saml-dev message

Subject: RE: [saml-dev] SAML, trust and WS.

From: "Scott Cantor" <cantor.2@osu.edu>
To: <will@javafreelancer.net>, "'Giuseppe Sarno'" <gsarno@nortel.com>, <saml-dev@lists.oasis-open.org>
Date: Thu, 8 Dec 2005 12:19:43 -0500

> they call their implementation "saml-based" but it is not strictly 
> saml-conformant. now that i have been exposed to their 
> non-conformant approach, i am fanatically interested in 
> understanding the conformant way to implement a saml solution 
> because i do not want my understanding of the specs shaped solely 
> by "the wrong way to do it" (if you know what i mean).

Well, conformant to what? I think, outside of Liberty, the best you can do
is just not violate the SAML core spec wrt to the token contents and how
they get used. So if there are concerns about whether something is "legal"
in terms of SAML core, I think that's well within our ability to answer.

I think that the SAML SSO->SAML w/ WSS kind of stuff is hard to do elegantly
without SAML 2.0, for whatever that's worth. It can look reasonably clean in
2.0.

-- Scott

Follow-Ups:
- RE: [saml-dev] SAML, trust and WS.
  - From: "Giuseppe Sarno" <gsarno@nortel.com>

References:
- RE: [saml-dev] SAML, trust and WS.
  - From: w i l l <oasis.saml@javafreelancer.net>