Re: [saml-dev] Which version to use?

[Jean-Noël Colin <jean-noel.colin@oxys.be>]

Dear all,

I would like to thank you for your replies on my email. So the way I 
understand it is that since we are considering new development, not 
integrating with any existing system, we should consider SAML 2.0, as 
it integrates ID-FF specification.

But what about ID-WSF, which in our case, would be the way to go, as 
all communication between application components will be web-service 
based?

Best regards,

Jean-Noel Colin


Le 09-nov.-04, à 02:00, Conor P. Cahill a écrit :

>
>
> Beach, Michael C wrote on 11/8/2004, 6:53 PM:
>
>> Just to emphasize Irving's point.  The Liberty Alliance states no more
>> work will be done on ID-FF because it has been turned over to OASIS.  
>> I
>> don't mean this in a derogatory way, but ID-FF is effectively a "dead
>> end".  Yes it works, yes it was quality work, yes it benefited the
>> industry, but I personally don't see why a new project would consider
>> using ID-FF over SAMLv2 (unless you are deploying NOW and need 
>> concrete
>> stable standards NOW).  The future along this path is SAMLv2.
>
> What you say about the future is absolutely true.
>
> However, for those intending to interact with other existing services
> at this time (for example, people who would want to work with Orange's
> identity federation implementation), the will need to implement ID-FF.
>
> If I was starting with a clean sheet, I would agree with you that
> SAML 2.0 is the way to go.  If I'm concerned with working with existing
> implementations at least in the relatively near future, I would do
> ID-FF (and SAML 2.0 now, or in the near future).
>
> The key is timeframe and interoperability that you need to support.
>
> Conor
>
>