Re: [saml-dev] Which version to use?

["Kapil Sachdeva" <ksachdeva@sbcglobal.net>]

Scott,

Thanks for your reply.

> They're not exactly the same, just functionally equivalent. SAMLv2 is the
> successor to ID-FF 1.2 in terms of Liberty progression. It has features
> ID-FF 1.2 doesn't, because it's a merge of existing work into a new spec.
>

I know they are exactly not the same for eg, ECP in SAML talks about PAOS 
(from liberty phase 2) & thus completes the specification of the profile in 
a good way but
functionally not different.

> There is no direct wire interoperability, any more than there is between
> ID-FF 1.1 and 1.2, or SAML 1.1 and SAMLv2. Interop is a product-level 
> issue.
> I'm sure many vendors will implement both, but that's their business. The
> direction of evolution is still one-way, at least in the SAML community.
>

So we envision a world where there will be an IDP based on SAML 2.0 & SP 
based on Liberty-IDFF-1.2/Phase2 & we do leave the possibility of problems 
of
wire interoperability.

Scott, I am also sure vendors will implement both as they will be left with 
no other choice like having a merge of SAML & Liberty standard into one.

Kapil Sachdeva
http://www.dotnetcard.com/blogs/ksachdeva
----- Original Message ----- 
From: "Scott Cantor" <cantor.2@osu.edu>
To: "'Kapil Sachdeva'" <ksachdeva@sbcglobal.net>
Cc: <saml-dev@lists.oasis-open.org>
Sent: Monday, November 08, 2004 12:30 PM
Subject: RE: [saml-dev] Which version to use?


>> Could you please elaborate what makes Liberty not an option if both
>> specifications are the same except for schema namespaces ?
>
> They're not exactly the same, just functionally equivalent. SAMLv2 is the
> successor to ID-FF 1.2 in terms of Liberty progression. It has features
> ID-FF 1.2 doesn't, because it's a merge of existing work into a new spec.
>
>> The thing is that I am not able to understand the existence of two
>> parallel standards and that too when two standard organizations have
>> 90% common companies formulating the specifications.
>
> They're not parallel, SAMLv2 is the standardization via OASIS of the
> functional work done in ID-FF plus additional issues raised by SAML
> deployments. One follows from the other.
>
>> For me (unless I am very wrong) I see the vendors implementing two
>> parallel specs i.e. Liberty-ID-FF-1.2 & SAML 2.0. And for sure will
>> arise an issue of interoperabilty between 2 of them in near future.
>
> There is no direct wire interoperability, any more than there is between
> ID-FF 1.1 and 1.2, or SAML 1.1 and SAMLv2. Interop is a product-level 
> issue.
> I'm sure many vendors will implement both, but that's their business. The
> direction of evolution is still one-way, at least in the SAML community.
>
> -- Scott
>