Oasis Gives SAML 1.0 a Thumbs-Up

Anonymous Custard writes "Oasis has approved the SAML 1.0 specification. From Infoworld: 'Members of the Oasis interoperability consortium approved the Security Assertion Markup Language (SAML) on Wednesday as an OASIS open standard. The move paves the way for the XML-based framework to enable secure SSO (single sign-on) and other security functions for Web services transactions spanning multiple hosted sites.' I feel more secure already!"

Re:Passport competition?

[IamTheRealMike]

In short, no.

Passport is a centralized web based SSO system.

SAML is a protocol/framework for exchanging security assertions. It's not possible to build Passport out of pure SAML, for one SAML lacks a single signout protocol which kind of makes the whole thing rather useless. The Liberty Alliance (who will be releasing 1.1 soon) extend SAML to bring it up to speed.

We can basically forget about Passport interop for now. I did look into it a few weeks ago for the Identity system I'm working on, but unless Microsoft radically change things (and indications are they won't) anything more advanced than automatic logins would require their approval, you'd probably just get denied access to the network.