Talk:Security Assertion Markup Language

From Wikipedia, the free encyclopedia

Contents

[edit] Overview

It would be good if there was an overview of how it works (i.e. the general idea of passingauthentication strings back and forth), rather than leaping in with xml code.—The preceding unsigned comment was added by 12.11.185.229 (talkcontribs).

[edit] Version 2

Apart from that, I also think this should be updated to reflect the latest incarnation of it, i.e. Version 2.0 of SAML. —The preceding unsigned comment was added by 131.227.176.34 (talk • contribs).

Maybe it would be good to move the detailed SAML 1 stuff to its own page? Or if that's too intrusive, at least change the order to show 2.0 first (most prominently) and 1.1 and 1.0 further down the page? --Raboof 08:31, 31 January 2007 (UTC)

If you can contribute more specifics about how 2.0 differs from 1.x, then that would probably be a better first step. There isn't much discussion about that yet, and I would assume that many of the 1.x concepts and discussion are still relevant for 2.0 -- Bovineone 14:26, 1 February 2007 (UTC)

[edit] Updated SAML Topic

A refactored SAML topic is in progress!

74.135.163.209 02:11, 4 February 2007 (UTC)

Is it really necessary to split it into two pages? They don't seem that different. -- Bovineone 23:15, 14 March 2007 (UTC)

SAML 1.1 and SAML 2.0 are very different, in the details especially. (Moreover, SAML 1.1 and SAML 2.0 are incompatible, on the wire.) So the idea is this:

  • The SAML topic is a basic introduction to SAML. Almost no XML (in response to a previous comment). Presentation is as nontechnical as possible. Includes a generic flow that conveys (hopefully) the basic motivation for SAML. The concepts that have persisted across versions of SAML are captured in the introductory SAML topic.
  • The SAML 1.1 topic includes details about that version of SAML only, including detailed examples and flows. (It is essentially a minor edit of the existing SAML topic, which was written before SAML 2.0.)
  • Likewise, the SAML 2.0 topic also includes many details. SAML 2.0 is significantly different than SAML 1.1.

I don't think it would be wise to include all of this in one topic. First of all, the resulting topic would be about 30 pages long. Second of all, the intermingling of SAML 1.1 code and SAML 2.0 code would just confuse people. It seems better to totally separate the topics. Trscavo 18:02, 17 March 2007 (UTC)

Oh, and the list of references for SAML 1.1 and SAML 2.0 is totally different. Another good reason to separate the two topics. Trscavo 18:12, 17 March 2007 (UTC)

The SAML topic has been updated (in a major way). New SAML 1.1 and SAML 2.0 topics have been created. Trscavo 20:11, 24 March 2007 (UTC)

[edit] SAML Categories

In what sense is SAML a Cryptography Standard? Besides XML-based standards, the best category I can find is Security software. Can anybody think of other relevant Wikipedia categories?

74.135.163.209 00:29, 5 February 2007 (UTC)

Removed Cryptography Standard designation. Trscavo 00:27, 25 March 2007 (UTC)


=JeffH:

I agree that the SAML pages shouldn't be designated Cryptography Standard -- SAML isn't, but it does reference them, so that should be noted in the saml pages somehow/somewhere if it isn't already.

Also, I wonder how one can easily track down "category" pages. AFAICT, there is not yet a "Network Security Protocol" category page, from which the SAML pages (and many others) should be linked.

=JeffH Thu Dec 20 2007 19:20 (UTC)