Skip to main content

Application Bridging for Federated Access Beyond Web (ABFAB) Architecture

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Josh Howlett , Sam Hartman , Hannes Tschofenig , Eliot Lear
Last updated 2012-05-18 (Latest revision 2011-03-09)
Replaced by draft-ietf-abfab-arch
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-abfab-arch
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Over the last decade a substantial amount of work has occurred in the space of federated access management. Most of this effort has focused on two use-cases: network and web-based access. However, the solutions to these use-cases that have been proposed and deployed tend to have few common building blocks in common. This memo describes an architecture that makes use of extensions to the commonly used security mechanisms for both federated and non- federated access management, including RADIUS, Diameter, GSS, GS2, EAP and SAML. The architecture addresses the problem of federated access management to primarily non-web-based services, in a manner that will scale to large numbers of federations.


Josh Howlett
Sam Hartman
Hannes Tschofenig
Eliot Lear

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)