• Created by Unknown User (schofield), last modified by Unknown User (peter.schober@univie.ac.at) on Nov 28, 2012

Office 365 and Rich Client Support in a federated environment, solved by proxies, can this scale to solve other problems

DATE: 20 November 2012

TIME: 15:00-15:45

ROOM: Alternative

TOPIC: Proxies in a federation environment

CONVENER: Joost

SCRIBE: Brook

# of ATTENDEES: Roland vRW, Martin, Klaas, Ajay, Lukas

MAIN ISSUES DISCUSSED 

  1. Clients (humans) are happy when Google stores an additional password to provide the service.
    1. Users are "educated" to put their password everywhere!!!
    2. Helpdesks try to educate users to avoid phishing attacks.
  2. Applications don't support SAML/SASL or SAML-ECP.
  3. OAuth is a better model than long term replayable key.
  4. Constrained by the install base.
  5. Long term solutions will emerge and be deployed (Moonshot).
  6. Clients (IdPs) want a scalable solution.
  7. As an alternative to storing passwords in O365:
    1. password' provided to user + O365 talks to proxy which uses alternative UserDB.
    2. user talks to IMAP proxy + proxy verifies auth to Home UserDB + proxies IMAP to O365.
    3. currently a PoC with TUDelft.
  8. Need to do the same with Google Apps.
  9. Offering these interim solutions might halt providers solving the problem correctly.

ACTIVITIES GOING FORWARD / NEXT STEPS

  1. Engage the enterprise space to encourage Microsoft.
  2. Develop a Proof of Concept proxy on top of simpleSAMLphp which supports XMPP, IMAP, SIP to encourage commercial solutions providers to adopt.

RESOURCES

If slides, websites or other pointers for information are used in the session, please attach them to this page or send them to the secretary for posting.

If you don't have an account on the TERENA wiki you can post your notes as a comment to this page - and they'll be incorporated into the notes and then deleted.

  • No labels