You are here: Home » Standards » Interoperability (e-GIF) » Authentication Standards » New Zealand Security Assertion Messaging Standard » 12. NZ SAMS Constraints on the OASIS SAML v2.0 CORE (Assertions and Protocols)

12. NZ SAMS Constraints on the OASIS SAML v2.0 CORE (Assertions and Protocols)

Specification Name: Assertions and Protocols for OASIS SAML V2.0

SAML Specification Reference: Saml-core-2.0-os

Assertions and Protocols support the Web SSO Bindings (Section 11).

A complete prescription is not provided here. SAML v2.0 CORE (Assertions and Protocols) Specification is largely prescriptive in any case.

Particular attention is drawn to the following areas for NZ SAMS compliance:

Reference to Name Identifier Management Protocol (section 3.6) is NOT REQUIRED.
Attribute Name Format Identifiers (section 8.2): Basic only is REQUIRED. Remaining Attribute Name Format Identifiers (Unspecified, URI Reference) are NOT REQUIRED.
Name Identifier Format Identifiers (section 8.3): Persistent is REQUIRED. Remaining Name Identifier Format Identifiers (Unspecified, EmailAddress, X509SubjectName, WindowsDomainQualifiedName and Kerberos) are NOT REQUIRED.

Ignore section 3.6 (Name Identifier Management Protocol).

[ Previous ][ Next ]

Tabs

12. NZ SAMS Constraints on the OASIS SAML v2.0 CORE (Assertions and Protocols)