...
- Clients (humans) are happy when Google stores an additional password to provide the service.
- Users are "educated" to put their password everywhere!!!
- Helpdesks try to educate users to avoid phishing attacks.
- Applications don't support SAML/SASL or SAML-ECP.
- OAuth is a better model than long term replayable key.
- Constrained by the install base.
- Long term solutions will emerge and be deployed (Moonshot).
- Clients (IdPs) want a scalable solution.
- As an alternative to storing passwords in O365:
- password' provided to user + O365 talks to proxy which uses alternative UserDB.
- user talks to IMAP proxy + proxy verifies auth to Home UserDB + proxies IMAP to O365.
- currently a PoC with TUDelft.
- Need to do the same with Google Apps.
- Offering these interim solutions might halt providers solving the problem correctly.
ACTIVITIES GOING FORWARD / NEXT STEPS
- Engage the enterprise space to encourage Microsoft.
- Develop a Proof of Concept proxy on top of simpleSAMLphp which supports XMPP, IMAP, SIP to encourage commercial solutions providers to adopt...
RESOURCES
- Joost's presentation (link TBA)
If slides, websites or other pointers for information are used in the session, please attach them to this page or send them to the secretary for posting.
...