Slashdot Mirror

← Back to Stories (view on slashdot.org)

Oasis Gives SAML 1.0 a Thumbs-Up

Posted by ryuzaki0 on from the new-internet-order dept.

Anonymous Custard writes "Oasis has approved the SAML 1.0 specification. From Infoworld: 'Members of the Oasis interoperability consortium approved the Security Assertion Markup Language (SAML) on Wednesday as an OASIS open standard. The move paves the way for the XML-based framework to enable secure SSO (single sign-on) and other security functions for Web services transactions spanning multiple hosted sites.' I feel more secure already!"

6 of 134 comments (clear)

  1. Bah. by UndercoverBrotha · · Score: 2, Insightful

    XML is slowly but surely turning into the huge beast from where it came, SGML, I thought the point of XML was simplicity...forget the open standards of data exchange everyone is talking about, the bickering of the major players will never allow XML, or any specifications dervied from it to become the "one" format for efficient data exchange

    MSXML
    SunXML
    IBMXML

    ..get used to it, and more articles like this.

    --
    Solid!
    1. Re:Bah. by Anonymous Coward · · Score: 2, Insightful

      And Xerces...

      Those are just libraries for creating/parsing XML documents. The output of ALL of them is 100% compliant XML. The programming interfaces are not specced at all and are of course 100% different in all implementations.

      I don't think you GROK what XML is exactly to have made that statement.

    2. Re:Bah. by TummyX · · Score: 2, Insightful


      point is that XML is *completely and utterly useless* without complex and byzantine frameworks such as SAML and SOAP

      Uh!

      And Java (the language) is completely and utterly useless without the java class libraries. This must mean that Java is a useless language. The fact that it can be used as a standard way to build other technologies on top of is besides the point...

  2. well... by bytes256 · · Score: 1, Insightful

    security and privacy were fun while they lasted...this freakin single-sign-on crap scares me just a lil

    --

    Slashdot, the site where everything's made up and the points don't matter
  3. Compressing XML SAML? by Istealmymusic · · Score: 2, Insightful
    Anyone have any luck compressing SAML-encoded security assertions, or any use of XML for that matter? Maybe I'm old-fashioned, but to me having a plethora of XML tags without abbreviations of any kind is an inadequate use of the ASCII encoding character space. Which is clearer?
    D. E. Knuth, The art of computer programming. Vol. 2, Seminumerical algorithms, third ed., Addison-Wesley Series in Computer Science and Information Processing. Addison-Wesley, Reading, MA, 1997.
    or:
    <citation>
    <author><sirname>Knuth</sirname><givenname>Donald< /givenname><middlename>Ervin</middlename>
    <entitled>Art of Computer Programming, The</entitled>
    <volume>2<volume>
    <subtitle>Seminumerical Algorithms</subtitle>
    <edition><ordinal>3</ordinal></edition&gt ; <excerpt>Addison-Wesley Series in Computer Science and Information Processing</excerpt>
    <publisher>Addison-Wesley</publisher>
    <publishers_house>Reading, MA</publishers_house>
    <year>1997</year>
    I'm not knocking XML--but you have to admit it is extremely verbose compared to terse standard syntaxen available today. If one can combine the flexibility of XML with the tersity of unstructured documents, we'll in for a datum revolution.
    --
    "The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
  4. Re:Passport competition? by IamTheRealMike · · Score: 3, Insightful
    In short, no.

    Passport is a centralized web based SSO system.

    SAML is a protocol/framework for exchanging security assertions. It's not possible to build Passport out of pure SAML, for one SAML lacks a single signout protocol which kind of makes the whole thing rather useless. The Liberty Alliance (who will be releasing 1.1 soon) extend SAML to bring it up to speed.

    We can basically forget about Passport interop for now. I did look into it a few weeks ago for the Identity system I'm working on, but unless Microsoft radically change things (and indications are they won't) anything more advanced than automatic logins would require their approval, you'd probably just get denied access to the network.