Presence and IntComm WG

[Peter Saint-Andre <>]

If you'd like, I can get Klaas and Eliot to join one of our calls. Klaas
used to be active in i2 as I recall. :)

On 1/15/10 2:12 PM, Tom Scavo wrote:
> I haven't read through this yet but it certainly seems to be relevant. Tom
> 
> ----------------------------------------------------------------------
> 
> A SASL Mechanism for SAML
> Klaas Wierenga and Eliot Lear (eds), IETF Internet Draft
> 
> An initial level -00 Standards Track IETF Internet Draft has been
> published for the specification "A SASL Mechanism for SAML." The memo
> specifies a SASL mechanism for SAML 2.0 that allows the integration
> of existing SAML Identity Providers with applications using SASL.
> 
> Details: "Security Assertion Markup Language (SAML) is a multi-party
> protocol (or rather set of protocols) that provides a means for a user
> to offer identity assertions and other attributes to a relying party
> (RP) via the help of an identity provider (IdP).
> 
> 'Simple Authentication and Security Layer (SASL)' is defined in IETF
> standards Track RFC #4422, edited by Alexey Melnikov and Kurt D.
> Zeilenga. The Simple Authentication and Security Layer (SASL) is a
> framework for providing authentication and data security services in
> connection-oriented protocols via replaceable mechanisms. It provides
> a structured interface between protocols and mechanisms. The resulting
> framework allows new protocols to reuse existing mechanisms and allows
> old protocols to make use of new mechanisms. The framework also
> provides a protocol for securing subsequent protocol exchanges within
> a data security layer.
> 
> SASL is used by application protocols like IMAP, POP and XMPP. The
> effect is to make modular authentication, so that newer authentication
> mechanisms can be added as needed. This memo specifies just such a
> mechanism. As currently envisioned, this mechanism is to allow the
> interworking between SASL and SAML in order to assert identity and
> other attributes to relying parties. As such, while servers (as relying
> parties) will advertise SASL mechanisms (including SAML), clients will
> select the SAML SASL mechanism as their SASL mechanism of choice. The
> SAML mechanism described in this memo aims to re-use the available SAML
> deployment to a maximum extent and therefore does not establish a
> separate authentication, integrity and confidentiality mechanism. It
> is anticipated that existing security layers, such as Transport Layer
> Security (TLS), will continued to be used..."
> 
> http://xml.coverpages.org/saml.html#wierenga-ietf-sasl-saml-00
> See also the SAML 2.0 Core specification:
> http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
> 
> ----------------------------------------------------------------------
>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature