: Mon, 11 Jan 2016 09:23:03 -0500 In-Reply-To: (Barry Leiba's message of "Mon, 11 Jan 2016 09:05:15 -0500") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, The IESG , draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 14:23:07 -0000 First, I care far more about publishing this document than I do about resolving the reference type of abfab-arch. I don't believe that you need to understand the term relying party, or the other role terms in order to implement this spec. I believe 7055, this spec and SAML define enough terminology that while you might not understand the overall system and how it fits together, you can implement this part without reading arch. I fully agree that we could do another last call and do a RFC 3967 down-ref to arch. I don't think it's the right thing to do even if we can find a way to do it without an additional last call; I think you and I probably have a different opinion about the boundary between normative and informative references. I don't think a third last call would be helpful for this document. However, so long as my input is considered, I would not try to block on this issue; any resolution is fine with me. --Sam From nobody Mon Jan 11 06:55:47 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B15E1A01A5; Mon, 11 Jan 2016 06:55:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.278 X-Spam-Level: X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6SlzV4-c_mTe; Mon, 11 Jan 2016 06:55:44 -0800 (PST) Received: from mail-ig0-x230.google.com (mail-ig0-x230.google.com [IPv6:2607:f8b0:4001:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37FFB1A0151; Mon, 11 Jan 2016 06:55:44 -0800 (PST) Received: by mail-ig0-x230.google.com with SMTP id z14so120335853igp.0; Mon, 11 Jan 2016 06:55:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=eXu7NKUJRli6SkLFDPqSDOT93xUaWqNbf+McDN6434Q=; b=mKNNbJBhJjrlv8AfOQlkDR2pqxgv3D4QdhCHWMkrve9Kat1HxoiQypwecgy4XWW62l b130H6YKWyk0giMnpbWLZKb6hK87qRsHLBy3YKdpFhH6qr3hReFR7iZ98R7B/auqvI17 Anf16os8Cq6XKThANGNNervrWDKObeg6Zt41/Vh7RwngRgHpHT1bt7bni2pGCOVQ3l6O tLhE1OkQuubygyIJ5pRs5gj9XTxLnRBEkN7BM6AwD6j/hHrJJxyYOPkDxbGoi8vSV5zc Jm89FmpuuilqZzfjo4E9xe9Rzg7rDFFlkjf8G5iKT5eaYwLGlR05Lwd+xlSXu/Zp9m3T SOpA== MIME-Version: 1.0 X-Received: by 10.50.183.11 with SMTP id ei11mr12117481igc.81.1452524143660; Mon, 11 Jan 2016 06:55:43 -0800 (PST) Sender: barryleiba@gmail.com Received: by 10.36.117.83 with HTTP; Mon, 11 Jan 2016 06:55:43 -0800 (PST) In-Reply-To: References: <20160107014638.22674.62959.idtracker@ietfa.amsl.com> <56936B91.4040508@um.es> Date: Mon, 11 Jan 2016 09:55:43 -0500 X-Google-Sender-Auth: kRkhbIzz3hTVORvXFj7iG99K4fs Message-ID: From: Barry Leiba To: Sam Hartman Content-Type: text/plain; charset=UTF-8 Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, The IESG , draft-ietf-abfab-aaa-saml@ietf.org Subject: Re: [abfab] Barry Leiba's No Objection on draft-ietf-abfab-aaa-saml-13: (with COMMENT) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 14:55:45 -0000 Hi, Sam -- thanks for the follow-up. No worries: with your comments and Alejandro's, I'm fine with leaving it as it is, so let's just carry on. And for what it's worth, I think we have ample evidence that repeating last calls for this sort of thing *never* adds any value, and I'm working on getting some folks to write an update to 3967 that changes that (giving discretion to the IESG on the matter, rather than *requiring* that it always be called out in the last call notice). But that hasn't gotten off the ground yet; I'll have to poke people and see if we can get it moving. Barry On Mon, Jan 11, 2016 at 9:23 AM, Sam Hartman wrote: > First, I care far more about publishing this document than I do about > resolving the reference type of abfab-arch. > > I don't believe that you need to understand the term relying party, or > the other role terms in order to implement this spec. > I believe 7055, this spec and SAML define enough terminology that while > you might not understand the overall system and how it fits together, > you can implement this part without reading arch. > > I fully agree that we could do another last call and do a RFC 3967 > down-ref to arch. > I don't think it's the right thing to do even if we can find a way to > do it without an additional last call; I think you and I probably have a > different opinion about the boundary between normative and informative > references. > > I don't think a third last call would be helpful for this document. > > > However, so long as my input is considered, I would not try to block on > this issue; any resolution is fine with me. > > --Sam > From nobody Mon Jan 11 07:22:51 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D538E1A071A for ; Mon, 11 Jan 2016 07:22:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.002 X-Spam-Level: X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RP_MATCHES_RCVD=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6feXxxH3cFaQ for ; Mon, 11 Jan 2016 07:22:49 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02DA31A0419 for ; Mon, 11 Jan 2016 07:22:49 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 11EC3209C2; Mon, 11 Jan 2016 10:22:33 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sEvSVDIFR_1f; Mon, 11 Jan 2016 10:22:32 -0500 (EST) Received: from [10.1.10.107] (unknown [10.1.10.