Regarding the second item about additional SAML related text - such text already exists in the document in ยง5 [quoted and linked below]. It's unclear to me what else is being asked for here?
I'd like to request that some specific and concrete text be proposed, if anyone believes the current wording is insufficient. from tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-17#section-5 "5. Interoperability Considerations Agreement between system entities regarding identifiers, keys, and endpoints is required in order to achieve interoperable deployments of this profile. Specific items that require agreement are as follows: values for the issuer and audience identifiers, the location of the token endpoint, and the key used to apply and verify the digital signature over the assertion. The exchange of such information is explicitly out of scope for this specification and typical deployment of it will be done alongside existing SAML Web SSO deployments that have already established a means of exchanging such information. Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0 [OASIS.saml-metadata-2.0-os] is one common method of exchanging SAML related information about system entities." Thanks, Brian On Tue, Sep 10, 2013 at 8:26 AM, Tschofenig, Hannes (NSN - FI/Espoo) <[email protected]> wrote: > Hi all, > > I am trying to wrap up the assertion documents and I took a look at the > meeting minutes from the Berlin IETF meeting and the actions are as follows: > > ** John & Torsten: Please post your document review to the list. > > ** Authors of draft-ietf-oauth-saml2-bearer: Please provide the additional > SAML related text (as discussed during the meeting) and submit an updated > document. > > Ciao > Hannes > > ------- copy from the minutes -------- > > * Assertions (BC) > https://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/ > https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-bearer/ > https://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/ > > - WGLC ends by 8/8 > - BL on WGLC comments: talked to MJ about how to achieve interop. > - BL: describe how you could combine specifications to make at least one > interoperable specification > - MJ: profiles exists for both SAML and OpenIDC. those are not IETF > specifications though > - BL: ok to point to external doc from either of the I-Ds in question > - MJ: very achievable > - BL: all should go to the IESG at the same time to establish context > - PHO: is this for the IESG benefit or for future developers > - BL: the latter > - PHO: talk to Heather Flanagan or the IANA - they have talked about > having long-term access to external documents > - BL: ok will consider that - or we can copy text into WG wiki > - BC: interop does not require external profiles actually > - TL: same experience at DT with the JSON-based assertion format - no > addl profiles are needed > - MJ: a SAML deployment needs agreement on certain SAML-specific > conventions - this is what BL is referring to > - BC: right > - TN: so just refer to the SAML specs > - BL: maybe enough > - JB and TL volunteered to make a review. > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
