Hi, here are some comments to the draft: http://www.ietf.org/internet-drafts/draft-ietf-sip-saml-02.txt
a) Comments [Page 2], Abstract Can you add a reference to the corresponding RFC number? (RFC4474, RFC4484?) [Page 3], Introduction Is this document only about assertion for the authorization or also for the authentication? [Page 7], 3.1. SAML Assertion ...including issuer, timestamp (IssueInstant) and subject ... [Page 9], 4. Specification scope ...SIP profile and binding ... [Page 12] Domain name for Alice: example.com or foo.com?? (same comment for other figures) Authentication service or Assertion service or both? [Page 13], 6.1. Assertion Fetch profile Is this the only planned profile or will other profiles be defined and added later? Will there also be a push based model? Will it then be "pushed" as part of the SIP message? [Page 13], 6.1.1. URN What's the current consensus for the urn? [Page 17], 6.1.3. ...sender and Authentication service (AS) may be separate or... ??? How will the AS and sender be combined? Should it not be Authentication or Assertion service which can be combined? [Page 22], 6.1.4.1.4. AttributeStatement is indicated. But what about Authentication and Authorization Decision statement? [Page 23], Step 3, TODO I think it's always good to indicate problems with the assertion. [Page36], Figure 5 should de saml: keyword not be added for the XML elements? saml:Assertion, [Page30] Security considerations Is it possible to redirect messages to an own authentication service by manipulating the end-device? How can the called party trust the authentication service assigned by the caller? [Page31] This RFC draft talks about assertions. But how can an identity be asserted only by considering a device, e.g. in case a device is stolen or temporary used by someone else? At VON 2000, H. Schulzrinne has already indicated that something as fingerprint has to be added for a device with a changing set of owners. b) Typos [Page 11], 5, ยง1: ...because the those -> because those: [Page 14], 5.1.2: ...Although this profile is overview ....-> [Page 21], 5.1.4.1: ....requirments .... -> [Page 40], Appendix A: ...addtional. -> With best regards, Marc Willekens.
_______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
