• SimpleSignBinding

SAMLv2.0 HTTP POST "SimpleSign" Binding

• Editors: Jeff Hodges & Scott Cantor

• Summary: This specification defines a SAML HTTP protocol binding, specifically using the HTTP POST method, and not using XML Digital Signature for SAML message data origination authentication. Rather, a “sign the BLOB” technique is employed wherein a conveyed SAML message is treated as a simple octet string if it is signed. Conveyed SAML assertions may be individually signed using XMLdsig. Security is optional in this binding. This specification is an addition to the bindings described in the SAML V2.0 Bindings specification.

Committee Draft 04

CD-04 was uploaded by J. Hodges on 1 Dec 2008:

• http://www.oasis-open.org/committees/download.php/30235/sstc-saml-binding-simplesign-cd-04.odt

• http://www.oasis-open.org/committees/download.php/30234/sstc-saml-binding-simplesign-cd-04.pdf

• http://www.oasis-open.org/committees/download.php/30422/sstc-saml-binding-simplesign-cd-04-diff.pdf

• http://www.oasis-open.org/committees/download.php/30236/sstc-saml-binding-simplesign-cd-04.zip

CD-04 was voted to Committee Draft status on (when?).

This Committee Draft underwent Public Review from 23 Dec 2008 through 9 Jan 2009.

Committee Specification 01

CS-01 was voted to Committee Specification status on 27 March 2008:

• http://www.oasis-open.org/committees/download.php/28045/sstc-saml-binding-simplesign-cs-01.odt

• http://www.oasis-open.org/committees/download.php/28046/sstc-saml-binding-simplesign-cs-01.pdf

• http://www.oasis-open.org/committees/download.php/28047/sstc-saml-binding-simplesign-cs-01.zip

Attestations:

• http://lists.oasis-open.org/archives/security-services/200808/msg00089.html

Committee Draft 03

CD-03 was uploaded by S. Cantor on 13 Mar 2008:

• http://www.oasis-open.org/committees/download.php/27567/sstc-saml-binding-simplesign-cd-03.odt

• http://www.oasis-open.org/committees/download.php/27568/sstc-saml-binding-simplesign-cd-03.pdf

• http://www.oasis-open.org/committees/download.php/27569/sstc-saml-binding-simplesign-cd-03.zip

CD-03 was voted to Committee Draft status on 11 Mar 2008.

Public Review

CD-02 underwent 60-day Public Review. The Public Review period began on 11 December 2007 and ended on 9 February 2008.

The following comments were received during the Public Review:

• none

Committee Draft 02

CD-02 was uploaded by S. Cantor on 9 Oct 2007:

• http://www.oasis-open.org/committees/download.php/25606/sstc-saml-binding-simplesign-cd-02.odt

• http://www.oasis-open.org/committees/download.php/25607/sstc-saml-binding-simplesign-cd-02.pdf

• http://www.oasis-open.org/committees/download.php/25608/sstc-saml-binding-simplesign-cd-02.zip

CD-02 was voted to Committee Draft status on 28 Aug 2007.

CD-02 was voted to 60-day Public Review on 9 Oct 2007.

Committee Draft 01

CD-01 was uploaded by S. Cantor on 5 May 2007:

• http://www.oasis-open.org/committees/download.php/23883/sstc-saml-binding-simplesign-cd-01.odt

• http://www.oasis-open.org/committees/download.php/23884/sstc-saml-binding-simplesign-cd-01.pdf

• http://www.oasis-open.org/committees/download.php/23885/sstc-saml-binding-simplesign-cd-01.zip