I also think that the text is already there and these specs are ready to
progress as-is. If anyone disagrees, please let us know what text needs to be
changed or added.
-- Mike
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Brian
Campbell
Sent: Tuesday, September 10, 2013 11:38 AM
To: Tschofenig, Hannes (NSN - FI/Espoo)
Cc: [email protected]
Subject: Re: [OAUTH-WG] Next steps on the OAuth Assertion Drafts
Regarding the second item about additional SAML related text - such text
already exists in the document in ยง5 [quoted and linked below].
It's unclear to me what else is being asked for here?
I'd like to request that some specific and concrete text be proposed, if anyone
believes the current wording is insufficient.
from tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-17#section-5
"5. Interoperability Considerations
Agreement between system entities regarding identifiers, keys, and
endpoints is required in order to achieve interoperable deployments
of this profile. Specific items that require agreement are as
follows: values for the issuer and audience identifiers, the location
of the token endpoint, and the key used to apply and verify the
digital signature over the assertion. The exchange of such
information is explicitly out of scope for this specification and
typical deployment of it will be done alongside existing SAML Web SSO
deployments that have already established a means of exchanging such
information. Metadata for the OASIS Security Assertion Markup
Language (SAML) V2.0 [OASIS.saml-metadata-2.0-os] is one common
method of exchanging SAML related information about system entities."
Thanks,
Brian
On Tue, Sep 10, 2013 at 8:26 AM, Tschofenig, Hannes (NSN - FI/Espoo)
<[email protected]> wrote:
> Hi all,
>
> I am trying to wrap up the assertion documents and I took a look at the
> meeting minutes from the Berlin IETF meeting and the actions are as follows:
>
> ** John & Torsten: Please post your document review to the list.
>
> ** Authors of draft-ietf-oauth-saml2-bearer: Please provide the additional
> SAML related text (as discussed during the meeting) and submit an updated
> document.
>
> Ciao
> Hannes
>
> ------- copy from the minutes --------
>
> * Assertions (BC)
> https://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/
> https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-bearer/
> https://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/
>
> - WGLC ends by 8/8
> - BL on WGLC comments: talked to MJ about how to achieve interop.
> - BL: describe how you could combine specifications to make at least one
> interoperable specification
> - MJ: profiles exists for both SAML and OpenIDC. those are not IETF
> specifications though
> - BL: ok to point to external doc from either of the I-Ds in question
> - MJ: very achievable
> - BL: all should go to the IESG at the same time to establish context
> - PHO: is this for the IESG benefit or for future developers
> - BL: the latter
> - PHO: talk to Heather Flanagan or the IANA - they have talked about
> having long-term access to external documents
> - BL: ok will consider that - or we can copy text into WG wiki
> - BC: interop does not require external profiles actually
> - TL: same experience at DT with the JSON-based assertion format - no
> addl profiles are needed
> - MJ: a SAML deployment needs agreement on certain SAML-specific
> conventions - this is what BL is referring to
> - BC: right
> - TN: so just refer to the SAML specs
> - BL: maybe enough
> - JB and TL volunteered to make a review.
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
