The Swiss TeleCommunication System for Higher Education and Research; Teleinformatikdienste fuer Lehre und Forschung (SWITCH) has developed a SOAP Profile for XACML-SAML. This specification defines the use of these messages over the SAML 2 SOAP binding. The document is a working draft produced by SWITCH as a product of its work within the EGEE JRA 1 working group. It is based on the OASIS working draft of the SAML 2.0 Profile of XACML, Version 2.0. This document corrects and clarifies a significant number of items incorrectly specified in previous versions.

From the author's posting: "For part of some EGEE work that I'm involved in I came up with a profile, in draft form currently, for the XACML over SAML protocol defined within the OASIS XACML working group. The basic goal of the document is to restrict possible options into a baseline subset such that discreet implementations might inter-operate. I think Valerio [Venturi]'s summary of the document, as follows, is good:

1. requirement for using the SAML SOAP binding as in SAMLBind;
2. requirement for having mutual authentication between the requester and the responder;
3. some requirements on the elements usage;
4. requirements on authN, integrity and confidentiality.

Note this document is only about interoperability at the protocol level, it does not speak to the
other necessary item here which is a profile for the information (attributes) within the XACML request/response context."

EGEE (Enabling Grids for E-sciencE) brings together scientists and engineers from more than 240 institutions in 45 countries world-wide to provide a seamless Grid infrastructure for e-Science that is available to scientists 24 hours-a-day.

SWITCH represents the interests of Switzerland as a research centre in numerous bodies and its key role therefore makes an important contribution to the development and operation of the Internet in Switzerland.

Read the complete posting by Chad La Joie.