OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Antwort: RE: [saml-dev] Overlap SAML 2.0 and WS-Trust

No.  There are various "parts" tot he SAML spec.  The protocol portion
can carry things other than SAML tokens.  For example, see the XACML
SAML binding for how the XACML group defined an option for requesting
and providing authorization policies and decisions via the SAML

I can understand your view about WS-Trust though.  It certainly is
token agnostic.  The problem is that the way it's defined it's also
not even close to interoperable.  It's impossible to "implement"
WS-Trust because there are too many outstanding questions of what
information needs to go where, what types of security semantics you
need, etc.  So while it is very open it also means there is a lot more
work needed in order to do useful work with it.

On Tue, Sep 28, 2010 at 05:27, Oliver Wulff <oliver.wulff@zurich.ch> wrote:
> The reverse is only true if the security token is SAML. WS-Trust is
> designed to handle not only SAML but also other kind of security tokens.

Chad La Joie
trusted identities, delivered

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]