< draft-young-entity-category-05.txt   draft-young-entity-category-06.txt >
Network Working Group I. Young, Ed. Network Working Group I. Young, Ed.
Internet-Draft Independent Internet-Draft Independent
Intended status: Informational L. Johansson Intended status: Informational L. Johansson
Expires: January 18, 2018 SUNET Expires: July 14, 2018 SUNET
S. Cantor S. Cantor
Shibboleth Consortium Shibboleth Consortium
July 17, 2017 January 10, 2018
The Entity Category SAML Attribute Types The Entity Category SAML Attribute Types
draft-young-entity-category-05 draft-young-entity-category-06
Abstract Abstract
This document describes a SAML entity attribute which can be used to This document describes a SAML entity attribute which can be used to
assign category membership semantics to an entity, and a second assign category membership semantics to an entity, and a second
attribute for use in claiming interoperation with or support for attribute for use in claiming interoperation with or support for
entities in such categories. entities in such categories.
This document is a product of the Research and Education Federations This document is a product of the Research and Education Federations
(REFEDS) Working Group process. (REFEDS) Working Group process.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 18, 2018. This Internet-Draft will expire on July 14, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. to this document.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. REFEDS Document Process . . . . . . . . . . . . . . . . . 3 1.1. REFEDS Document Process . . . . . . . . . . . . . . . . . 3
2. Notation and Conventions . . . . . . . . . . . . . . . . . . 3 2. Notation and Conventions . . . . . . . . . . . . . . . . . . 3
3. Entity Category Attribute . . . . . . . . . . . . . . . . . . 4 3. Entity Category Attribute . . . . . . . . . . . . . . . . . . 4
skipping to change at page 2, line 28 skipping to change at page 2, line 28
4.2. Semantics . . . . . . . . . . . . . . . . . . . . . . . . 7 4.2. Semantics . . . . . . . . . . . . . . . . . . . . . . . . 7
4.3. Entity Category Support Example . . . . . . . . . . . . . 7 4.3. Entity Category Support Example . . . . . . . . . . . . . 7
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
6. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Security Considerations . . . . . . . . . . . . . . . . . . . 8
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
7.1. Normative References . . . . . . . . . . . . . . . . . . 9 7.1. Normative References . . . . . . . . . . . . . . . . . . 9
7.2. Informative References . . . . . . . . . . . . . . . . . 10 7.2. Informative References . . . . . . . . . . . . . . . . . 10
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 11 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 11
Appendix B. Change Log (to be removed by RFC Editor before Appendix B. Change Log (to be removed by RFC Editor before
publication) . . . . . . . . . . . . . . . . . . . . 11 publication) . . . . . . . . . . . . . . . . . . . . 11
B.1. Since draft-young-entity-category-04 . . . . . . . . . . 11 B.1. Since draft-young-entity-category-05 . . . . . . . . . . 11
B.2. Since draft-young-entity-category-03 . . . . . . . . . . 11 B.2. Since draft-young-entity-category-04 . . . . . . . . . . 11
B.3. Since draft-young-entity-category-02 . . . . . . . . . . 11 B.3. Since draft-young-entity-category-03 . . . . . . . . . . 11
B.4. Since draft-young-entity-category-01 . . . . . . . . . . 12 B.4. Since draft-young-entity-category-02 . . . . . . . . . . 11
B.5. Since draft-young-entity-category-00 . . . . . . . . . . 12 B.5. Since draft-young-entity-category-01 . . . . . . . . . . 12
B.6. Since draft-macedir-entity-category . . . . . . . . . . . 13 B.6. Since draft-young-entity-category-00 . . . . . . . . . . 12
B.7. Since draft-macedir-entity-category . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
This document describes a SAML attribute, referred to here as the This document describes a SAML attribute, referred to here as the
"entity category attribute", values of which represent entity types "entity category attribute", values of which represent entity types
or categories. When used with the SAML V2.0 Metadata Extension for or categories. When used with the SAML V2.0 Metadata Extension for
Entity Attributes [SAML2MetadataAttr] each such entity category Entity Attributes [SAML2MetadataAttr] each such entity category
attribute value represents a claim that the entity thus labelled attribute value represents a claim that the entity thus labelled
meets the requirements of, and is asserted to be a member of, the meets the requirements of, and is asserted to be a member of, the
skipping to change at page 10, line 23 skipping to change at page 10, line 23
April 2012, April 2012,
<http://wiki.oasis-open.org/security/SAML2MetadataDRI>. <http://wiki.oasis-open.org/security/SAML2MetadataDRI>.
7.2. Informative References 7.2. Informative References
[REFEDS] Research and Education Federations, "REFEDS Home Page", [REFEDS] Research and Education Federations, "REFEDS Home Page",
<http://www.refeds.org/>. <http://www.refeds.org/>.
[REFEDS.agreement] [REFEDS.agreement]
Research and Education Federations, "REFEDS Participant's Research and Education Federations, "REFEDS Participant's
Agreement", <https://refeds.org/about/refeds-participants- Agreement",
agreement>. <https://refeds.org/about/refeds-participants-agreement>.
[RFC4844] Daigle, L. and Internet Architecture Board, "The RFC [RFC4844] Daigle, L. and Internet Architecture Board, "The RFC
Series and RFC Editor", RFC 4844, July 2007. Series and RFC Editor", RFC 4844, July 2007.
