June 2012. Bachelor thesis on how to use DNS-Based Authentication of Named Entities (DANE) to improve the security for identity federations with focus on SAML2 and Shibboleth software. (March 2012 until June 2012).
References to DANE draft and other RFC drafts need an update clearly stating that it's "Work in progress".
"Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress.""
...university’s log in page and signs... change "log in" to "login"
...this theses... change "theses" to "thesis" (?)
..."The SAML ”standard defines an XML-based
framework for describing and exchanging security information between on-line business
partners” [11, p. 8]." ...Detta känns ihopklämt på ett konstigt sätt kanske ändra till något så som "According to XYZ(referens) the purpose with SAML is to ABC"
..."(key information or public keys)" change "or" to "and"
..."Federation Operator" or "Federation provider"?
..."The FO is not apart of the SAML" change "apart" to "a part"
..."on request in order to have the user log in" change "log in" to "login" (?)
..." The Web Browser SSO Profile that stats that" change "stats" to "says"
..."descirbed" misspelled
..." user agent deliver to the IdP through an HTTP redirect, post or artifact binding" not sure if "artifact binding" should be listed here. (?)
..."LDAP Lightweight Directory Access Protocol" change to "some back-end engine with user credentials, in our testing environment we used the Lightweight Directory Access Protocol (LDAP)"
..."not a redirect binding since the response most often is longer than the URL permitted by most user agents." is this correct. I assume it's still a redirect but instead of using the GET values the SAML message is sent as a POST message. But that is perhaps what this is saying.
..."...least one authentication assertion and fallows with the client receiving..." what is the meaning of this sentence?
CERTIFICATES
SAML2 säger att man måste använda SSL/TLS men vad säger Web SSO profile?
Allmänt långa citat som gör det svårt att följa vad det hela handlar om.
Write a proper installation guide for Bind 9 on Ubuntu 11.10 or 12.04 when it can be tested step by step on a new machine.
Write a proper OpenDNSSEC installation, configuration and usage guide when a virtual machine is available to test all steps on.
New information has been given today. Re-write chapter 3 and 4 when the new information about s/mime and it's dilemmas has been fully understood.
Write a proper SoftHSM installation, configuration and usage guide when a virtual machine is available to test all steps on.
"A TLS/SSL handshake example adapted to the identity federation influenced by [17]"
Add the name of the reference for better flow in the text.
Short text about what next step is about identity federations and DANE
"the validation of Alice and Bob with the help of a signed certificates and is based on[15]"
Add the name on the reference aswell for better flow in the text.
With the new added subsubsection section references does not work any longer to these subsubsections.
"...Alice can encrypt the private message with the public key and only Bob with the private key can decrypt the message."
Need to make it clear that it's Bob's public key that is used in this scenario.
Merged some old edits to master...might not be complete. Need proper review.
Abstract
Preface
1.1 Background
1.4
2.1
3
4
5
5.1.1.
We belive that it is this initial sharing of information that would benefit
the most if it could be done solely over the internet and it’s possible if we put trust in
the DNSSEC infrastructure
Bygg vidare med tydligare diskussion.
Furthermore, our belief is that within future SAML specifications and/or when estab-
lishing new federations, more strict rules concerning metadata must be agreed upon to
secure the data integrity of the metadata.
Fixa till och säg att vidare arbete behövs.
Write that this part is form Leif.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
