Search This Blog

Wednesday, October 17, 2007

OASIS Ballots SAML Metadata Profile and Extension Specifications

Two specifications related to the OASIS Standard "Metadata for the
OASIS Security Assertion Markup Language (SAML) V2.0" are being balloted
for approval. (1) The "Metadata Profile for the OASIS Security
Assertion Markup Language (SAML) V1.x" specification provides metadata
support for SAML V1.x by profiling the SAML V2.0 metadata specification
for use with the SAML V1.x-based profiles and exchanges. SAML profiles
generally require agreements between system entities regarding
identifiers, binding/profile support and endpoints, certificates and
keys, etc. A metadata specification is useful for describing this
information in a standardized way. However, SAML V1.0 and V1.1 did not
include such a metadata profile and this specification is intended to
address that shortcoming. This specification was edited by Greg
Whitehead (Hewlett-Packard Company) and Scott Cantor (Internet2).
(2) The "Metadata Extension for SAML V2.0 and V1.x Query Requesters"
specification defines an extension to the SAML V2.0 metadata
specification. The extension defines a set of role descriptor types
that describe a standalone SAML query requester for each of the three
predefined query types. The profile addresses both SAML V1.x and
SAML V2.0 query requesters. This document was edited for the OASIS
Security Services (SAML) TC by Tom Scavo (NCSA) and Scott Cantor
(Internet2). More Information

No comments: