--- 1/draft-ietf-kitten-sasl-saml-ec-09.txt 2013-09-23 18:14:24.793881367 -0700 +++ 2/draft-ietf-kitten-sasl-saml-ec-10.txt 2013-09-23 18:14:24.857882990 -0700 @@ -1,19 +1,19 @@ Network Working Group S. Cantor Internet-Draft Shibboleth Consortium Intended status: Standards Track S. Josefsson -Expires: November 14, 2013 SJD AB - May 13, 2013 +Expires: March 27, 2014 SJD AB + September 23, 2013 SAML Enhanced Client SASL and GSS-API Mechanisms - draft-ietf-kitten-sasl-saml-ec-09.txt + draft-ietf-kitten-sasl-saml-ec-10.txt Abstract Security Assertion Markup Language (SAML) 2.0 is a generalized framework for the exchange of security-related information between asserting and relying parties. Simple Authentication and Security Layer (SASL) and the Generic Security Service Application Program Interface (GSS-API) are application frameworks to facilitate an extensible authentication model. This document specifies a SASL and GSS-API mechanism for SAML 2.0 that leverages the capabilities of a @@ -30,21 +30,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on November 14, 2013. + This Internet-Draft will expire on March 27, 2014. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -1198,22 +1198,22 @@ (TLS) Protocol Version 1.2", RFC 5246, August 2008. [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)", RFC 6125, March 2011. [SAMLECP20] Cantor, S., "SAML V2.0 Enhanced Client or Proxy Profile - Version 2.0", OASIS Working Draft OASIS.sstc-saml-ecp- - v2.0-wd07, April 2013. + Version 2.0", OASIS Committee Specification OASIS.sstc- + saml-ecp-v2.0-cs01, August 2013. [W3C.soap11] Box, D., Ehnebuske, D., Kakivaya, G., Layman, A., Mendelsohn, N., Nielsen, H., Thatte, S., and D. Winer, "Simple Object Access Protocol (SOAP) 1.1", W3C Note soap11, May 2000, . 9.2. Normative References for GSS-API Implementers [I-D.ietf-abfab-gss-eap-naming] @@ -1344,20 +1344,22 @@ Appendix B. Acknowledgments The authors would like to thank Klaas Wierenga, Sam Hartman, Nico Williams, Jim Basney, and Venkat Yekkirala for their contributions. Appendix C. Changes This section to be removed prior to publication. + o 10, update SAML ECP reference to final CS + o 09, align delegation signaling to updated ECP draft o 08, more corrections, added a delegation signaling header o 07, corrections, revised section on delegation o 06, simplified session key schema, moved responsibility for random-to-key to the endpoints, and defined advertisement of session key algorithm and enctypes by acceptor