The IESG has received a request from the Application Bridging for Federated Access Beyond web WG (abfab) to consider the following document: - 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML' <draft-ietf-abfab-aaa-saml-12.txt> as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-12-04. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes the use of the Security Assertion Mark-up Language (SAML) with RADIUS in the context of the ABFAB architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion query/request, enabling a Relying Party to request authentication of, or assertions for, users or machines (Clients). These Clients may be named using a NAI name identifier format. Finally, the subject confirmation methods allow requests and queries to be issued for a previously authenticated user or machine without needing to explicitly identify them as the subject. These artifacts have been defined to permit application in AAA scenarios other than ABFAB, such as network access. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ballot/ No IPR declarations have been submitted directly on this I-D. The reference to RFC3588 should be to 6733. That'll be fixed later.
