Scott Cantor and I have revised the SAML HTTP POST-NoXMLdsig binding, which I’d posted about a while back.
We’ve renamed the binding to: “HTTP POST-SimpleSign”
The revised spec is here: draft-hodges-saml-binding-simplesign-01.pdf.
Note that the new “SimpleSign” spec obsoletes the old “NoXMLdsig” one.
There’s also various other relatively minor (some are subtle-but-important) changes and fixes, such as..
- Clarified that conveyed assertions may be signed.
- Added optional conveyance of
KeyInfo
from XMLdsig in order to supply a hint wrt keying material to the recipient. - Clarified composability with other SAML HTTP-based bindings.
- Revamped illustration.
- etc.
We’re thinking we’re getting pretty close to being “done” with this particular spec.
FYI, an example SAML profile utilizing this binding is..
SAMLv2 Lightweight Web Browser SSO Profile
draft-hodges-saml-lsso-00.txt