[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] SSTC Concall, July 31, 2007 Draft Minutes
On 7/31/07, Frederick Hirsch <frederick.hirsch@nokia.com> wrote: > > 2.1 News: E-Authentication now supports SAML V2.0 > http://lists.oasis-open.org/archives/security-services/200707/ > msg00027.html > Formerly supported SAML 1.0 now supports SAML 2.0 Correction: E-Authn supports SAML V1.1 Browser/Artifact and now supports SAML V2.0 Web Browser SSO with HTTP POST Binding. SAML V1.1 Browser/Artifact is deprecated (i.e., will be phased out). [Begin Comment] It is interesting to note the justification for switching from HTTP Artifact to HTTP POST: [Begin Quote] Advantages of [POST] binding include: - Simple to implement (e.g. no firewall reconfigurations required, no mutual TLS); - More scalable because HTTP POST is stateless (i.e., Having no information about what occurred previously) and requires fewer hardware resources; and - Faster and less expensive to deploy than SAML Artifact based binding [End Quote] [End Comment] Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]