The SAMLv1 effort began in earnest in Jan-2001. The Liberty Alliance was kicked off by Sun Microsystems in late Summer 2001 and got rolling by Dec-2001. Official, “OASIS Standard” SAMLv1 specs were published in Nov-2002, and the initial Liberty ID-FFv1 (Identity Federation Framework) specs were published in summer 2001 (based on SAMLv1 drafts), with v1.1 in Jan 2003 (based on OASIS-Standard SAMLv1.0). Subsequently, ID-FFv1.x and SAMLv1.x were formally converged to become SAMLv2.0 — which was issued as an OASIS-Standard spec in March 2005.
It’s now April 2006. The above specs are implemented in various commercial and open-source products (e.g. SAMLv2.0 conformance-tested products). What’s up with deployment? Various people have claimed that “those specs are too complicated and aren’t user-centric, and there isn’t any wide deployment of them” (to sort of paraphrase, but nearly quote).
Well, the Liberty Alliance has done some navel-gazing about this, beginning in earnest last year, and we’ve now published both a “Market Adoption” page (to be periodically updated), and have launched a quarterly “Executive Newsletter” — this first issue of which focuses on adoption.
It looks like deployments are occuring and momentum is building (the term “billions” is used), and we’re proving the above quote wrong. Check it out.