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: mark@mail.suchdamage.org) by mail.painless-security.com (Postfix) with ESMTPSA; Mon, 11 Jan 2016 10:22:32 -0500 (EST) To: Rhys Smith References: <56384E83.3050200@sunet.se> <56385DB5.5030804@painless-security.com> <56385FEF.2020404@sunet.se> <564F6008.7070507@painless-security.com> <568BD6BF.10307@painless-security.com> From: Mark Donnelly Message-ID: <5693C8B7.2050401@painless-security.com> Date: Mon, 11 Jan 2016 10:22:31 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Archived-At: Cc: "abfab@ietf.org" Subject: Re: [abfab] getting finished X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 15:22:50 -0000 > Not really available friday I’m afraid. I’m out of office mon-wed > next week. So first day I could do is thursday 14th, any time. Any > times that day good for you and Sam? Let's shoot for 2:00 UTC / 9:00 Eastern on Thursday the 14th, then. > Happy to do google hangout, or we can just use the Jisc phone bridge > thing, whatever is easiest for you both. Well, if you're offering the JISC phone bridge that's pretty dang easy for me :) Could you publish the relevant information? Thanks, --Mark From nobody Mon Jan 11 07:44:18 2016 Return-Path: X-Original-To: abfab@ietf.org Delivered-To: abfab@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 04A371A1AB6; Mon, 11 Jan 2016 07:44:16 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.11.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160111154416.22475.36416.idtracker@ietfa.amsl.com> Date: Mon, 11 Jan 2016 07:44:16 -0800 Archived-At: Cc: abfab@ietf.org Subject: [abfab] I-D Action: draft-ietf-abfab-aaa-saml-14.txt X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 15:44:16 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Application Bridging for Federated Access Beyond web Working Group of the IETF. Title : A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML Authors : Josh Howlett Sam Hartman Alejandro Perez-Mendez Filename : draft-ietf-abfab-aaa-saml-14.txt Pages : 31 Date : 2016-01-11 Abstract: This document describes the use of the Security Assertion Mark-up Language (SAML) with RADIUS in the context of the ABFAB architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion query/request, enabling a Relying Party to request authentication of, or assertions for, users or machines (Clients). These Clients may be named using a NAI name identifier format. Finally, the subject confirmation methods allow requests and queries to be issued for a previously authenticated user or machine without needing to explicitly identify them as the subject. The use of the artifacts defined in this document is not exclusive to ABFAB. They can be applied in any AAA scenario, such as the network access control. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-abfab-aaa-saml-14 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-abfab-aaa-saml-14 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Mon Jan 11 07:48:12 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 992DA1A1B44 for ; Mon, 11 Jan 2016 07:48:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.902 X-Spam-Level: X-Spam-Status: No, score=-3.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tUJZLqZvqMaj for ; Mon, 11 Jan 2016 07:48:09 -0800 (PST) Received: from xenon21.um.es (xenon21.um.es [155.54.212.161]) by ietfa.amsl.com (Postfix) with ESMTP id 339741A1B46 for ; Mon, 11 Jan 2016 07:48:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon21.um.es (Postfix) with ESMTP id 00D433F8F1 for ; Mon, 11 Jan 2016 16:48:07 +0100 (CET) X-Virus-Scanned: by antispam in UMU at xenon21.um.es Received: from xenon21.um.es ([127.0.0.1]) by localhost (xenon21.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id hpBYiXpqy5+K for ; Mon, 11 Jan 2016 16:48:06 +0100 (CET) Received: from [192.168.1.5] (79.109.150.87.dyn.user.ono.com [79.109.150.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: alex) by xenon21.um.es (Postfix) with ESMTPSA id C73F63F884 for ; Mon, 11 Jan 2016 16:48:06 +0100 (CET) To: abfab@ietf.org References: <20160111154416.22475.36416.idtracker@ietfa.amsl.com> From: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= Message-ID: <5693CEB5.60403@um.es> Date: Mon, 11 Jan 2016 16:48:05 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: <20160111154416.22475.36416.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [abfab] I-D Action: draft-ietf-abfab-aaa-saml-14.txt X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 15:48:11 -0000 Dear all, we have uploaded a new version of this draft addressing the comments received from Alissa and Barry. Best regards, Alejandro El 11/01/16 a las 16:44, internet-drafts@ietf.org escribió: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Application Bridging for Federated Access Beyond web Working Group of the IETF. > > Title : A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML > Authors : Josh Howlett > Sam Hartman > Alejandro Perez-Mendez > Filename : draft-ietf-abfab-aaa-saml-14.txt > Pages : 31 > Date : 2016-01-11 > > Abstract: > This document describes the use of the Security Assertion Mark-up > Language (SAML) with RADIUS in the context of the ABFAB architecture. > It defines two RADIUS attributes, a SAML binding, a SAML name > identifier format, two SAML profiles, and two SAML confirmation > methods. The RADIUS attributes permit encapsulation of SAML > assertions and protocol messages within RADIUS, allowing SAML > entities to communicate using the binding. The two profiles describe > the application of this binding for ABFAB authentication and > assertion query/request, enabling a Relying Party to request > authentication of, or assertions for, users or machines (Clients). > These Clients may be named using a NAI name identifier format. > Finally, the subject confirmation methods allow requests and queries > to be issued for a previously authenticated user or machine without > needing to explicitly identify them as the subject. The use of the > artifacts defined in this document is not exclusive to ABFAB. They > can be applied in any AAA scenario, such as the network access > control. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-abfab-aaa-saml-14 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-abfab-aaa-saml-14 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab From nobody Mon Jan 11 07:52:51 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65CC71A1BB9 for ; Mon, 11 Jan 2016 07:52:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.002 X-Spam-Level: X-Spam-Status: No, score=-4.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yecv0TawYyS3 for ; Mon, 11 Jan 2016 07:52:48 -0800 (PST) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FEBA1A1BDA for ; Mon, 11 Jan 2016 07:52:48 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 45BC8BE51; Mon, 11 Jan 2016 15:52:47 +0000 (GMT) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T2z0RPlQQiKz; Mon, 11 Jan 2016 15:52:47 +0000 (GMT) Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3B3B5BE7C; Mon, 11 Jan 2016 15:52:46 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1452527566; bh=9CUbwzVI5yXUu3ABZ2/U5/XwvFC0yM54JgIgppEYTy0=; h=Subject:To:References:From:Date:In-Reply-To:From; b=RjexJzJfJS0U3mrDrabCaXnWL1eMFKGb4rtBOY0MGtribSH+BkHvTeQ/sSH3yllXF Fn/PR+2DWbFeFjDoHY15aFMZYm1kA+J4SUWyWMrkq1TfglVOvJW3VlgTKNj1pK/3CW YEy17Iy1nLS0vDu2UZ4VEY2zHZl8j7qMVW2VICC8= To: =?UTF-8?Q?Alejandro_P=c3=a9rez_M=c3=a9ndez?= , abfab@ietf.org References: <20160111154416.22475.36416.idtracker@ietfa.amsl.com> <5693CEB5.60403@um.es> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <5693CFCD.5000700@cs.tcd.ie> Date: Mon, 11 Jan 2016 15:52:45 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <5693CEB5.60403@um.es> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Archived-At: Subject: Re: [abfab] I-D Action: draft-ietf-abfab-aaa-saml-14.txt X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 15:52:50 -0000 Thanks - I just sent the approval message so this'll head to the RFC editor now. They'll get back to you when they're ready to process it further in a couple(ish) of weeks. Cheers, S. On 11/01/16 15:48, Alejandro Pérez Méndez wrote: > Dear all, > > we have uploaded a new version of this draft addressing the comments > received from Alissa and Barry. > > Best regards, > Alejandro > > El 11/01/16 a las 16:44, internet-drafts@ietf.org escribió: >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Application Bridging for Federated >> Access Beyond web Working Group of the IETF. >> >> Title : A RADIUS Attribute, Binding, Profiles, Name >> Identifier Format, and Confirmation Methods for SAML >> Authors : Josh Howlett >> Sam Hartman >> Alejandro Perez-Mendez >> Filename : draft-ietf-abfab-aaa-saml-14.txt >> Pages : 31 >> Date : 2016-01-11 >> >> Abstract: >> This document describes the use of the Security Assertion Mark-up >> Language (SAML) with RADIUS in the context of the ABFAB architecture. >> It defines two RADIUS attributes, a SAML binding, a SAML name >> identifier format, two SAML profiles, and two SAML confirmation >> methods. The RADIUS attributes permit encapsulation of SAML >> assertions and protocol messages within RADIUS, allowing SAML >> entities to communicate using the binding. The two profiles describe >> the application of this binding for ABFAB authentication and >> assertion query/request, enabling a Relying Party to request >> authentication of, or assertions for, users or machines (Clients). >> These Clients may be named using a NAI name identifier format. >> Finally, the subject confirmation methods allow requests and queries >> to be issued for a previously authenticated user or machine without >> needing to explicitly identify them as the subject. The use of the >> artifacts defined in this document is not exclusive to ABFAB. They >> can be applied in any AAA scenario, such as the network access >> control. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-abfab-aaa-saml-14 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-abfab-aaa-saml-14 >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> abfab mailing list >> abfab@ietf.org >> https://www.ietf.org/mailman/listinfo/abfab > > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab > From nobody Mon Jan 11 08:15:10 2016 Return-Path: X-Original-To: abfab@ietf.org Delivered-To: abfab@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 04E891A7013; Mon, 11 Jan 2016 08:15:00 -0800 (PST) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: The IESG To: "IETF-Announce" X-Test-IDTracker: no X-IETF-IDTracker: 6.11.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160111161459.9744.91803.idtracker@ietfa.amsl.com> Date: Mon, 11 Jan 2016 08:14:59 -0800 Archived-At: Cc: abfab@ietf.org, abfab-chairs@ietf.org, draft-ietf-abfab-aaa-saml@ietf.org, The IESG , rfc-editor@rfc-editor.org Subject: [abfab] Protocol Action: 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML' to Proposed Standard (draft-ietf-abfab-aaa-saml-14.txt) X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2016 16:15:00 -0000 The IESG has approved the following document: - 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML' (draft-ietf-abfab-aaa-saml-14.txt) as Proposed Standard This document is the product of the Application Bridging for Federated Access Beyond web Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ Technical Summary: The document describes the use of the Security Assertion Mark-up Language (SAML) with RADIUS in the context of the ABFAB architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion query/request, enabling a Relying Party to request authentication of, or assertions for, users or machines (Clients). These Clients may be named using a NAI name identifier format. Finally, the subject confirmation methods allow requests and queries to be issued for a previously authenticated user or machine without needing to explicitly identify them as the subject. These artifacts have been defined to permit application in AAA scenarios other than ABFAB, such as network access. Working Group Summary: This document had a few false starts before it really got traction. That has resulted in a rather lengthy process to get going. The challenge was getting the right set of experts on RADIUS and SAML together, now consensus is strong that this is the right approach. Document Quality: There is as far as I know 1 implementation of the protocol. At this stage there are no indications for wide industry take-up. Special mention deserves Scott Cantor (editor of the SAML2.0 spec and member of OASIS SSTC) for doing a thorough review and guide the authors on the SAML side. Personnel: Document Shepherd: Klaas Wierenga Responsible Area Director: Stephen Farrell RFC Editor Note There was one, but it's included in -14, so now there isn't one:-) From nobody Wed Jan 13 08:58:15 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1F761B2F3F for ; Wed, 13 Jan 2016 08:58:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.002 X-Spam-Level: X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RP_MATCHES_RCVD=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ISjAf_1TE2EC for ; Wed, 13 Jan 2016 08:58:13 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40C1C1B2F4B for ; Wed, 13 Jan 2016 08:58:12 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 7B57220A11 for ; Wed, 13 Jan 2016 11:58:09 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QbFLZtGnWPfH for ; Wed, 13 Jan 2016 11:58:09 -0500 (EST) Received: from [10.1.10.107] (unknown [10.1.10.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: mark@mail.suchdamage.org) by mail.painless-security.com (Postfix) with ESMTPSA for ; Wed, 13 Jan 2016 11:58:09 -0500 (EST) References: To: "abfab@ietf.org" From: Mark Donnelly X-Forwarded-Message-Id: Message-ID: <5696821F.6010203@painless-security.com> Date: Wed, 13 Jan 2016 11:58:07 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/mixed; boundary="------------030106000409010908080406" Archived-At: Subject: [abfab] Fwd: ABFAB UI doc call X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Jan 2016 16:58:15 -0000 This is a multi-part message in MIME format. --------------030106000409010908080406 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit All: Attached to this message is the information for the ABFAB UI document discussion tomorrow. --Mark Donnelly --------------030106000409010908080406 Content-Type: text/calendar; name="Attached Message Part" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Attached Message Part" BEGIN:VCALENDAR METHOD:REQUEST PRODID:Microsoft Exchange Server 2010 VERSION:2.0 BEGIN:VTIMEZONE TZID:GMT Standard Time BEGIN:STANDARD DTSTART:16010101T020000 TZOFFSETFROM:+0100 TZOFFSETTO:+0000 RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=-1SU;BYMONTH=10 END:STANDARD BEGIN:DAYLIGHT DTSTART:16010101T010000 TZOFFSETFROM:+0000 TZOFFSETTO:+0100 RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=-1SU;BYMONTH=3 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT ORGANIZER;CN=Rhys Smith:MAILTO:Rhys.Smith@jisc.ac.uk ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=Sam Hartma n:MAILTO:hartmans@painless-security.com ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=Mark Donne lly:MAILTO:mark@painless-security.com DESCRIPTION;LANGUAGE=en-US:Bridge:\nUK: 08444 737 123\nUS: 1 415 363 0833\n PIN: 438618\n UID:6B4EB71E-680C-42A7-A278-E57BD57AF156 SUMMARY;LANGUAGE=en-US:ABFAB UI doc call DTSTART;TZID=GMT Standard Time:20160114T140000 DTEND;TZID=GMT Standard Time:20160114T150000 CLASS:PUBLIC PRIORITY:5 DTSTAMP:20160112T165548Z TRANSP:OPAQUE STATUS:CONFIRMED SEQUENCE:0 LOCATION;LANGUAGE=en-US:Jisc phone bridge X-MICROSOFT-CDO-APPT-SEQUENCE:0 X-MICROSOFT-CDO-OWNERAPPTID:2114020832 X-MICROSOFT-CDO-BUSYSTATUS:TENTATIVE X-MICROSOFT-CDO-INTENDEDSTATUS:BUSY X-MICROSOFT-CDO-ALLDAYEVENT:FALSE X-MICROSOFT-CDO-IMPORTANCE:1 X-MICROSOFT-CDO-INSTTYPE:0 X-MICROSOFT-DISALLOW-COUNTER:FALSE BEGIN:VALARM DESCRIPTION:REMINDER TRIGGER;RELATED=START:-PT10M ACTION:DISPLAY END:VALARM END:VEVENT END:VCALENDAR --------------030106000409010908080406-- From nobody Thu Jan 14 05:46:25 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C76E81ACE06 for ; Thu, 14 Jan 2016 05:46:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OmbNa-kssw0a for ; Thu, 14 Jan 2016 05:46:16 -0800 (PST) Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [207.82.80.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6E031ACE03 for ; Thu, 14 Jan 2016 05:46:15 -0800 (PST) Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp0216.outbound.protection.outlook.com [213.199.154.216]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-16-jcIRuN0ORXi89_5hd9dB_w-1; Thu, 14 Jan 2016 13:46:06 +0000 X-MC-Unique: jcIRuN0ORXi89_5hd9dB_w-1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=JtTw/M9JKNxWMA5U4bgHGETy23LYLMpt4Q5pmogButU=; b=gVEcrXcOLXjBXlWE8Kpi54xAAA+LtzuMVFXylSXJkmn8xHg8y/LtWL54E1g/qM5bIyy5zlAeawa0kEI7ei21thEekCf+2pEGmHQPgJQFDQhGlx9l6BuUpBaRnUf9m2K2aBQR4u+i7FBrC5V87CjJ9NIYl/1oyc/HscAUpVwJp4g= Received: from DB5PR07MB0807.eurprd07.prod.outlook.com (10.161.196.13) by DB5PR07MB0806.eurprd07.prod.outlook.com (10.161.196.12) with Microsoft SMTP Server (TLS) id 15.1.365.19; Thu, 14 Jan 2016 13:45:58 +0000 Received: from DB5PR07MB0807.eurprd07.prod.outlook.com ([10.161.196.13]) by DB5PR07MB0807.eurprd07.prod.outlook.com ([10.161.196.13]) with mapi id 15.01.0365.023; Thu, 14 Jan 2016 13:45:58 +0000 From: Rhys Smith To: Mark Donnelly , Sam Hartman Thread-Topic: [abfab] ABFAB UI doc call Thread-Index: AQHRTtHlLc7AOIs+TUqb6i5yVyQTcA== Date: Thu, 14 Jan 2016 13:45:58 +0000 Message-ID: <2C5E1A6D-7494-426D-BA9C-27A8457353E4@jisc.ac.uk> References: <5696821F.6010203@painless-security.com> In-Reply-To: <5696821F.6010203@painless-security.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-mailer: Apple Mail (2.3112) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rhys.Smith@jisc.ac.uk; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2001:470:1f09:8c6:b07c:18b3:ee87:9cb7] x-microsoft-exchange-diagnostics: 1; DB5PR07MB0806; 5:luUMsXnHtoBAU9H3LB1rzjeL4PcVwxPrfe/DcY+s9UjszLItP2mgj4me5Ub4G3SRgpiRZO8gvGyqdbIHhZWN0Ijy6JIVSWYWRCyusTz/PCxMoF/Pqt5byYaz8fxrRXx3oT+dZTfhcu/h3V+AoZJ7vA==; 24:rX9xF2pDiJIG0ONax2zSlGWVVyKjFw38v4j2aGzrkGO/0+7Clq9E2zZIqPZNBMKhAUGD3/JSHu7bWJSe0iTzLZk/TYIU9V/9vNQaErawGzM=; 20:NTkh+GswI1jmniin3Xa6/AfWE/6P79mWZrBLz25vwiq7D4llnSvstThFsq9yXi3l/PDZwDVxIWhi0RBSYYz+h4JSU/45ueqeZYWDsemksxlM5nxSVBX3sStBHprO63psiVvyk+a0PSpM1eZr/G5dyGCjqZdDAwT9Ciiv7MtFnrM= x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB5PR07MB0806; x-ms-office365-filtering-correlation-id: 2f5865a5-4a3e-4d9f-ca51-08d31ce908c1 x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102615245)(601004)(2401047)(520078)(5005006)(8121501046)(10201501046)(3002001); SRVR:DB5PR07MB0806; BCL:0; PCL:0; RULEID:; SRVR:DB5PR07MB0806; x-forefront-prvs: 08213D42D3 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(189002)(199003)(24454002)(106116001)(2900100001)(11100500001)(86362001)(5001960100002)(2906002)(5004730100002)(19580405001)(81156007)(4326007)(74482002)(5008740100001)(5001770100001)(92566002)(33656002)(82746002)(110136002)(105586002)(189998001)(10400500002)(97736004)(15975445007)(77096005)(101416001)(106356001)(586003)(87936001)(40100003)(102836003)(6116002)(5890100001)(50226001)(122556002)(19580395003)(83716003)(1220700001)(99936001)(5002640100001)(36756003)(1096002)(2950100001)(57306001)(76176999)(50986999)(3826002)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB5PR07MB0806; H:DB5PR07MB0807.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: jisc.ac.uk does not designate permitted sender hosts) spamdiagnosticoutput: 1:23 spamdiagnosticmetadata: NSPM Content-Type: multipart/signed; boundary="Apple-Mail=_89962B03-36F2-4A29-8C67-EFAE11B8C791"; protocol="application/pkcs7-signature"; micalg=sha1 MIME-Version: 1.0 X-OriginatorOrg: jisc.ac.uk X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jan 2016 13:45:58.8310 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5PR07MB0806 Archived-At: Cc: "abfab@ietf.org" Subject: Re: [abfab] ABFAB UI doc call X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jan 2016 13:46:23 -0000 --Apple-Mail=_89962B03-36F2-4A29-8C67-EFAE11B8C791 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 I=92m running a little late; I=92ll be able to do this about 15 minutes = later than scheduled, so 14:15 GMT / 09:15 EST start? Rhys. > On 13 Jan 2016, at 16:58, Mark Donnelly = wrote: >=20 > All: >=20 > Attached to this message is the information for the ABFAB UI document > discussion tomorrow. >=20 > --Mark Donnelly > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab --Apple-Mail=_89962B03-36F2-4A29-8C67-EFAE11B8C791 Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIILojCCBZ8w ggSHoAMCAQICFDdbittYXdJlQ+xDC4cAUwx+EP2eMA0GCSqGSIb3DQEBCwUAMH8xCzAJBgNVBAYT AkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRp b24gQXV0aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9y aXR5MB4XDTE0MDUzMDE4MTU0OVoXDTIxMDMxNzE4MzMzM1owaDELMAkGA1UEBhMCTkwxIDAeBgNV BAoTF1F1b1ZhZGlzIFRydXN0bGluayBCLlYuMTcwNQYDVQQDEy5RdW9WYWRpcyBFVSBJc3N1aW5n IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAlBRBbnMy0pZB34/kk8jnEovgphznCp1JvoZ1DDG/OaCusN1fgkglNJp/Evw+h59cobd/md2B Bc3d95yvERP9LEgWYIFxzkm4eqU7TARr926V06gX8T5+4EAusMApvT4rbcbQYaEpcC1HgKmEJd96 N3WHtXZdYmkW7y4bd1tJanTMdyudKmUwZKzlkCSNKzU0mV+AP1+DJzCtKiTzM4nBTPFjMrl73/AU f1m9hw7rblA226EEtyjMtfeEfN7zkuXqtXcVbWiQUjEdan8mBLz9miHPTjL0FvggDk/Oa94d6yEX 9pbVyjfjrRFbWzIOgeFo5yHUf0qA0TXdgHHGMjHt6aEX2fuAEWkvaEQ4Qi7l/2GvtH+S74ziOtEq 2JUtamrF434yYVXzYJLgmYtBXqg/WSazpyExXhNEsGsq6jAbqb4rQbNK7Vg4xux+JvaLPx/qPqpT QCHB3PAw9N1TSJ9XKLP8kyN5IME9A5ss9/8UIlLIHS76nZWQZ3GMcAKFr3C4ixaVrRVg55Vuqs3W 1GIxyGgyfjMgD1nclYXG831DZAMOdwE0zV4k8c0HrE4yGdOlN6nrEtCrtpguuyLYIs6JbHVcGkby 8NhOatTor2O5dP32FxeW3fVyjxeXmcBejHys/O+TMNY0EK7AfqALC6uKfpNaVd6OlKso3UiK+run T3UCAwEAAaOCASgwggEkMBIGA1UdEwEB/wQIMAYBAf8CAQAwEQYDVR0gBAowCDAGBgRVHSAAMHEG CCsGAQUFBwEBBGUwYzAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t MDUGCCsGAQUFBzAChilodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhLmNydDAO BgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUi0tt7dMpuQYZ7Dk5qfCXhGrL798wOAYDVR0fBDEw LzAtoCugKYYnaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EuY3JsMB0GA1UdDgQW BBRCqOm7Hqee0exyCLFux9EparVQwDANBgkqhkiG9w0BAQsFAAOCAQEAZajTI1M89DmOH/tGsTZE 3Naw+CVX2B0j8LvFG9jEUkTYz6Dsw8LfEb+Uid5ifBhC8zjXLH5UhYDBbjExzL3tDoFoXru1SgbS 7fwO0ZpdrbP04ej28itV8NZQ1ubk5yuX5hbacGZxaN9/yD05YOMmWsgpcZNwfx+vJRdb27d/uiSm CZEroXUV5P51/M3OTFzUcgLAwWTuerzTAZKHxaIyqRtBr+g6P2GkMKh4A8rh/8nDQ5OpnSnwbclu /8FAXA3T6cMBfOR5WSoOFjjFcTsRl0gfUH1RdkPZBmMcBwWghbbxAXAVVV7TVPSNvL4lOcHu+vrE VA8o5Nx+AjMoGd81njCCBfswggPjoAMCAQICFARL9j0DOV38SSjd4CRpIEm77dE3MA0GCSqGSIb3 DQEBCwUAMGgxCzAJBgNVBAYTAk5MMSAwHgYDVQQKExdRdW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3 MDUGA1UEAxMuUXVvVmFkaXMgRVUgSXNzdWluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBHMzAe Fw0xNTA0MDkxNDU5MzhaFw0xNzA0MDkxNDU5MzNaMIGAMQswCQYDVQQGEwJHQjENMAsGA1UEChME SmlzYzEaMBgGA1UECxMRSmlzYyBUZWNobm9sb2dpZXMxCzAJBgNVBAwTAkRyMRMwEQYDVQQDEwpS aHlzIFNtaXRoMSQwIgYJKoZIhvcNAQkBFhVyaHlzLnNtaXRoQGppc2MuYWMudWswggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHm7qYQRmq3Qj0kPNsbm8+YtNqIfIYUKnoHbpcxg1CJEZl Zotk256MHGC2xDm7F8ZLxfs0JHDb3VWNDo/nO9hicMgVA8GUiWLRRBYc0JQ0iHNim1sBcU3EpeTx lBUVyHfKOXRiYsLs8LRBAMKP1FZf1Nn2pYQyrIQCIo46oIDq1O6CyqClFz1zL1jjr0MORWLlqLPk QzSLbFx+LmR8rWiJRVZ7FvniwWqmRzsHQaVdNVPrwWVvSaNbfMrFjtee1PfbnGMUz1j7ANe8y44L vyrNhlMOGgcdsTmX7cJUZjJOrgLNHrq+XCfQ7qq2jTgUjjnhEkHiShOew5szo4I/hb1xAgMBAAGj ggGCMIIBfjB0BggrBgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlz Z2xvYmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9x dmV1Y2FnMy5jcnQwTgYDVR0gBEcwRTBDBgkrBgEEAb5YAWQwNjA0BggrBgEFBQcCARYoaHR0cDov L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBeAwKQYDVR0l BCIwIAYKKwYBBAGCNxQCAgYIKwYBBQUHAwIGCCsGAQUFBwMEMB8GA1UdIwQYMBaAFEKo6bsep57R 7HIIsW7H0SlqtVDAMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwu Y29tL3F2ZXVjYWczLmNybDAdBgNVHQ4EFgQUJOGvTZ4bAe/TgVUqyQErKBReRaUwDQYJKoZIhvcN AQELBQADggIBAGRiINJ5pj97yEtcYniWa39Y8aUmV7Md15GC8EndU+yKeaLucuhbexaanIOlvu2X koyPuHq6OgKaKFr1AkAnO6kkdZKlGhLZImrUeqtPKxAPb3uxFQc5kIvtwdDnmbujwJ2h6NHifDmM ab1PlyMwDGJJvMudhM1Wzvy6iFMFbXw1ZjUhoroAXcS+3HEPFebzgIcRcrgz7zZ9W6UkB0d9SzSy dSIWI0bdp8o1yzgcYxqC9pLkBVQsFYM2xt9M//u20QegSVICwJC02oWGtPTc/zZOpER5OZ6dkbTa zcCJoxs1akO87smjAtC4Ab4O/QT7QZ2WZTQ9CvQ5o3z7nUDZS/0GBiKOjcnxMhr5EZpvluq2k1/k uIY3upFBqheCOicvk/AiWvRASatdPysA/iIPJt2KArAjw2mndTse6ahSMP5l5PXPrcPHf4LASM3L U4r7PFOP0ix8GVr3Yz1oMmN55B57sb466tBycTG2CUMT72kc7X7ewB4tNC666MiqlivRx6qztO3L oJEHTVCvrwWUp8vzcSiuuzNFg9yj4sG0nqDY6Dcr5Dt3hFPS622Akd5NrsI8nhmfv4pukxYiC9KF 6LL4kIbR5jY27J5BiZ53/9wGEYAEvZ9rH90dJRlJ9ncdNciDHH8h0jyHmOwFA7wrEMtz2nC7MS+d IuVV7TzmBLgXMYIDMzCCAy8CAQEwgYAwaDELMAkGA1UEBhMCTkwxIDAeBgNVBAoTF1F1b1ZhZGlz IFRydXN0bGluayBCLlYuMTcwNQYDVQQDEy5RdW9WYWRpcyBFVSBJc3N1aW5nIENlcnRpZmljYXRp b24gQXV0aG9yaXR5IEczAhQES/Y9Azld/Eko3eAkaSBJu+3RNzAJBgUrDgMCGgUAoIIBhzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNjAxMTQxMzQ1NTdaMCMGCSqG SIb3DQEJBDEWBBTEQSTqTDXmt+VrJDM3IRHz0SRQCDCBkQYJKwYBBAGCNxAEMYGDMIGAMGgxCzAJ BgNVBAYTAk5MMSAwHgYDVQQKExdRdW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3MDUGA1UEAxMuUXVv VmFkaXMgRVUgSXNzdWluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBHMwIUBEv2PQM5XfxJKN3g JGkgSbvt0TcwgZMGCyqGSIb3DQEJEAILMYGDoIGAMGgxCzAJBgNVBAYTAk5MMSAwHgYDVQQKExdR dW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3MDUGA1UEAxMuUXVvVmFkaXMgRVUgSXNzdWluZyBDZXJ0 aWZpY2F0aW9uIEF1dGhvcml0eSBHMwIUBEv2PQM5XfxJKN3gJGkgSbvt0TcwDQYJKoZIhvcNAQEB BQAEggEAmDgSXCHt6ySxEA2N0sLc7IDXgRKD3WosMaay/FqiKlBGKZ8246ZBh8fFru6jcZPqzZQ9 Ef4EgVwL1RkhwnAnnDBm+u4VNn8eluuZ8I8MLPNO/mwkduKS276QhCeO/IcNKXQgS5W6sz5FyymC PNGMMbM+V+KK+Y+WbCG5Jy4eoRvnV+oaj4ExUGSF9GvwDTsqQR+4fPrUcDrsrPSH2GJQGK3asBYN Omz+B1xUpwC09wbrtN0MrtvY5j+d38z9N553mWDmgD7l28cAIzTs4cwUksDN79wp0di18/tcYyh+ Iw2WMmKkHczDo32Js8YhsX17iw+/ejVxW2lFEnNsMHZMUAAAAAAAAA== --Apple-Mail=_89962B03-36F2-4A29-8C67-EFAE11B8C791-- From nobody Thu Jan 14 05:58:57 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE2ED1ACE12 for ; Thu, 14 Jan 2016 05:58:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06yXMLNR5ziP for ; Thu, 14 Jan 2016 05:58:53 -0800 (PST) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47F131ACE11 for ; Thu, 14 Jan 2016 05:58:53 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id D41EA20A16; Thu, 14 Jan 2016 08:58:47 -0500 (EST) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Oc7Ri2qQ5tX6; Thu, 14 Jan 2016 08:58:47 -0500 (EST) Received: from [10.1.10.107] (unknown [10.1.10.