SAML Enhanced Client SASL and GSS-API Mechanisms
draft-ietf-kitten-sasl-saml-ec-20
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2024-01-05
|
20 | (System) | Document has expired |
2024-01-05
|
20 | (System) | Removed all action holders (IESG state changed) |
2024-01-05
|
20 | (System) | IESG state changed to Dead from I-D Exists |
2024-01-04
|
20 | Paul Wouters | returned to WG as per discussion with Ben Kaduk |
2024-01-04
|
20 | Paul Wouters | IETF WG state changed to WG Document from Submitted to IESG for Publication |
2024-01-04
|
20 | Paul Wouters | returning to WG as per discussion with Ben Kaduk |
2024-01-04
|
20 | (System) | Changed action holders to Paul Wouters (IESG state changed) |
2024-01-04
|
20 | Paul Wouters | IESG state changed to I-D Exists from AD Evaluation::Revised I-D Needed |
2023-02-25
|
20 | Paul Wouters | Another reminder sent |
2022-12-09
|
20 | Paul Wouters | sent reminder to restart this process: https://mailarchive.ietf.org/arch/msg/kitten/zSPtA42LMpYA23KOTAgSo1TnieU/ |
2022-12-09
|
20 | Paul Wouters | 1. Summary This document defines a mechanism for use of Security Assertion Markup Language (SAML) 2.0 in both the Security Authentication … 1. Summary This document defines a mechanism for use of Security Assertion Markup Language (SAML) 2.0 in both the Security Authentication and Security Layer (SASL) and the Generic Security Services Application Programming Interface (GSS-API). This mechanism eases the use of SAML outside the browser, and thereby improves federated authentication capabilities as well. This is a Proposed Standard document since it defines this new mechanism and its behavior. Robbie Harwood is the document shepherd. Benjamin Kaduk was the responsible area director, but this has now changed to Paul Wouters. 2. Review and Consensus There is good consensus around this document, which integrates federation with existing authentication technologies. The integration of SAML with SASL is explicitly mentioned in our charter, and there was no opposition to adopting a document to integrate the two. This document has strong working group interest due to it being a focus of the historical sasl working group (which moved into kitten in our recharter). The first version was created in 2010, and at the time there was another proposal which was more strongly tied to the web browser. Early discussion was focused around merging the two proposals, and consensus on this document's approach (with some changes) was achieved prior to adopting this document in kitten. At that point, there was additional detailed review and refinement from several members, but no very little contention about changes. There is a mature implementation which works with Shibboleth at https://github.com/fedushare/mech_saml_ec to which several kitten members have contributed; there are no outstanding specification issues reported by this implementation. 3. Intellectual property There are no intellectual property disclosures against this document, and the I-D was submitted in full conformance with BCP 78 and BCP 79. 4. Other information The IANA considerations are twofold. First, this document request a new entry in an existing registry for GSS-API and SASL mechanisms, corresponding to the mechanism this document defines. Second, it requests a sub-namespace for XML constructs that the mechaism uses, and includes a schema for it. idnits warns about non-rfc2606-complaint FQDNs; this is a false positive. Likewise, the normative use of the OASIS standard "SAML V2.0 Enhanced Client or Proxy Profile Version 2.0" is intentional. |
2022-11-06
|
20 | Paul Wouters | See https://mailarchive.ietf.org/arch/msg/kitten/UiK8dMrsLEJJ37pnMRGxEfsHdgI/ |
2022-11-06
|
20 | (System) | Changed action holders to Simon Josefsson, Scott Cantor, Margaret Cullen (IESG state changed) |
2022-11-06
|
20 | Paul Wouters | IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation::AD Followup |
2022-03-23
|
20 | Amy Vezza | Shepherding AD changed to Paul Wouters |
2021-05-10
|
20 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2021-05-10
|
20 | Margaret Cullen | New version available: draft-ietf-kitten-sasl-saml-ec-20.txt |
2021-05-10
|
20 | (System) | New version approved |
2021-05-10
|
20 | (System) | Request for posting confirmation emailed to previous authors: Scott Cantor , Simon Josefsson , kitten-chairs@ietf.org |
2021-05-10
|
20 | Margaret Cullen | Uploaded new revision |
2020-09-02
|
19 | Benjamin Kaduk | IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation |
2020-07-22
|
19 | Benjamin Kaduk | IESG state changed to AD Evaluation from Publication Requested |
2019-08-29
|
19 | Robbie Harwood | 1. Summary This document defines a mechanism for use of Security Assertion Markup Language (SAML) 2.0 in both the Security Authentication … 1. Summary This document defines a mechanism for use of Security Assertion Markup Language (SAML) 2.0 in both the Security Authentication and Security Layer (SASL) and the Generic Security Services Application Programming Interface (GSS-API). This mechanism eases the use of SAML outside the browser, and thereby improves federated authentication capabilities as well. This is a Proposed Standard document since it defines this new mechanism and its behavior. Robbie Harwood is the document shepherd. Benjamin Kaduk is the responsible area director. 2. Review and Consensus There is good consensus around this document, which integrates federation with existing authentication technologies. The integration of SAML with SASL is explicitly mentioned in our charter, and there was no opposition to adopting a document to integrate the two. This document has strong working group interest due to it being a focus of the historical sasl working group (which moved into kitten in our recharter). The first version was created in 2010, and at the time there was another proposal which was more strongly tied to the web browser. Early discussion was focused around merging the two proposals, and consensus on this document's approach (with some changes) was achieved prior to adopting this document in kitten. At that point, there was additional detailed review and refinement from several members, but no very little contention about changes. There is a mature implementation which works with Shibboleth at https://github.com/fedushare/mech_saml_ec to which several kitten members have contributed; there are no outstanding specification issues reported by this implementation. 3. Intellectual property There are no intellectual property disclosures against this document, and the I-D was submitted in full conformance with BCP 78 and BCP 79. 4. Other information The IANA considerations are twofold. First, this document request a new entry in an existing registry for GSS-API and SASL mechanisms, corresponding to the mechanism this document defines. Second, it requests a sub-namespace for XML constructs that the mechaism uses, and includes a schema for it. idnits warns about non-rfc2606-complaint FQDNs; this is a false positive. Likewise, the normative use of the OASIS standard "SAML V2.0 Enhanced Client or Proxy Profile Version 2.0" is intentional. |
2019-08-29
|
19 | Robbie Harwood | Responsible AD changed to Benjamin Kaduk |
2019-08-29
|
19 | Robbie Harwood | IETF WG state changed to Submitted to IESG for Publication from In WG Last Call |
2019-08-29
|
19 | Robbie Harwood | IESG state changed to Publication Requested from I-D Exists |
2019-08-29
|
19 | Robbie Harwood | IESG process started in state Publication Requested |
2019-08-29
|
19 | Robbie Harwood | Changed consensus to Yes from Unknown |
2019-08-29
|
19 | Robbie Harwood | (Adding missing field prior to submission.) |
2019-08-29
|
19 | Robbie Harwood | Intended Status changed to Proposed Standard from None |
2019-08-29
|
19 | Robbie Harwood | 1. Summary This document defines a mechanism for use of Security Assertion Markup Language (SAML) 2.0 in both the Security Authentication … 1. Summary This document defines a mechanism for use of Security Assertion Markup Language (SAML) 2.0 in both the Security Authentication and Security Layer (SASL) and the Generic Security Services Application Programming Interface (GSS-API). This mechanism eases the use of SAML outside the browser, and thereby improves federated authentication capabilities as well. This is a Proposed Standard document since it defines this new mechanism and its behavior. Robbie Harwood is the document shepherd. Benjamin Kaduk is the responsible area director. 