SAML V2.0 Subject Identifier Attributes Profile v1.0 from SAML TC approved as a Committee Specification

OASIS is pleased to announce that SAML V2.0 Subject Identifier Attributes Profile Version 1.0 from the OASIS Security Services (SAML) TC [1] has been approved as an OASIS Committee Specification.

Security Assertion Markup Language (SAML), developed by the Security Services Technical Committee of OASIS, is an XML-based framework for communicating user authentication, entitlement and attribute information. As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject to other entities, such as a partner company or another enterprise application.

The SAML V2.0 Subject Identifier Attributes Profile specification standardizes two new SAML Attributes to identify security subjects, as a replacement for long-standing inconsistent practice with the and constructs. It also addresses recognized deficiencies with the SAML V2.0 urn:oasis:names:tc:SAML:2.0:nameid-format:persistent Name Identifier format.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The prose specifications and related files are available here:

SAML V2.0 Subject Identifier Attributes Profile Version 1.0
Committee Specification 01
16 January 2019

Editable source (Authoritative):
https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml...
HTML:
https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml...
PDF:
https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml...
XML schema:
https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/sche...

Distribution ZIP file
For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml...

Members of the SAML TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Security Services (SAML) TC
https://www.oasis-open.org/committees/security/

[2] Public reviews:
* 30-day public review, 13 November 2017:
https://lists.oasis-open.org/archives/security-services/201711/msg00004....
- Comment resolution log:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd01/sa...
* 15-day public review, 20 April 2018:
https://lists.oasis-open.org/archives/security-services/201804/msg00006....
- Comment resolution log:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd02/sa...
* 15-day public review, 18 October 2018:
https://lists.oasis-open.org/archives/security-services/201810/msg00000....
- Comment resolution log:
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd03/sa...

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3293

Associated TC: 
Security Services (SAML)
Associated MS: 
IDtrust