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: mark@mail.suchdamage.org) by mail.painless-security.com (Postfix) with ESMTPSA; Thu, 14 Jan 2016 08:58:47 -0500 (EST) To: Rhys Smith , Sam Hartman References: <5696821F.6010203@painless-security.com> <2C5E1A6D-7494-426D-BA9C-27A8457353E4@jisc.ac.uk> From: Mark Donnelly Message-ID: <5697A997.3030906@painless-security.com> Date: Thu, 14 Jan 2016 08:58:47 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <2C5E1A6D-7494-426D-BA9C-27A8457353E4@jisc.ac.uk> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Archived-At: Cc: "abfab@ietf.org" Subject: Re: [abfab] ABFAB UI doc call X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jan 2016 13:58:54 -0000 On 1/14/2016 8:45 AM, Rhys Smith wrote: > I’m running a little late; I’ll be able to do this about 15 minutes > later than scheduled, so 14:15 GMT / 09:15 EST start? That works fine for me. I'm already on the conference, but will be happy to hang out until you arrive. Cheers, --Mark From nobody Thu Jan 14 06:06:12 2016 Return-Path: X-Original-To: abfab@ietfa.amsl.com Delivered-To: abfab@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56F271ACE6D for ; Thu, 14 Jan 2016 06:06:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.201 X-Spam-Level: X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XEylPQOrMb8A for ; Thu, 14 Jan 2016 06:06:08 -0800 (PST) Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [146.101.78.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6921B1ACE6A for ; Thu, 14 Jan 2016 06:05:58 -0800 (PST) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01lp0176.outbound.protection.outlook.com [213.199.154.176]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-9-gZKnDToRS6i6L6rcPzzsfA-1; Thu, 14 Jan 2016 14:05:44 +0000 X-MC-Unique: gZKnDToRS6i6L6rcPzzsfA-1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Yd0RetR9i/jnlTtZ3sA+y7ZtptkGlxFy0nfbymif22o=; b=UmjXB+G3qikO1iVTQ245S2TPn3zDLA7kM5d2GVJYhlcL7SAj6bdbJnP2DObGlNAz1SCZ28CjPf763Ik3vAgn2mAKhWSuH8RzypBVrHJrlc3qgPdJC5JlrxruAQcnS6nVahzgfaspYu+w1ufaKgU4+7ET87g1P0/bmWL+LqbE5vI= Received: from DB5PR07MB0807.eurprd07.prod.outlook.com (10.161.196.13) by DB5PR07MB0807.eurprd07.prod.outlook.com (10.161.196.13) with Microsoft SMTP Server (TLS) id 15.1.365.19; Thu, 14 Jan 2016 14:05:42 +0000 Received: from DB5PR07MB0807.eurprd07.prod.outlook.com ([10.161.196.13]) by DB5PR07MB0807.eurprd07.prod.outlook.com ([10.161.196.13]) with mapi id 15.01.0365.023; Thu, 14 Jan 2016 14:05:42 +0000 From: Rhys Smith To: Mark Donnelly Thread-Topic: [abfab] ABFAB UI doc call Thread-Index: AQHRTtHmuMwSMoE1uEOV+rr2pAfMbp77CbyAgAAB7wA= Date: Thu, 14 Jan 2016 14:05:42 +0000 Message-ID: <4BF88832-3377-4C79-A2D0-04BC6AD19C20@jisc.ac.uk> References: <5696821F.6010203@painless-security.com> <2C5E1A6D-7494-426D-BA9C-27A8457353E4@jisc.ac.uk> <5697A997.3030906@painless-security.com> In-Reply-To: <5697A997.3030906@painless-security.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-mailer: Apple Mail (2.3112) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rhys.Smith@jisc.ac.uk; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [81.136.207.22] x-microsoft-exchange-diagnostics: 1; DB5PR07MB0807; 5:uLVt2PRwpfXUclG6kvSsOJ9QXMUw9f1RBS5JXhs16gZuLuKGBoFkd3Tk9xbv/D0q10MNZ541aef0qEuBcQ44vbYW7W896nZ2JZHFZOquwKGBI0b7ONBoWNUX4pdD16J85A3n8jNfQhSwA8TDllPlhg==; 24:eUeDVPqyeZi110ZZEwLBpitLdHirAOI/kpy4coTAWvSqYEVzErv7gEO/li57tNDz1jvPYDJNe3VjmmmTi1VlviAmVcmLrgGAsuvKboFk7PQ=; 20:smgH5pRkDMxGy0CMZibEBQZB1VzpI/aFAtlHyS2FRx0JNTq8w5N2nKtsPlpdWFO1JCSjE4iVry7ceKnlmRwSIrhHncb2QFeDTu+hnI2UMLRBEP3GPSODeGwxgRUUXggqdpND+wtBAcQETFGXW5n2mxgOsDsFj2rh8fYPxsL2uCc= x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB5PR07MB0807; x-ms-office365-filtering-correlation-id: 48c4f362-c705-41a1-1e48-08d31cebca51 x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102615245)(601004)(2401047)(5005006)(520078)(8121501046)(3002001)(10201501046); SRVR:DB5PR07MB0807; BCL:0; PCL:0; RULEID:; SRVR:DB5PR07MB0807; x-forefront-prvs: 08213D42D3 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(53834002)(24454002)(199003)(189002)(377454003)(479174004)(5008740100001)(1220700001)(10400500002)(586003)(1096002)(3846002)(6116002)(102836003)(87936001)(101416001)(83716003)(99936001)(76176999)(50986999)(2950100001)(2900100001)(66066001)(33656002)(122556002)(19580405001)(92566002)(19580395003)(40100003)(86362001)(77096005)(93886004)(82746002)(110136002)(106356001)(5001960100002)(106116001)(36756003)(189998001)(105586002)(97736004)(81156007)(74482002)(5002640100001)(2906002)(5004730100002)(11100500001)(57306001)(4326007)(50226001)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB5PR07MB0807; H:DB5PR07MB0807.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: jisc.ac.uk does not designate permitted sender hosts) spamdiagnosticoutput: 1:23 spamdiagnosticmetadata: NSPM Content-Type: multipart/signed; boundary="Apple-Mail=_1037FB71-452B-4841-BB16-4215692B4543"; protocol="application/pkcs7-signature"; micalg=sha1 MIME-Version: 1.0 X-OriginatorOrg: jisc.ac.uk X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jan 2016 14:05:42.5015 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5PR07MB0807 Archived-At: Cc: "abfab@ietf.org" Subject: Re: [abfab] ABFAB UI doc call X-BeenThere: abfab@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jan 2016 14:06:11 -0000 --Apple-Mail=_1037FB71-452B-4841-BB16-4215692B4543 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 Scratch that; I=92m back now. So avengers, assemble! Rhys. > On 14 Jan 2016, at 13:58, Mark Donnelly = wrote: >=20 > On 1/14/2016 8:45 AM, Rhys Smith wrote: >> I=92m running a little late; I=92ll be able to do this about 15 = minutes >> later than scheduled, so 14:15 GMT / 09:15 EST start? >=20 > That works fine for me. I'm already on the conference, but will be > happy to hang out until you arrive. >=20 > Cheers, > --Mark >=20 --Apple-Mail=_1037FB71-452B-4841-BB16-4215692B4543 Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIILojCCBZ8w ggSHoAMCAQICFDdbittYXdJlQ+xDC4cAUwx+EP2eMA0GCSqGSIb3DQEBCwUAMH8xCzAJBgNVBAYT AkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRp b24gQXV0aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9y aXR5MB4XDTE0MDUzMDE4MTU0OVoXDTIxMDMxNzE4MzMzM1owaDELMAkGA1UEBhMCTkwxIDAeBgNV BAoTF1F1b1ZhZGlzIFRydXN0bGluayBCLlYuMTcwNQYDVQQDEy5RdW9WYWRpcyBFVSBJc3N1aW5n IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAlBRBbnMy0pZB34/kk8jnEovgphznCp1JvoZ1DDG/OaCusN1fgkglNJp/Evw+h59cobd/md2B Bc3d95yvERP9LEgWYIFxzkm4eqU7TARr926V06gX8T5+4EAusMApvT4rbcbQYaEpcC1HgKmEJd96 N3WHtXZdYmkW7y4bd1tJanTMdyudKmUwZKzlkCSNKzU0mV+AP1+DJzCtKiTzM4nBTPFjMrl73/AU f1m9hw7rblA226EEtyjMtfeEfN7zkuXqtXcVbWiQUjEdan8mBLz9miHPTjL0FvggDk/Oa94d6yEX 9pbVyjfjrRFbWzIOgeFo5yHUf0qA0TXdgHHGMjHt6aEX2fuAEWkvaEQ4Qi7l/2GvtH+S74ziOtEq 2JUtamrF434yYVXzYJLgmYtBXqg/WSazpyExXhNEsGsq6jAbqb4rQbNK7Vg4xux+JvaLPx/qPqpT QCHB3PAw9N1TSJ9XKLP8kyN5IME9A5ss9/8UIlLIHS76nZWQZ3GMcAKFr3C4ixaVrRVg55Vuqs3W 1GIxyGgyfjMgD1nclYXG831DZAMOdwE0zV4k8c0HrE4yGdOlN6nrEtCrtpguuyLYIs6JbHVcGkby 8NhOatTor2O5dP32FxeW3fVyjxeXmcBejHys/O+TMNY0EK7AfqALC6uKfpNaVd6OlKso3UiK+run T3UCAwEAAaOCASgwggEkMBIGA1UdEwEB/wQIMAYBAf8CAQAwEQYDVR0gBAowCDAGBgRVHSAAMHEG CCsGAQUFBwEBBGUwYzAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t MDUGCCsGAQUFBzAChilodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhLmNydDAO BgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUi0tt7dMpuQYZ7Dk5qfCXhGrL798wOAYDVR0fBDEw LzAtoCugKYYnaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EuY3JsMB0GA1UdDgQW BBRCqOm7Hqee0exyCLFux9EparVQwDANBgkqhkiG9w0BAQsFAAOCAQEAZajTI1M89DmOH/tGsTZE 3Naw+CVX2B0j8LvFG9jEUkTYz6Dsw8LfEb+Uid5ifBhC8zjXLH5UhYDBbjExzL3tDoFoXru1SgbS 7fwO0ZpdrbP04ej28itV8NZQ1ubk5yuX5hbacGZxaN9/yD05YOMmWsgpcZNwfx+vJRdb27d/uiSm CZEroXUV5P51/M3OTFzUcgLAwWTuerzTAZKHxaIyqRtBr+g6P2GkMKh4A8rh/8nDQ5OpnSnwbclu /8FAXA3T6cMBfOR5WSoOFjjFcTsRl0gfUH1RdkPZBmMcBwWghbbxAXAVVV7TVPSNvL4lOcHu+vrE VA8o5Nx+AjMoGd81njCCBfswggPjoAMCAQICFARL9j0DOV38SSjd4CRpIEm77dE3MA0GCSqGSIb3 DQEBCwUAMGgxCzAJBgNVBAYTAk5MMSAwHgYDVQQKExdRdW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3 MDUGA1UEAxMuUXVvVmFkaXMgRVUgSXNzdWluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBHMzAe Fw0xNTA0MDkxNDU5MzhaFw0xNzA0MDkxNDU5MzNaMIGAMQswCQYDVQQGEwJHQjENMAsGA1UEChME SmlzYzEaMBgGA1UECxMRSmlzYyBUZWNobm9sb2dpZXMxCzAJBgNVBAwTAkRyMRMwEQYDVQQDEwpS aHlzIFNtaXRoMSQwIgYJKoZIhvcNAQkBFhVyaHlzLnNtaXRoQGppc2MuYWMudWswggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHm7qYQRmq3Qj0kPNsbm8+YtNqIfIYUKnoHbpcxg1CJEZl Zotk256MHGC2xDm7F8ZLxfs0JHDb3VWNDo/nO9hicMgVA8GUiWLRRBYc0JQ0iHNim1sBcU3EpeTx lBUVyHfKOXRiYsLs8LRBAMKP1FZf1Nn2pYQyrIQCIo46oIDq1O6CyqClFz1zL1jjr0MORWLlqLPk QzSLbFx+LmR8rWiJRVZ7FvniwWqmRzsHQaVdNVPrwWVvSaNbfMrFjtee1PfbnGMUz1j7ANe8y44L vyrNhlMOGgcdsTmX7cJUZjJOrgLNHrq+XCfQ7qq2jTgUjjnhEkHiShOew5szo4I/hb1xAgMBAAGj ggGCMIIBfjB0BggrBgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlz Z2xvYmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9x dmV1Y2FnMy5jcnQwTgYDVR0gBEcwRTBDBgkrBgEEAb5YAWQwNjA0BggrBgEFBQcCARYoaHR0cDov L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBeAwKQYDVR0l BCIwIAYKKwYBBAGCNxQCAgYIKwYBBQUHAwIGCCsGAQUFBwMEMB8GA1UdIwQYMBaAFEKo6bsep57R 7HIIsW7H0SlqtVDAMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwu Y29tL3F2ZXVjYWczLmNybDAdBgNVHQ4EFgQUJOGvTZ4bAe/TgVUqyQErKBReRaUwDQYJKoZIhvcN AQELBQADggIBAGRiINJ5pj97yEtcYniWa39Y8aUmV7Md15GC8EndU+yKeaLucuhbexaanIOlvu2X koyPuHq6OgKaKFr1AkAnO6kkdZKlGhLZImrUeqtPKxAPb3uxFQc5kIvtwdDnmbujwJ2h6NHifDmM ab1PlyMwDGJJvMudhM1Wzvy6iFMFbXw1ZjUhoroAXcS+3HEPFebzgIcRcrgz7zZ9W6UkB0d9SzSy dSIWI0bdp8o1yzgcYxqC9pLkBVQsFYM2xt9M//u20QegSVICwJC02oWGtPTc/zZOpER5OZ6dkbTa zcCJoxs1akO87smjAtC4Ab4O/QT7QZ2WZTQ9CvQ5o3z7nUDZS/0GBiKOjcnxMhr5EZpvluq2k1/k uIY3upFBqheCOicvk/AiWvRASatdPysA/iIPJt2KArAjw2mndTse6ahSMP5l5PXPrcPHf4LASM3L U4r7PFOP0ix8GVr3Yz1oMmN55B57sb466tBycTG2CUMT72kc7X7ewB4tNC666MiqlivRx6qztO3L oJEHTVCvrwWUp8vzcSiuuzNFg9yj4sG0nqDY6Dcr5Dt3hFPS622Akd5NrsI8nhmfv4pukxYiC9KF 6LL4kIbR5jY27J5BiZ53/9wGEYAEvZ9rH90dJRlJ9ncdNciDHH8h0jyHmOwFA7wrEMtz2nC7MS+d IuVV7TzmBLgXMYIDMzCCAy8CAQEwgYAwaDELMAkGA1UEBhMCTkwxIDAeBgNVBAoTF1F1b1ZhZGlz IFRydXN0bGluayBCLlYuMTcwNQYDVQQDEy5RdW9WYWRpcyBFVSBJc3N1aW5nIENlcnRpZmljYXRp b24gQXV0aG9yaXR5IEczAhQES/Y9Azld/Eko3eAkaSBJu+3RNzAJBgUrDgMCGgUAoIIBhzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNjAxMTQxNDA1NDJaMCMGCSqG SIb3DQEJBDEWBBQM3GVbh4cCPNFbjALz8Y86+o6FvjCBkQYJKwYBBAGCNxAEMYGDMIGAMGgxCzAJ BgNVBAYTAk5MMSAwHgYDVQQKExdRdW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3MDUGA1UEAxMuUXVv VmFkaXMgRVUgSXNzdWluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBHMwIUBEv2PQM5XfxJKN3g JGkgSbvt0TcwgZMGCyqGSIb3DQEJEAILMYGDoIGAMGgxCzAJBgNVBAYTAk5MMSAwHgYDVQQKExdR dW9WYWRpcyBUcnVzdGxpbmsgQi5WLjE3MDUGA1UEAxMuUXVvVmFkaXMgRVUgSXNzdWluZyBDZXJ0 aWZpY2F0aW9uIEF1dGhvcml0eSBHMwIUBEv2PQM5XfxJKN3gJGkgSbvt0TcwDQYJKoZIhvcNAQEB BQAEggEARHeBtOCV+ACYZW5RSzSy01VeW68yYxHR4niprxHnvB3iQpBPx31nuJVXVWKxaz84KcCE 6NuJwSzn2uZOuy0/+QT7fkDKUvPQdwXCr2I93Je9eEaP1/kr5vT6yVzsp1i71cB8PmjlUMEpygif 0Ct8Pjb18cqLxcTzwIpk4wWP6y3UDSAsshkY6CSZBC9SMCrQBMbqoTtRNVGdkB4gXdEBjk7KTekz xkNQL1YjQzag3JSqsMLcnnm5cr6wHtkaLh5u5KAWQ0jZKKykTxEq0pyX234OC0TFXh4eHqlqoJeR lHlQL+6plEmaRuZ8cN1z5XAcjLgSkiN3/WWDppeesjJsXgAAAAAAAA== --Apple-Mail=_1037FB71-452B-4841-BB16-4215692B4543--