Introduction

SAML 2.1 is an effort to clean up the existing SAML 2.0 specifications and pull in some of the extensions that have been developed over the years. To the greatest extent possible, existing implementations of SAML 2.0 features should be compatible with the new standard, and any areas of divergence should be minimized and clearly identified. SAML 2.0 message formats and XML namespaces are intended to remain unchanged except in cases where outright errors existed and were corrected through errata or subsequent specifications. The existing message versions (the Version="2.0" signifier inside the XML) will be maintained, in keeping with the spirit of the TC's versioning policy, which indicated that only changes to syntax or semantics should be reflected in the message version, and not the version of the standard itself.

This page describes the work being undertaken in order to produce SAML 2.1. Further work ideas can be found the SAML 2.1 Ideas page. If you have additional ideas, please send them to the saml-dev mailing list, do not directly add them to this page.

Work Items

Merge in Errata

Work Progress: complete

Existing, approved errata will be merged in to the existing SAML 2.0 documents.

New OASIS Standard Templates

Work Progress: not yet started

OASIS has made significant changes to its document templates. SAML 2.1 will need to use these templates.

Update Referenced Specifications

Work Progress: not yet started

Some of the specifications upon which SAML relies have also undergone updates over the years. The following specs will be updated:

Cleanup Datatype Wording Schema

Work Progress: not yet started

A lot of implementation questions focus on some of the core requirements around strings, dates, URIs, and so forth, and their XML representations. The material in the early sections of the Core document are supposed to provide cross-cutting constraints but may need to be worded more strongly and made more prominent. A possible choice could be to shore up the XML Schemas by applying pattern constraints consistent with the normative language in the documents.

Document Threat Models and Mitigation

Work Progress: not yet started

Various security concerns relating to how SAML is implemented have been observed in the wild. Descriptions of these issues and recommendations to implementors for addressing them will be added to the specification.

SimpleSign Binding

Work Progress: not yet started

Include the SimpleSign binding in the SAML 2.1 release bundle.

SP Request Initiation Profile

Work Progress: not yet started

Include SP Request Initiation Protocol and Profile in the SAML 2.1 release bundle.

IdP Discovery Service Profile

Work Progress: not yet started

Include IdP Discovery Service Protocol and Profile in the SAML 2.1 release bundle.

New LDAP/X.500 Attribute Profile

Work Progress: not yet started

Replace current LDAP/X.500 attribute profile in SAML 2.0 profiles document with revised SAML V2.0 LDAP/X.500 Attribute Profile.

Normative Metadata Exchange

Work Progress: not yet started

Introduce normative material on metadata exchange and consumption to reflect both self-hosted and third-party-hosted metadata is needed.

De-emphasize DDDS

Work Progress: not yet started

DDDS/NAPTR metdata retrieval is unused in most communities, move it to an appendix or separate document.

Include Delegation Condition

Work Progress: not yet started

Include the delegation condition in the core document.

Include Metadata Extensions

Work Progress: not yet started Include the following extensions into the metadata standard:

Other Items Under Discussion

These would be new work items that might lead to new specification text, but would require time from somebody.

SAML21 (last edited 2013-12-27 11:48:26 by chad.lajoie@covisint.com)