[SAML2IDAssuranceProfile] [SAML2IDAssuranceProfile]
Morgan, RL., Ed., Madsen, P., Ed., and S. Cantor, Ed., Morgan, RL., Ed., Madsen, P., Ed., and S. Cantor, Ed.,
"SAML V2.0 Identity Assurance Profiles Version 1.0", "SAML V2.0 Identity Assurance Profiles Version 1.0",
November 2010, <https://wiki.oasis-open.org/security/ November 2010, <https://wiki.oasis-open.org/security/
SAML2IDAssuranceProfile>. SAML2IDAssuranceProfile>.
skipping to change at page 11, line 26 skipping to change at page 11, line 26
o Steven Olshansky o Steven Olshansky
o Mikael Linden o Mikael Linden
o Nicole Harris o Nicole Harris
o Tom Scavo o Tom Scavo
Appendix B. Change Log (to be removed by RFC Editor before publication) Appendix B. Change Log (to be removed by RFC Editor before publication)
B.1. Since draft-young-entity-category-04 B.1. Since draft-young-entity-category-05
No substantive changes. No substantive changes.
B.2. Since draft-young-entity-category-03 B.2. Since draft-young-entity-category-04
No substantive changes.
B.3. Since draft-young-entity-category-03
Additional improvements in response to IETF Gen-Art review: Additional improvements in response to IETF Gen-Art review:
o Section 3.2: additional SHOULD language recommending that category o Section 3.2: additional SHOULD language recommending that category
definitions include applicability information for particular SAML definitions include applicability information for particular SAML
role descriptors. role descriptors.
o Section 3.2: added an informative reference to o Section 3.2: added an informative reference to
[SAML2IDAssuranceProfile] and language recommending its use over [SAML2IDAssuranceProfile] and language recommending its use over
entity categories where appropriate. entity categories where appropriate.
B.3. Since draft-young-entity-category-02 B.4. Since draft-young-entity-category-02
Fix link to the REFEDS Participant's Agreement [REFEDS.agreement]. Fix link to the REFEDS Participant's Agreement [REFEDS.agreement].
Clarifications in response to IETF Gen-Art review: Clarifications in response to IETF Gen-Art review:
o Section 1: make explicit the fact that we don't specify any values o Section 1: make explicit the fact that we don't specify any values
of either attribute in this document. of either attribute in this document.
o Section 3.1, Section 4.1: clarify that it is possible for o Section 3.1, Section 4.1: clarify that it is possible for
attribute values to appear within multiple Attribute elements, and attribute values to appear within multiple Attribute elements, and
skipping to change at page 12, line 19 skipping to change at page 12, line 25
o Section 3.2, Section 4.2: If significant changes are made to a o Section 3.2, Section 4.2: If significant changes are made to a
category definition, the new version of the category SHOULD be category definition, the new version of the category SHOULD be
represented by a different category URI *so that the old and new represented by a different category URI *so that the old and new
versions can be distinguished by a relying party*. versions can be distinguished by a relying party*.
o Section 3.2, Section 4.2: *No ordering relation is defined over o Section 3.2, Section 4.2: *No ordering relation is defined over
entity category value URIs.* Entity category attribute value URIs entity category value URIs.* Entity category attribute value URIs
MUST be treated as opaque strings *for the purpose of comparison*. MUST be treated as opaque strings *for the purpose of comparison*.
B.4. Since draft-young-entity-category-01 B.5. Since draft-young-entity-category-01
Changes from REFEDS consultation process: Changes from REFEDS consultation process:
1. Simplify title from "The Entity Category SAML Entity Metadata 1. Simplify title from "The Entity Category SAML Entity Metadata
Attribute Types" to "The Entity Category SAML Attribute Types". Attribute Types" to "The Entity Category SAML Attribute Types".
2. Clarify the use of [SAML2MetadataRPI] in Section 6 by indicating 2. Clarify the use of [SAML2MetadataRPI] in Section 6 by indicating
the elements and attributes to be used, and the sections of the elements and attributes to be used, and the sections of
[SAML2MetadataRPI] in which they are defined. [SAML2MetadataRPI] in which they are defined.
skipping to change at page 12, line 42 skipping to change at page 12, line 48
4. Clarify that the origin of a category membership or support claim 4. Clarify that the origin of a category membership or support claim
may not always be the original registrar. may not always be the original registrar.
Grammar fix in Abstract. Grammar fix in Abstract.
Change the reference anchor for the SAML [SAML2MetadataRPI] Change the reference anchor for the SAML [SAML2MetadataRPI]
extension, as it now more commonly known as RPI than its original DRI extension, as it now more commonly known as RPI than its original DRI
abbreviation. abbreviation.
B.5. Since draft-young-entity-category-00 B.6. Since draft-young-entity-category-00
Update affiliations for Leif Johansson and Scott Cantor. Update affiliations for Leif Johansson and Scott Cantor.
Remove authors from acknowledgements. Remove authors from acknowledgements.
Reorganize some of the introductory boilerplate sections. Reorganize some of the introductory boilerplate sections.
B.6. Since draft-macedir-entity-category B.7. Since draft-macedir-entity-category
Adopted as base for draft-young-entity-category-00. Adopted as base for draft-young-entity-category-00.
Changed ipr from "pre5378Trust200902" to "trust200902" and submission Changed ipr from "pre5378Trust200902" to "trust200902" and submission
type from IETF to independent. type from IETF to independent.
Designate Ian Young as editor for this version. Set more general Designate Ian Young as editor for this version. Set more general
affiliation. affiliation.
Modernised reference to RFC 2119 [BCP14] and moved that reference to Modernised reference to RFC 2119 [BCP14] and moved that reference to
 End of changes. 15 change blocks. 
21 lines changed or deleted 26 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/