[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: fyi: draft-hodges-saml-binding-no-xmldsig-00
Hi, Scott Cantor and I have concocted the attached new draft SAML binding. The central thesis is that for various implementation and deployment scenarios, reliance upon XMLdsig is an inhibitor. So this new binding, which we've tentatively entitled "", is an answer. It is HTTP POST-based, with an _optional_ signature mechanism. The signature is over the entire conveyed SAML message "blob" and any RelayState (and SigAlg ;). Portions of the spec remaining to be fixed up are noted with Maleresque "@@TODO" tags. Comments appreciated. thanks, JeffH & Scott
draft-hodges-saml-binding-no-xmldsig-00.pdf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]