- From: Champion, Mike <Mike.Champion@SoftwareAG-USA.com>
- Date: Mon, 29 Sep 2003 18:54:21 -0400
- To: "Cutler, Roger (RogerCutler)" <RogerCutler@chevrontexaco.com>, Sanjiva Weerawarana <sanjiva@watson.ibm.com>, www-ws-arch@w3.org, www-ws-desc@w3.org
> -----Original Message----- > From: Cutler, Roger (RogerCutler) > [mailto:RogerCutler@chevrontexaco.com] > Sent: Monday, September 29, 2003 5:39 PM > To: Sanjiva Weerawarana; www-ws-arch@w3.org; www-ws-desc@w3.org > Subject: RE: IBM/MSFT whitepaper on secure, reliable, > transacted Web services > > > I know that this is a dumb question, but could you explain > how the WS-* specs relate to SAML? Is the SAML functionality > in WS-* somewhere, so that the specs are incompatible? Or > does WS-* operate in a different space and interact with SAML somehow? As best I understand it, WS-Security provides a framework for exchanging / negotiating security-related information, and SAML would describe one particular type of payload for WS-Security messages, i.e. those that make assertions about identity, authentication, authorization, etc. They are definitely complementary, not competitive: WS-Security talks about SOAP headers and provides a generic security processing model; SAML doesn't know anything about SOAP but knows a lot more about the details of security semantics.
Received on Monday, 29 September 2003 18:55:45 UTC