2. Review and Consensus There is good consensus around this document, which integrates federation with existing authentication technologies. The integration of SAML with SASL is explicitly mentioned in our charter, and there was no opposition to adopting a document to integrate the two. This document has strong working group interest due to it being a focus of the historical sasl working group (which moved into kitten in our recharter). The first version was created in 2010, and at the time there was another proposal which was more strongly tied to the web browser. Early discussion was focused around merging the two proposals, and consensus on this document's approach (with some changes) was achieved prior to adopting this document in kitten. At that point, there was additional detailed review and refinement from several members, but no very little contention about changes. There is a mature implementation which works with Shibboleth at https://github.com/fedushare/mech_saml_ec to which several kitten members have contributed; there are no outstanding specification issues reported by this implementation. 3. Intellectual property There are no intellectual property disclosures against this document, and the I-D was submitted in full conformance with BCP 78 and BCP 79. 4. Other information The IANA considerations are twofold. First, this document request a new entry in an existing registry for GSS-API and SASL mechanisms, corresponding to the mechanism this document defines. Second, it requests a sub-namespace for XML constructs that the mechaism uses, and includes a schema for it. idnits warns about non-rfc2606-complaint FQDNs; this is a false positive. Likewise, the normative use of the OASIS standard "SAML V2.0 Enhanced Client or Proxy Profile Version 2.0" is intentional. |
2019-08-28
|
19 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-19.txt |
2019-08-28
|
19 | (System) | New version approved |
2019-08-28
|
19 | (System) | Request for posting confirmation emailed to previous authors: Simon Josefsson , Scott Cantor |
2019-08-28
|
19 | Scott Cantor | Uploaded new revision |
2019-08-02
|
18 | Robbie Harwood | Notification list changed to Robbie Harwood <rharwood@redhat.com> |
2019-08-02
|
18 | Robbie Harwood | Document shepherd changed to Robbie Harwood |
2019-07-31
|
18 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-18.txt |
2019-07-31
|
18 | (System) | New version approved |
2019-07-31
|
18 | (System) | Request for posting confirmation emailed to previous authors: Simon Josefsson , Scott Cantor |
2019-07-31
|
18 | Scott Cantor | Uploaded new revision |
2018-11-05
|
17 | (System) | Document has expired |
2018-04-24
|
17 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-17.txt |
2018-04-24
|
17 | (System) | New version approved |
2018-04-24
|
17 | (System) | Request for posting confirmation emailed to previous authors: Simon Josefsson , Scott Cantor |
2018-04-24
|
17 | Scott Cantor | Uploaded new revision |
2017-10-24
|
16 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-16.txt |
2017-10-24
|
16 | (System) | New version approved |
2017-10-24
|
16 | (System) | Request for posting confirmation emailed to previous authors: Simon Josefsson , Scott Cantor |
2017-10-24
|
16 | Scott Cantor | Uploaded new revision |
2017-04-25
|
15 | Benjamin Kaduk | New version available: draft-ietf-kitten-sasl-saml-ec-15.txt |
2017-04-25
|
15 | (System) | New version approved |
2017-04-24
|
15 | (System) | Request for posting confirmation emailed to previous authors: Simon Josefsson , Scott Cantor |
2017-04-24
|
15 | Benjamin Kaduk | Uploaded new revision |
2016-04-04
|
14 | Benjamin Kaduk | Marking as In WG Last Call since it's in the queue for WGLC, to avoid it falling out of the dashboard due to impending expiry. |
2016-04-04
|
14 | Benjamin Kaduk | IETF WG state changed to In WG Last Call from WG Document |
2015-10-10
|
14 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-14.txt |
2015-09-25
|
13 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-13.txt |
2014-12-29
|
12 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-12.txt |
2014-01-13
|
11 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-11.txt |
2013-09-23
|
10 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-10.txt |
2013-05-13
|
09 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-09.txt |
2013-05-05
|
08 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-08.txt |
2013-04-29
|
07 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-07.txt |
2013-01-29
|
06 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-06.txt |
2012-12-03
|
05 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-05.txt |
2012-10-17
|
04 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-04.txt |
2012-09-17
|
03 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-03.txt |
2012-08-13
|
02 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-02.txt |
2012-02-28
|
01 | Scott Cantor | New version available: draft-ietf-kitten-sasl-saml-ec-01.txt |
2011-08-29
|
00 | (System) | New version available: draft-ietf-kitten-sasl-saml-ec-00.txt |