-----Original Message-----
From: kitten-bounces(_at_)ietf(_dot_)org
[mailto:kitten-bounces(_at_)ietf(_dot_)org] On Behalf
Of
Phillip Hallam-Baker
Sent: Wednesday, March 10, 2010 8:05 AM
To: Melinda Shore
Cc: emu(_at_)ietf(_dot_)org; Glen Zorn; kitten(_at_)ietf(_dot_)org; moonshot-
community(_at_)jiscmail(_dot_)ac(_dot_)uk; Sam Hartman;
ietf(_at_)ietf(_dot_)org
Subject: Re: Bar Bof on Federated Authentication Thursday at 9 PM during
IETF
week
Last time we had a BOF on that subject matter we had people with the
bizarre notion that the user interface should be excluded from work on
user authentication.I don't care if usability is outside people's
comfort zone, if any group is going to be chartered in this space it
should be required to address usability issues or we are better off
without it.
If I understand the draft and motivations behind it correctly,
I think a large part of the proposal (draft-howlett-eap-gss)
is to develop machine to machine federated identity (and authentication).
Which is why Radius is involved (as it is a common directory
infra in many organizations) and SAML Request/Response used
to carry authz info.
So, I'm not sure that "user interface" is relevant here.
GSSAPI is the suggested API for applications.
Or did I read the wrong draft... :)
/thomas/
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf