[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [saml-dev] WS-Security and SAML
> I heard about WS-Security Spec Sent to OASIS. > And I like to get an explanation of relationship between WS-Security and > SAML. > I think that SAML and WS-Security Spec is a little bit overlapping each > other. > > Is it misunderstanding about these Spec? It is my understanding that SAML and WS-Security are technically complementary to each other and current SAML1.0 (not including drafts) specification is not overlapping with WS-Security specification. To say simply, WS-Security describes a method how security tokens created by arbitrary security mechanisms (ex. Kerberos, Password, X.509) bind with SOAP message to send it securely. On the other hand, SAML assertion is one format of security tokens. You will find the example in following document. http://lists.oasis-open.org/archives/security-services/200206/msg00032. html So WS-Security will play well with SAML technically,but politically, I don't see it. I think OASIS SAML member could explain this more deeply and more correctly than I Regards, ---------------------------------------------- NTT Data Corporation Yuji Sakata Tel: +81-3-3523-8081 E-Mail: ysakata@rd.nttdata.co.jp ----------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC