Re: FEDAUTH BOF request

[Tina TSOU <tena@huawei.com>]

Hi Bernard,

Comments are in line.

 

B. R.
Tina
http://tinatsou.weebly.com/contact.html

----- Original Message -----

From: Bernard Aboba

To: tena@huawei.com ; aaa-doctors@ietf.org ; radiusext@ops.ietf.org ; dime@ietf.org ; dromasca@avaya.com

Sent: Thursday, June 03, 2010 1:03 PM

Subject: RE: FEDAUTH BOF request

Tina said:

> Comments are below.
> 1. This might be of interest to ngHLR (Unified Subscriber Center) kind of
> solutions who provide Identity Management services
> 2. From protocol side, I think it may be more interesting for RADIUS as I  doubt the suitability of Diameter for this.

Not sure why RADIUS would be more suitable than Diameter for carrying large payloads such as SAML assertions.  The 4096 octet RADIUS PDU limit is not transport-specific -- that is, transporting the RADIUS payload over TCP does not solve the problem. 

 

[Tina: You are also right from the aspect you raised.

Diameter roaming model is well established (in use cases like WLAN-3GPP interworking) without the use of EAP or SAML. I fail to see what would be the benefits of using EAP or SAML with Diameter which the current roaming model does not already have.

Everything has pros and cons, as you said in another email, let's begin with a problem statement, and then protocols.]


 
> ----- Original Message -----
> From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>
> To: <dime@ietf.org>; "radext mailing list" <radiusext@ops.ietf.org>;
> <aaa-doctors@ietf.org>
> Sent: Wednesday, June 02, 2010 10:56 PM
> Subject: FEDAUTH BOF request
>
>
> Diameter and RADIUS experts should pay attention to the request to hold
> a Federated Authentication (FEDAUTH) BOF which will be discussed this
> morning by the IAB and the IESG.
>
> The Draft Charter is available at
> http://www.project-moonshot.org/bof/charter/, and more information about
> this BOF or other BOF requests can be examined at
> http://trac.tools.ietf.org/bof/trac/
>
> Dan
>
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
>
>
>
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>