From various discussions held with various folks, e.g. on the IDWorkshop mailing list (aka “Identity Gang“), it has become apparent that the major sticking point w.r.t. SAMLv2 adoption in some quarters, e.g. in the “scripting” world (e.g. PHP/Perl/Python/Ruby), is the present SAMLv2 bindings‘ mandated reliance on XML Digital Signature (aka “XMLdsig”, http://www.w3.org/TR/xmldsig-core/). Interoperable XMLdsig libraries are hard to come by, perhaps due to the XMLdsig spec’s complexity and reliance on “XML canonicalization” (aka “c14n”, http://www.w3.org/TR/xml-c14n) which is inherently complex on it’s own.

So Scott Cantor and I have hacked up this draft alternative SAMLv2 HTTP POST “NoXMLdsig” binding..

SAMLv2 HTTP POST “NoXMLdsig” binding

Now the next step will be to craft a SAMLv2 Profile that takes advantage of it.

Average Rating: 4.7 out of 5 based on 206 user reviews.

[ | | | from fda approved pharmacy | ]

This entry was posted on Tuesday, June 13th, 2006 at 3:35 pm and is filed under Draft Specs, Identity, SAML, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “”

IdentityMeme.org » Blog Archive » SAMLv2: HTTP Post-SimpleSign Binding says:

September 8, 2006 at 2:56 pm

[…] Scott Cantor and I have revised the SAML HTTP POST-NoXMLdsig binding, which I’d posted about a while back. […]

Log in to Reply

You must be logged in to post a comment.

One Response to “”

Leave a Reply