►
From YouTube: IETF93-ABFAB-20150720-1740
Description
ABFAB meeting session at IETF93
2015/07/20 1740
A
B
All
right,
boys
and
girls-
let's
get
settled
yeah
I
you
do
that
did
let's
distribute
the.
A
C
That's,
let's
get
organized.
B
D
B
Thank
you
excellent
all
right,
then,
so
we
got
an
hour
better
make
the
most
of
it.
You
won't
see
in
the
note
well-
and
this
is
our
primary
focus
today-
they're
the
big
red
splotches
on
the
the
data
tracker
page
for
our
working
group.
That
says
that
we
have
one
document.
That's
been
sitting
in
the
RSC
editors
queues
for
four
1027
days
right.
The
other
is
only
320
t
nine
days
right.
This
we
gotta
fix
the
the
stuff.
That's
holding
this
up
is,
of
course,
triple
a
saml.
B
We
also
have
the
UI
graft,
you
ice
conservation,
grafts
to
get
get
done,
and
so
I
crafted
an
agenda
to
get
us
as
much
work
as
possible
on
those
two
documents.
There
is
one
more
if
we
have
time
I
promised
on
Stefan
to
do
a
quick
press
0
on
the
credential
forwarding
delegation
draft
that
he
stopped,
but
my
suggestion
is
that
we
quickly
dispense
with
you
I
considerations
in
in
like
three
minutes
and
then
move
on
to
triple-a.
Samo.
Are
you
okay
with
that
wrist
you?
E
B
E
B
B
B
A
B
Good
good
to
go
yeah,
it's
like
your
assessment,
okay,
fine!
So
next
Rev
as
quickly
as
humanly
possible,
I'll
issue,
a
working
group
last
call,
and
then
we
can
we
can
be.
You
can
be
in
right
up
stage
before
before.
September
yeah
that'd
be
fine.
Okay,
all
right-
and
this
actually
has
been
fairly
well
reviewed
now
recently,
so
you
know
it's
not
Chevy
all
right,
so
triple
a
saml
go
heavy!
Let
me
bring
up
your
slides.
A
D
Main
issue
will
have
with
this
draft
so
far
is
that
we
needed
a
mapping,
or
am
I
a
binding
between
the
saml
name
and
the
tripoli
name
when
the
policies
applied
based
on
some
names,
and
I
have
a
premium
proposal
that
I
sent
the
middle
east
just
today
with
the
definition
of
two
different
Road
script
of
types,
radish,
a
DB
descriptor
and
reduce
RP
descriptor
and
the
definition
of
radish
uri
scheme
that
has
some
pointed
out.
My
might
need
to
be
avoided.
Aquarium
wealth
in
for
sake
of
simplicity
and
well.
In
addition
of
this
next.
D
We
have
other
relevant
issues
were
but
minor,
three
issues
that
most
of
them
were
raised
by
g
in
our
last
conference,
which
was
that
with
a
new
name
of
the
entities
that
I
did,
try
to
amo
amo
Genesis
alpha
and
the
sam'l
names
that
were
in
the
previous
version
of
the
documents.
We
should
include
a
table
at
the
beginning
of
the
document
as
the
one
included
into
the
architecture
of
alpha,
and
I
already
done
this
done
this
sorry
in
version
I
have
in
my
computer
waiting
for
we
completely
to
be
submitted.
A
D
This
is
a
question
for
for
Reese
sorry
I
domain
only
made
representations
allowed
in
the
network
access
identifier,
name
identified
format,
I
mean
in
Section.
5
of
this
document
describes
this
network
access
identifier
name
identifier,
format,
which
is
a
form
attitude,
so
our
domain
only
may
presentation
allowed
for
this
forest.
Sometimes
the
IDB
doesn't
provide
a
full
name
of
the
user
today,
RP,
so
it's
possible
to
use
the
add
domain
or
at
realm
notation
is
nai.
A
A
D
And
these
are
a
question
that
you
should
maybe
should
be
for
Ascot
or
any
other
sunless
part
more
than
me.
Obviously,
should
section
she's,
not
one
confirmation
methods,
identifiers
also
refer
to
the
ones
in
section
8
ball
one.
This
was
one
of
your
yeah
comments
regime.
So
if
you
want
to
provide
more
information,
I.
E
C
D
I
have
had
similar
thing,
but
obviously
the
location
would
be
an
uri
naming
the
tipple
8rp
element
both
are
very
similar
in
the
format,
but
we
need
both
of
them
because
of
the
semantics
of
the
own
name.
We
need
one
is
describing
on
LED
and
the
other
one
is
describing
an
RP.
This
is
similar
of
what
already
exists
for
the
web
single
sign-on
profiles
in
salmon.
D
Next-
and
this
was
my
proposal
to
name
triple-a
entities
juicing
on
you
are
I
which
some
didn't
like
it
was
a
well
in
Rogers.
We
have
three
different
possibilities:
name
on
RP,
the
first
one
is
using
the
IP
address.
The
second
one
is
using
the
dance
identifier
attribute,
and
the
third
one
is
using.
The
four
attributes
described
in
RFC
7055,
so
I
define
a
uri
for
each
one
of
them,
which
this
is
specific
format
and
the
last
part
of
the
uri
would
be
the
actual
value
of
the
identifier
for
the
tubular
entity.
For
the
IEP.
D
D
F
So
hi
Sam
Harmon,
first
of
all,
I'd
like
to
say
great,
a
real
heartfelt
thanks
to
to
Alejandro
for
moving
this
forward.
This
has
been
stuck
for
at
least
a
year.
I
think,
if
not
longer
and
no
well,
no,
that's
no,
that's
not
quite
true
like,
but
but
basically
maybe
around
six
hundred
days
or
so,
and
this
is
basically
the
kind
of
concrete
proposal
we
need
to
make
it
move
it
forward.
What
I
propose
that
we
do
to
focus?
F
This
discussion
is
first
like
there's
the
whole
question
of
whether
we
can
define
a
radius
uri,
but
I'd
like
to
defer
that
for
a
little
bit
and
basically
talk
about
kind
of
the
structure
of
the
metadata
and
stuff
and
basically,
let's
ignore
the
process,
issues
surrounding
registering
a
radius
uri.
If
we
could
do
this
what's
on
the
screen
there
now
in
the
example,
would
we
be
happy
with
it?
F
I
like
to
answer
that
question
first,
because
I
think
it's
going
to
be
easier
and
if
the
answer
is
yes,
then
we
can
focus
on
the
process
nitty
gritty
details,
but
we
basically
know
we
have
a
solution
and
we're
just
dealing
with
process
mess,
but
basically
like
comments
from
Reese
llave.
Basically,
people
who
know
sam'l
metadata
and
is
like
is
this.
Basically,
what
we're
trying
to
do
is
this
basically
good.
B
B
D
B
B
F
B
There
you,
oh
a
cat,
that's
an
IDP
metadata.
You
actually
had
one
more
place,
so
this
is
example
or
P
metadata.
This
example.
Are
you.
B
B
F
Speaking
if
we
try
and
register
a
radius
uri
scheme,
it's
going
to
be
a
lot
of
work.
If
we
try
and
register
a
radius
uri
schema
that
doesn't
actually
involve
like
the
hostname
or
IP
address,
or
port
of
a
radius
server,
it's
going
to
raise
some
eyebrows
a
lot,
so
my
only
issue
is
one
a
process.
Basically,
I
think
if
we
do
it,
this
way
we're
going
to
get
get
some.
F
It
will
be
hard
to
get
this
document
published
and
we
will
get
to
talk
to
the
apps
community
a
lot
more
than
then.
We
wanted
to
and
move
it
to
talk
for
a
text
a
lot
more
than
we
want
to
so
I
understand
that
location
is
a
mandatory
attribute
in
a
this,
isn't
in
an
endpoint
right,
mm-hmm!
Okay,
can
we
add
extra
attributes.
F
Yeah,
basically,
what
I'm
hoping
we
can
do
is
specify
a
placeholder
URI
that
we
for
today
that
basically
has
no
we're
not
telling
you
how
to
get
there,
but
that
if
there's
a
radius
you
are
I
defined
in
the
future.
We
could
replace
it
with
and
then
just
put
this
in
other
attributes,
like
I
mean
basically,
we
can
have
our
urm
for
no
really,
you
don't
need
to
know.
B
So
the
the
the
endpoint
type
this
is
reading
this
game.
I
right
now
the
endpoint
type
has.
F
So
so
what
my
proposal
is
that
we
define
a
you
are
n.
That
is
basically
it
indicates
that
location
is
context-dependent.
I.
F
F
B
F
Yeah
base
well,
basically
that
gets
us
out
of
defining
a
new
uri
on
and
oh,
the
other
thing
it
allows
us
to
do
is
in
the
future.
If
we
ever,
we
actually
do
want
to
tell
you
where
the
radius
server
is
like.
If
someone
comes
up
with
the
use
case
where
they
actually,
you
know
like
want
to
give
you
what
to
do
this
with
some
sort
of
rat
sack
thing.
If
they
define
that
you
are
I,
then
they
can
actually
stick
it
in
the
location
field
like
sam'l
intended
all.
F
B
That's
right,
but
what
you're,
what
you're
doing
is
you're,
saying
location,
something
you
look
over
here
for
the
actual
location,
I
guess.
F
B
F
No
I
do
because
the
location,
because
it's
not
the
location
that
we
care
about
for
this
finding,
what
we
care
about
is
the
naming
information
right.
We
actually
care
about
the
triple
a
name
in
the
reason
we
want
to
define.
This
in
point
is
not
because
we
want
to
specify
the
location
because,
again
in
his
proposal,
we
don't
actually
have
a
location
in
the
UI.
Well,.
B
D
B
You're,
you
know
think
you're
right,
you
define
your
own
typically
I
mean
I
DPSS,
Oh
descriptor,
for
instance,
you
see
us
sort
of
the
base
stuff,
signature,
extensions,
yada,
yada
and
then,
after
that,
you
define
that
if
it
defines
its
own
set
of
things
that
it
needs-
and
in
this
case
it
then
it
shouldn't,
be
an
end
point.
It
should
be
something
else.
Would.
F
You
be
you,
would
you
know
how
to
go
forward
with
that
I'd
like
to
find
something
other
than
endpoint
to
carry
the
name?
Okay,
can
we
get
comments
on
that
I'm
very
in
favor,.
E
Jim
shot
I
want
to
make
sure
I
want
to
get
some
more
fatigued
your
actually.
These
gonna
still
carry
a
name
you're.
Just
not
gonna
cure
your
location
issues.
You're
gonna
break
the
name
up
into
a
couple
of
other
pieces,
yeah,
okay,
right.
B
B
B
Yeah,
it
was
in
our
charter,
it
it's
in
our
children
through
that.
So
you
know
we're,
so
somebody
want
I
actually
want
to
get
a
volunteer.
You
think
I'm
alejandra
do
you
have?
Are
you
already
in
the
sstc
in
the
Oasis
you're?
Not
there
does
anybody
I
mean
I
have
I'm
normally
in
the
group,
but
I
have
never
sort
of
spent
any
resources
and
I
shouldn't
really
be
pushing
the
draft,
but
somebody
else
who
already
have
presence
in
the
sstc
be
willing
to
help
alejandro
this.
B
So
see
if
wing
I
I
can
take
an
AI
personality,
see
if
I
can
get
Scott
to
help
out
and
just
do
a
handshake
and
you
guys
can
figure
it
out.
But
then,
when
you
have
the
next
Rev
right
yeah,
we
show
Scott
the
finished
product.
B
A
B
A
B
We
can
get
the
the
unscheduled
the
extra
scheduled
work
so
Stefan
are
you
in
the
room?
Oh.
C
A
B
A
Certain
goal
of
this
proposal
is
that,
as
we
did
the
pointing
out
that
we
found
that.
A
A
A
A
Ok,
sir,
so
much
is
that,
put
together
a
group
of
concept
of
this,
oh
we're.
Basically,
you
get
a
pls
protection,
lack
the
radius
to
use
location
again,
dr.
very
similar
in
concept
to
a
stripped
down
dog
13
change.
A
A
A
B
B
Sam
is
waving
his
hand,
nah
understood,
happy
to
rain
right
so,
and
this
sort
of
gets
us
to
the
point
of
where,
where
does
the
working
group
go
and
I'm
happy
to
see
that
our
chairs
in
the
room
or
eighties
in
the
room?
So
we
can
talk
about
next
steps,
so
there
have
been
at
least
20.
B
I
was
actually
going
to
mention
a
femoral
King
and
that's
so
we
have
sort
of
two
things
that
have
come
up
during
deployment.
One
of
them
is
ephemeral,
King.
The
other
is
Colonel
delegation,
and
you
know
if
I
mean
there
still
seems
to
be
active
work
in
this
field,
and
it
would
be
a
shame
not
to
sort
of
pursue
and
finalize
some
of
this
stuff.
B
B
B
B
I
wait.
We
promise
we
promise.
I
will
never
do
this
again,
but
so
what
we're
looking
at
I
think
then
it's
an
agreement
to
make
sure
that
by
by
Oklahoma
we
have
all
it's
all.
It's
a
clean
rights,
clean
slate
everything's
well
through
the
it
should
be
through
the
RC
editors,
cubed
and
I
on
there's
no
reason
for
us
not
to
be
finished
with
our
current
work
by
your
karma
and
and
I'm
not
sure
if
there
is
enough
people
actually
coming
to
your
karma
to
have
a
meeting
there
there.
B
B
B
C
F
C
B
So,
okay,
I
guess
we
have
consensus,
then
we'll
try
we'll
finish
our
stuff
finish.
What's
on
our
plate
and
then
go
for
and
a
virtual
enter
a
meeting,
probably
in
the
form
of
a
cold.
Caller
hung
like
that
and
we'll
see
where
we
are
I.
A
C
C
Over
the
course
of
the
last
six
months,
or
so,
if
I
finish,
take
a
plug-in
or
an
extension
for
chrome
and
for
Firefox
that
allows
you
communicates
with
a
Apache
module
which
we've
written,
that
does
GSS
authentication
through
a
Web
API
sort
web
web
calls.
So
we
actually
have
a
full
and
it's
that
context,
a
roundtrip
a
full
a
month
series
of
round
trips
through
the
GSS
that
pull
up
the
moonshot
identity.
Selector.
D
F
Apache
module
makes
the
GSS
context
available
to
the
Apache
request,
so
any
other
Apache
module
can
do
whatever
it
wants
in
terms
of
GSS.
We
would
love
to
take
get
a
patch
from
someone
to
export
the
attributes
to
their
environment
variables
or
you
know,
another
I
mean
that
would
be
really
awesome
or
another
way
to
do.
This
might
be
to
integrate
into
ship,
but
basically
does
not
do
it
today
we
would
love
to
get
to
it.
It's
an
open
source
project.
If
anyone
gets
to
it
sooner
than
it'll
get
done
sooner.
C
B
Alright
for
download
oh
I.