Document:
draft-hodges-saml-binding-noxmldsig-01.pdf

Draft (A preliminary unapproved sketch, outline, or version.)

Details

Submitted By Jeff Hodges on 2006-06-14 2:10 am UTC

Publication Type

None at this time.

Group / Folder

OASIS Security Services (SAML) TC / A.5: Post-V2.0 Working Documents

Modified by

Not modified.

Copy

This document is not a copy.

Technical Contact

None at this time.

Download Count

1927

Download Agreement

None at this time.

Description

This specification defines a SAML HTTP protocol binding, specifically using the HTTP POST method, and not using XML Digital Signature for SAML message and/or SAML assertion data origination authentication. Rather, a "sign the blob" technique is employed wherein a conveyed SAML message, along with any content (e.g. SAML assertions) is treated as a simple octet string if it is signed. Security is optional in this binding.