El 12/03/14 15:22, Sam Hartman escribió: >>>>>> "Alejandro" == Alejandro Perez Mendez <[email protected]> writes: > Alejandro> El 12/03/14 14:18, Sam Hartman escribió: > >> We're discussing section 8 of draft-ietf-abfab-aaa-saml. > >> > >>> this issue would be declaring SAML-Message and/or the > >>> SAML-Assertion attributes as authentication attributes. We think > >>> this would make sense as as they might affect how the subsequent > >>> authentication process will be performed. > >> I don't support that approach mostly because it assumes there > >> will be subsiquent authentication. If there is such I'd expect > >> eap-message or similar to be present in the radius access-request > > Alejandro> Following Alan's suggestions, we decided for our draft > Alejandro> that it was better to do not mix things up and keep > Alejandro> RADIUS-EAP (and other authenticaiton mechanisms) > Alejandro> completely unmodified. > > Right. > I don't understand how that applies to aaa-saml. Because you are suggesting to include in the same packet EAP information with SAML. Am I wrong? Therefore, that would be against Alan's suggestion.
_______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
