Presentation is loading. Please wait.

Presentation is loading. Please wait.

SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010.

Published byEmmeline Cannon Modified over 9 years ago

Similar presentations

Presentation on theme: "SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010."— Presentation transcript:

1 SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010

2 Topics Update on SASL-SAML draft Difference between SASL-SAML and SASL- SAML-EC

3 Changes in SASL-SAML draft WG -00 – Sanitized GSS-API stuff – Editorial changes – Server redirect is URI instead of HTTP redirect – Security consideration about secure channel

4 SAML 2.0 WebSSO flow Client Identity Provider Relying Party 1. Resource Request 1 2 3 45 2. Authentication Request 3. Request SSO Service 4. Authenticate both client and IdP 5. Authentication Statement 6 6. Client passes AuthN Statement to RP

5 SAML 2.0 and SASL SAML Client (browser) IdPRP 1 2 3 45 6 SASL server SASL Client Application

6 SASL-SAML SAML Client (browser) IdPRP 1 2a 3 45 6 SASL server SASL Client Application 2b

7 SASL-SAML-EC SAML-aware Client IdPRP 12 3 45 6 SASL server SASL Client Application

8 Pros and Cons SASL-SAML + minimal change to SASL client + no extra application that is trusted with authentication credentials + no need to touch the IdP – rely on external program – 'strange' user experience SASL-SAML-EC + 'cleaner' solution + no need for external program -yet another piece of software to trust with user credentials -IdP needs to support the ECP profile -SASL client needs to implement the ECP profile

Download ppt "SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010."

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
ABFAB for Internet-of-Things Rhys Smith, Janet Sam Hartman & Margaret Wasserman, Painless Security.

ABFAB for Internet-of-Things Rhys Smith, Janet Sam Hartman & Margaret Wasserman, Painless Security.
SearchSearch User Profiles SearchSearchExcelExcelUserProfilesUserProfiles Managed Metadata.

SearchSearch User Profiles SearchSearchExcelExcelUserProfilesUserProfiles Managed Metadata.
Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Contrail and Federated Identity Management

Contrail and Federated Identity Management
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal 1 1 2 2 4 4 3,6 5 5 7 7 8 8 9 9 1010 1010 DNS Hello User Sample (Gateway)

Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal , DNS Hello User Sample (Gateway)
Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.
Eric Raff. Usergroup up

Eric Raff. Usergroup up
1 Security Assertion Markup Language (SAML). 2 SAML Goals Create trusted security statements –Example: Bill’s address is and he was authenticated.

1 Security Assertion Markup Language (SAML). 2 SAML Goals Create trusted security statements –Example: Bill’s address is and he was authenticated.
Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.

Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.
® Practical Approaches to Web Services Authentication 72nd OGC Technical Committee Frascati, Italy Fiona Culloch March 9, 2010 Sponsored and hosted by.

® Practical Approaches to Web Services Authentication 72nd OGC Technical Committee Frascati, Italy Fiona Culloch March 9, 2010 Sponsored and hosted by.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.

Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.
Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  
Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.

Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
SIP Authorization Framework Use Cases Rifaat Shekh-Yusef, Jon Peterson IETF 91, SIPCore WG Honolulu, Hawaii, USA November 13, 2014 1.

SIP Authorization Framework Use Cases Rifaat Shekh-Yusef, Jon Peterson IETF 91, SIPCore WG Honolulu, Hawaii, USA November 13,
Delivering Excellence in Software Engineering ® 2006. EPAM Systems. All rights reserved. ASP.NET Authentication.

Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.
UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.

UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.

Similar presentations

Ads by Google