Security/identity · 2005-03-16

Putting the meat onto the bones of standard protocols

Just below I mentioned the SAML V2.0 interop event at the RSA conference. Mere moments after I put up that post, Rob Philpott (co-chair of the SAML committee at OASIS) made available the interop scenarios document that governed the interop. I was blown away by some of the conclusions from the exercise:

The SAML 2.0 Interop at the RSA Conference was definitely successful. Eleven vendors eventually presented demonstrations of interoperability. By the opening of the Interop booth on Wednesday, February 16th, 390 out of 405 base use case tests were successfully completed and 108 out of 112 optional use case tests, more than 96% in each instance. Some of the incomplete tests were successfully performed before the end of the show, raising the success rates even further. …

The Interop was very well received by the press and customers. A highpoint was a press conference just before the booth opened on Wednesday, when Georgia Marsh, Deputy Program Manager for the General Services Administration (GSA), said the government was extremely interested in this technology and they would create a marketplace for it by making it a factor in approving products for use by other agencies. The booth was well attended during its two day run.

Wowie. Most of the scenarios were straight out of the standard; the GSA eAuthentication scenario was handled really well too (as it was in last year’s interop). It’s also satisfying to see how little had to be exchanged in the way of deployment configuration info to make the whole thing work. So maybe standards meetings aren’t just about making meat sounds! (Yeah, I know, it’s an oldie, but it’s a goodie.)