The IESG has approved the following document: - 'A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for SAML' (draft-ietf-abfab-aaa-saml-14.txt) as Proposed Standard This document is the product of the Application Bridging for Federated Access Beyond web Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-abfab-aaa-saml/ Technical Summary: The document describes the use of the Security Assertion Mark-up Language (SAML) with RADIUS in the context of the ABFAB architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion query/request, enabling a Relying Party to request authentication of, or assertions for, users or machines (Clients). These Clients may be named using a NAI name identifier format. Finally, the subject confirmation methods allow requests and queries to be issued for a previously authenticated user or machine without needing to explicitly identify them as the subject. These artifacts have been defined to permit application in AAA scenarios other than ABFAB, such as network access. Working Group Summary: This document had a few false starts before it really got traction. That has resulted in a rather lengthy process to get going. The challenge was getting the right set of experts on RADIUS and SAML together, now consensus is strong that this is the right approach. Document Quality: There is as far as I know 1 implementation of the protocol. At this stage there are no indications for wide industry take-up. Special mention deserves Scott Cantor (editor of the SAML2.0 spec and member of OASIS SSTC) for doing a thorough review and guide the authors on the SAML side. Personnel: Document Shepherd: Klaas Wierenga Responsible Area Director: Stephen Farrell RFC Editor Note There was one, but it's included in -14, so now there isn't one:-)
