[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Groups - sstc-saml-exec-overview-2.0-draft-03.pdf uploaded
Paul, I would suggest that the setion "What's New in SAML 2" include mention of (1) Attribute Profiles (2) Metadata (3) Encryption. Having made the suggestion, I guess I should also propose text (:- (1) Attribute profiles simplify the configuration and deployment of systems that exchange attribute data during SSO or by use of an attribute responder. SAML 2 defines a number of attribute profiles, including + Basic attribute profile: supports string attribute names and attribute values drawn from XML schema primitive type definitions. + X.500/LDAP attribute profile: supports canonical X.500/LDAP attribute names and values. + UUID Attribute Profile: Use of UUIDs as attribute names. + XACML Attribute Profile: formats suitable for processing by XACML. (2) The metadata specification identifies the distinct roles or actors involved in profiles such as SSO Identity Provider and Service Provider, Attribute Authority and Requester. It specifies data that must be agreed upon between system entities such as supported roles, identifiers, supported profiles, URLs, certificates and keys. By making configuration and trust-related data explicit, its use simplifies deployment of SAML systems. (3) SAML 2 permits attribute statements, name identifiers or entire assertions to be encrypted. This feature ensures that end-to-end confidentiality of these elements may be supported as needed. --- paulmadsen@ntt-at.com wrote: > The document named > sstc-saml-exec-overview-2.0-draft-03.pdf has been > submitted by Paul Madsen to the OASIS Security > Services (SAML) TC document > repository. > > Document Description: > PDF of v3 of SAML 2 Executive Overview (reformatted) > > Download Document: > http://www.oasis-open.org/apps/org/workgroup/security/download.php/11061/sstc-saml-exec-overview-2.0-draft-03.pdf > > View Document Details: > http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=11061 > > > PLEASE NOTE: If the above links do not work for > you, your email application > may be breaking the link into two pieces. You may > be able to copy and paste > the entire link address into the address field of > your web browser. > > -OASIS Open Administration >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]