SAML - Re: [foaf-protocols] WebID test suite from Henry Story on 2011-06-29 (public-xg-webid@w3.org from June 2011)

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 29 Jun 2011 09:37:03 +0200
To: Matt DeMoss <demoss.matt@gmail.com>
Cc: Kingsley Idehen <kidehen@openlinksw.com>, Peter Williams <home_pw@msn.com>, "public-xg-webid@w3.org" <public-xg-webid@w3.org>
Message-Id: <8C3A898B-6BD5-40D0-A12E-87D1479D24E9@bblfish.net>

On 29 Jun 2011, at 00:55, Matt DeMoss wrote:

> Earlier in the thread I half-remembered a SAML profile that seemed to
> have something in common with WebID.
> 
> This is the profile I was remembering:
> 
> http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-holder-of-key-browser-sso.html

Thanks, good find. It looks - on very quick perusal - that the protocol is somewhat different, in that it requires the browser to generate some SAML token, requiring changes to the browsre. But that is a good reference to add to our 
ISSUE-30.

Perhaps people with more SAML background can give us deeper insight into this.

Henry


> 
> 
> 
> On Tue, Jun 28, 2011 at 6:16 PM, Kingsley Idehen <kidehen@openlinksw.com> wrote:
>> On 6/28/11 10:39 PM, Peter Williams wrote:
>>> 
>>> do use one of the standard assertion formats. Dont make a custom profile
>>> of it. A good test is that if you use openid or ws-fedp that it works with
>>> Microsoft ACS as the assertion consuming party. if y ou choose SAML2 (now
>>> commodity in windows!), ensure it works with ADFS as the assertion consuming
>>> engine. These products (ACS and ADFS) are "final stage" products, way
>>> post-research phase, entering the market at the commodization point defined
>>> as one that maximizes interoperability. if you can inter with them, you
>>> stand a good change of inteworking with the vast majority of other vendor's
>>> equivalent implementations.
>> 
>> For us middleware types, pragmatic interop is the name of the game. On our
>> part we'll map whatever exists to WebID in order for it to gain traction :-)
>> 
>> We'll take a look at ADFS and SAML2 on Windows re. addition WebID protocol
>> bridging. Windows isn't foreign territory to us.
>> 
>> --
>> 
>> Regards,
>> 
>> Kingsley Idehen
>> President&  CEO
>> OpenLink Software
>> Web: http://www.openlinksw.com
>> Weblog: http://www.openlinksw.com/blog/~kidehen
>> Twitter/Identi.ca: kidehen
>> 
>> 
>> 
>> 
>> 
>> 
>> 
> 

Social Web Architect
http://bblfish.net/

Received on Wednesday, 29 June 2011 07:37:44 UTC