%% You should probably cite rfc7833 instead of this I-D. @techreport{ietf-abfab-aaa-saml-12, number = {draft-ietf-abfab-aaa-saml-12}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/12/}, author = {Josh Howlett and Sam Hartman and Alejandro Pérez-Méndez}, title = {{A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML}}, pagetotal = 31, year = 2015, month = oct, day = 19, abstract = {This document describes the use of the Security Assertion Mark-up Language (SAML) with RADIUS in the context of the ABFAB architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion query/request, enabling a Relying Party to request authentication of, or assertions for, users or machines (Clients). These Clients may be named using a NAI name identifier format. Finally, the subject confirmation methods allow requests and queries to be issued for a previously authenticated user or machine without needing to explicitly identify them as the subject. These artifacts have been defined to permit application in AAA scenarios other than ABFAB, such as network access.}, }