A draft version of the SAML 2.0 Information Card Token Profile has been submitted to the OASIS Security Services (SAML) TC. "Microsoft has defined a set of profiles for acquring and delivering security tokens, collectively referred to as 'Information Card' technology. These profiles are agnostic with respect to the format and semantics of a security token, but interoperability between issuing and relying parties cannot be achieved without additional rules governing the creation and use of the tokens exchanged.
Welcome to SAML XML.org.
This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.
The Liberty Alliance today
released the first versions of two key specifications aimed at taking
some of the work and doubt out of federated identity schemes.
At the recent RSA conference in San Francisco in the second week of April, several vendors demonstrated new interoperability between previously incompatible federation protocols. Through Project Concordia, a new project co-sponsored by the Liberty Alliance and several other vendors, several profiles were shown that showed seamless integration of SAML, WS-Federation and CardSpace. This demonstration is significant, because it shows that vendors, especially Microsoft, are bowing to increased pressure from customers to focus on interoperability.
The OASIS Security Services (SAML) TC has approved Subject-Based Profiles for SAML 1.1 Assertions as a Committee Draft and submitted it for public review. The profile places constraints on SAML 1.1 subjects and assertions so that they have properties similar to SAML 2.0 subjects and assertions. This public review ends 12 Aug.
Pushing String blog: http://www.xmlgrrl.com/blog
The SSTC is issuing a "call for profiling intentions" in order to organize its work for the next several months. If you are planning to submit a SAML profile, binding, or extension to the SSTC for its consideration sometime soon(ish), please drop me a note with a proposed title, short abstract/rationale, and the timeframe in which you plan to bring the draft to the SSTC.
Similarly, if you are working on a SAML profile or extension in your own venue and want to seek the SSTC's guidance, let us know that as well.