Google Site Search


Wednesday, October 31, 2007

Why is WS-Federation necessary when we have SAML v2.0?

This is a commonly asked question in the industry whenever there is any mention of "Federated Identity and related standards".

I have always been an avid supporter of the SAML specifications and was greatly thrilled to see Liberty, Shibboleth and SAML v1.1 find some common ground to beget SAML v2.0.

Now to the original question, who else to answer this than Don Schmidt, an highly respected expert in Federated Identity (Don is a key figure in Microsoft's Federated Identity story).

Here is the link to Don's blog entry:
WS-Federation 1.1 and SAML 2.0 have different goals

WS-Trust is an extremely important specification in the WS world. WS-Federation being the natural extension of trust semantics is an important necessity.

I do hope that all these federated Identity and trust related specifications can converge, in the near future. It is encouraging to see Kim Cameron preaching the concept of an "Identity MetaSystem" that will try to provide an unified view irrespective of the underlying protocols/mechanisms.

No comments: