A draft version of the SAML 2.0 Information Card Token Profile has been submitted to the OASIS Security Services (SAML) TC. "Microsoft has defined a set of profiles for acquring and delivering security tokens, collectively referred to as 'Information Card' technology. These profiles are agnostic with respect to the format and semantics of a security token, but interoperability between issuing and relying parties cannot be achieved without additional rules governing the creation and use of the tokens exchanged.
Welcome to SAML XML.org.
This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.
Official SAML V2.0 documents produced by the OASIS Security Services Technical Committee:
- 2007 Nov 01
- Two post-V2.0 SAML specifications have reached OASIS Standard status: the Metadata Profile for the OASIS Security Assertion Markup Language (SAML) V1.x and the Metadata Extension for SAML V2.0 and V1.x Query Requesters.
- 2007 Jul 14
- The SSTC approves Errata for SAML V2.0.
- 2005 Mar
The Liberty Alliance today
released the first versions of two key specifications aimed at taking
some of the work and doubt out of federated identity schemes.
At the recent RSA conference in San Francisco in the second week of April, several vendors demonstrated new interoperability between previously incompatible federation protocols. Through Project Concordia, a new project co-sponsored by the Liberty Alliance and several other vendors, several profiles were shown that showed seamless integration of SAML, WS-Federation and CardSpace. This demonstration is significant, because it shows that vendors, especially Microsoft, are bowing to increased pressure from customers to focus on interoperability.