Skip to Content.
Sympa Menu

shibboleth-dev - Re: shib version history

Subject: Shibboleth Developers

List archive

Re: shib version history


Chronological Thread 
  • From: Tom Scavo <>
  • To: Scott Cantor <>
  • Cc: Shibboleth Development <>
  • Subject: Re: shib version history
  • Date: Tue, 2 Nov 2004 15:31:50 -0500
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=k6f+aOo8mLWVQcjYhtfw6x7EliJ4fcWXqVrBaDvOkTO+oqtBdEiixQljigkVHFg3Fbfl1akFsHsi4tmd01h4j2G22DktEhkXCBIpt767Xz98X64GzRbSDvEeJxv9QUfVJE3Ejru9MMgUTanYdB8h61jJLdSX5w6Fga7w8LquuH8=
Okay, I stand corrected. On paper it doesn't look significant. Oh well...


On Tue, 2 Nov 2004 15:28:46 -0500, Scott Cantor
<>
wrote:
> > Right, so the E-Auth SAML 1.0 standard doesn't have much meaning. For
> > all practical purposes, the base standard is SAML 1.1.
>
> No, it's 1.0.
>
> 1.1 is in no way wire compatible if you validate, thus the source of much
> pain for us until Walter's filter idea solved the problem for unsigned
> content anyway. The reengineering to support both at once was not
> attractive.
>
> > > and as far as I know there
> > > is no installed base of fed e-auth sites to be interoperable with ...
> >
> > But there will be...
>
> Running 1.0? Maybe, but I doubt it.
>
> > True, but as far as I can tell there is only one significant change
> > moving from 1.0 to 1.1 (caching) and it's an addition to 1.1. Most of
> > the remaining differences are deprecated elements and such. Really
> > quite minor.
>
> Nope, the ID attributes completely changed and a 1.0 document isn't valid
> anymore. The incompatibility was a major problem, and in retrospect, we
> shouldn't have done it, IMHO.
>
> -- Scott
>
>

Archive powered by MHonArc 2.6.16.

Top of Page