fyi: Technical Comparison: OpenID and SAML (Draft 05)

jeff.hodges@kingsmountain.com Sun, 23 December 2007 23:58 UTC

Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J6ahm-00067R-SY; Sun, 23 Dec 2007 18:58:02 -0500
Received: from discuss by megatron.ietf.org with local (Exim 4.43) id 1J6ahl-00067M-KH for discuss-confirm+ok@megatron.ietf.org; Sun, 23 Dec 2007 18:58:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J6ahl-00067E-AL for discuss@apps.ietf.org; Sun, 23 Dec 2007 18:58:01 -0500
Received: from outbound-mail-04.bluehost.com ([69.89.21.14]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1J6ahj-0006Xt-Nh for discuss@apps.ietf.org; Sun, 23 Dec 2007 18:58:01 -0500
Received: (qmail 23843 invoked by uid 0); 23 Dec 2007 23:57:58 -0000
Received: from unknown (HELO box7.bluehost.com) (69.89.30.147) by mailproxy1.bluehost.com with SMTP; 23 Dec 2007 23:57:58 -0000
Received: from c-98-207-19-194.hsd1.ca.comcast.net ([98.207.19.194] helo=KingsMountain.com) by box7.bluehost.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.68) (envelope-from <jeff.hodges@kingsmountain.com>) id 1J6ahg-0004Yh-Th for discuss@apps.ietf.org; Sun, 23 Dec 2007 16:57:56 -0700
X-Mailer: exmh version 2.7.2 01/07/2005 (debian 1:2.7.2-7) with nmh-1.1
Subject: fyi: Technical Comparison: OpenID and SAML (Draft 05)
To: discuss@apps.ietf.org
From: jeff.hodges@kingsmountain.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 23 Dec 2007 15:58:06 -0800
X-Identified-User: {32571:box7.bluehost.com:kingsmou:kingsmountain.com} {sentby:bopbeforesmtp 98.207.19.194 authed with kingsmountain.com}
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52e1467c2184c31006318542db5614d5
Message-Id: <E1J6ahl-00067M-KH@megatron.ietf.org>
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org

Of possible interest...


(Draft) Technical Comparison: OpenID and SAML
<http://identitymeme.org/archives/2007/12/17/draft-technical-comparison-openid-
and-saml/>


Technical Comparison: OpenID and SAML - Draft 05
http://identitymeme.org/doc/draft-hodges-saml-openid-compare-05.html

Abstract

This document presents a technical comparison of the OpenID Authentication
protocol and the Security Assertion Markup Language (SAML) Web Browser SSO
Profile and the SAML framework itself. Topics addressed include design centers,
terminology, specification set contents and scope, user identifier treatment,
web single sign-on profiles, trust, security, identity provider discovery
mechanisms, key agreement approaches, as well as message formats and protocol
bindings. An executive summary targeting various audiences, and presented from
the perspectives of end-users, implementors, tna deployers, is provided. We do
not attempt to assign relative value between OpenID and SAML, e.g. which is
"better"; rather, it attempts to present an objective technical comparison.


=JeffH