> Cantor,> And doing an binding at OASIS is only of interest to me if > Cantor,> it's sufficiently generic. I'm not sure yet whether this > Cantor,> work is going to be sensibly of use to carry arbitrary SAML > Cantor,> protocols. It still feels use case (or profile-) specific > Cantor,> to me. > >I agree. I think we're explicitly making it profile specific.
I think we ultimately need a profile specific solution for Abfab's purposes, and a generic binding that can be applied to other domains. The problem is that its all being shoehorned into single document. Here's a proposal: 1. RADIUS SAML attribute (Abfab): specifies encapsulation of SAML messages within RADIUS messages, per 01. 2. RADIUS SAML binding (OASIS): generic application of (1) for the puspose of a SAML binding 3. Abfab profile (Abfab): application of RADIUS SAML binding within Abfab architecture (covers issues such as authentication and attribute request) I had assumed that (3) would end up as part of the architecture document, but that's now non-normative so perhaps we need a new document... Josh. JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
