"SAML V2.0 Metadata Extensions for Login and Discovery User Interface" from Albert Lunde on 2012-05-03 (ietf-http-wg@w3.org from April to June 2012)

From: Albert Lunde <atlunde@panix.com>
Date: Thu, 03 May 2012 10:57:38 -0500
To: ietf-http-wg@w3.org
Message-ID: <4FA2AAF2.4090407@panix.com>

This looks like a solution to "how to decorate an authentication process 
with descriptive and cosmetic information". It might be possible to 
profile its use for some forms of HTTP authentication as well as the 
full-blown SAML WebSSO profiles.

(Though I would wonder about problems with putting this much XML into 
HTTP headers.)

http://www.oasis-open.org/news/announcements/saml-v2-0-metadata-extensions-for-login-and-discovery-user-interface-v1-0-publish

"We are pleased to announce the approval and publication of an OASIS 
Committee Specification (CS) by the members of the OASIS Security 
Services (SAML) TC [1]:

SAML V2.0 Metadata Extensions for Login and Discovery User Interface 
Version 1.0
Committee Specification 01
03 April 2012

Overview:

This document defines a set of extensions to SAML metadata that provide 
information necessary for user agents to present effective user 
interfaces and, in the case of identity provider discovery, recommend 
appropriate choices to the user."

"SAMLV2.0 metadata [SAML2Meta] provides a mechanism for expressing 
information necessary for SAML entities to successfully communicate with 
each other. However in most SAML profiles there is also a user agent 
involved, usually representing an actual person, that also participates 
in the profiled message exchanges. This document defines a set of 
extensions to metadata that provide information necessary for user 
agents to present effective user interfaces and, in the case of identity 
provider discovery, provide for recommendation of appropriate choices to 
the user." [...]

"There are existing, though incomplete, metadata elements that carry 
some of this information, but existing practice around their use is 
inconsistent, and defining extensions with more well-defined semantics 
is less disruptive to existing metadata deployments."

-- 
     Albert Lunde  albert-lunde@northwestern.edu
                   atlunde@panix.com  (address for personal mail)

Received on Thursday, 3 May 2012 15:58:19 UTC