The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Microsoft's directory team forced to reconsider ignored standards

Recent proclamations by Microsoft CEO Steve Ballmer that the company would move toward interoperability and support for standards is putting pressure on the head of the company's directory and identity development to reconsider support for industry standards such as Security Assertion Markup Language that have been long ignored Joe Long, general manager of the connected identity and directory at Microsoft, said during a panel discussion at NetPro's Directory Experts Conference that Microsoft was being forced to re-examine if it would support SAML, the Service Provisioning Markup Language (SPML) and the Extensible Access Control Markup Language (XACML).

"Microsoft has introduced an interoperability promise and we are trying to understand the ramifications of that," Long said. "Hopefully we can make a commitment one way or the other in the next few months."

Long was referring to a major announcement CEO Steve Ballmer made in February in which he laid out four principals that would govern the company going forward: openness, data portability, support for industry standards and interoperability for IT and open source developers. As part of the announcement, Microsoft also made many of the APIs for its major enterprise software available for free and said it would document how it implemented standards and the extensions it created to those standards.

Microsoft already supports the SAML 1.1 token format but does not support the SAML request/response engine that it is part of the specification. It also does not support SAML 2.0. The Liberty Alliance and the Shibboleth identity project support SAML.

Microsoft supports WS-Federation, a specification it created with IBM and sent to the Organization for the Advancement of Structured Information Standards for standardization. WS-Federation unlike SAML splits the request/response engine and the token format allowing it to support many token formats.

Read the complete article by John Fontana in Network World. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I