Greetings. I'm the SecDir reviewer for draft-ietf-abfab-aaa-saml. I 


apologize for the lateness of this review, particularly because I have 


what might be a significant question on the draft.




The first two paragraphs of the Security Considerations section read:

   In this specification, the Relying Party MUST trust any statement in
   the SAML messages from the IdP in the same way that it trusts
   information contained in RADIUS attributes.  These entities MUST
   trust the RADIUS infrastructure to provide integrity of the SAML
   messages.

   Furthermore, the Relying Party MUST apply policy and filter the
   information based on what information the IdP is permitted to assert
   and on what trust is reasonable to place in proxies between them.



These seem like pretty important considerations. I fully admit that I 


might have missed it, but are they actually mentioned earlier in the 


document? I would have expected them in the Introduction, or at least in 


Section 7.




If those requirements are not listed early, shouldn't they be?

--Paul Hoffman