OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Groups - sstc-saml-exec-overview-2.0-draft-03.pdf uploaded


I would suggest that the setion "What's New in SAML 2"
include mention of (1) Attribute Profiles (2) Metadata
(3) Encryption. 

Having made the suggestion, I guess I should also
propose text (:- 

Attribute profiles simplify the configuration and
deployment of systems that exchange attribute data
during SSO or by use of an attribute responder. SAML 2
defines a number of attribute profiles, including 

+ Basic attribute profile: supports string attribute
names and attribute values drawn from XML schema
primitive type definitions.

+ X.500/LDAP attribute profile: supports canonical
X.500/LDAP attribute names and values.

+ UUID Attribute Profile: Use of UUIDs as attribute

+ XACML Attribute Profile: formats suitable for
processing by XACML.

(2) The metadata specification identifies the distinct
roles or actors involved in profiles such as SSO
Identity Provider and Service Provider, Attribute
Authority and Requester.
It specifies data that must be agreed upon between
system entities such as supported roles, identifiers,
supported profiles, URLs, certificates and keys. By
making configuration and trust-related data explicit,
its use simplifies deployment of SAML systems.

(3) SAML 2 permits attribute statements, name
identifiers or entire assertions to be encrypted. This
feature ensures that end-to-end confidentiality of
these elements may be supported as needed. 

--- paulmadsen@ntt-at.com wrote:

> The document named
> sstc-saml-exec-overview-2.0-draft-03.pdf has been
> submitted by Paul Madsen to the OASIS Security
> Services (SAML) TC document
> repository.
> Document Description:
> PDF of v3 of SAML 2 Executive Overview (reformatted)
> Download Document:  
> View Document Details:
> PLEASE NOTE:  If the above links do not work for
> you, your email application
> may be breaking the link into two pieces.  You may
> be able to copy and paste
> the entire link address into the address field of
> your web browser.
> -OASIS Open Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]