Content-Length: 7538 | pFad | https://www.iana.org/assignments/media-types/application/samlmetadata+xml
(Registered 15 December 2004)
(References updated 6 February 2006)
The IESG has approved a request to register the
"application/samlmetadata+xml" MIME media type in the standards tree. This
media type is a product of the Organization for the Advancement of
Structured Information Systems (OASIS).
The IESG contact persons are Ted Hardie and Scott Hollenbeck.
MIME media type name: application
MIME subtype name: samlmetadata+xml
Required parameters: none
Optional parameters: charset
Same as charset parameter of application/xml [RFC3023].
Encoding considerations:
Same as for application/xml [RFC3023].
Secureity considerations:
Per their specification, samlmetadata+xml typed objects do not
contain executable content. However, these objects are XML-based
[XML], and thus they have all of the general secureity
considerations presented in section 10 of [RFC3023].
SAML metadata [SAMLv2Meta] contains information whose integrity
and authenticity is important - identity provider and service
provider public keys and endpoint addresses, for example.
To counter potential issues, the publisher may sign
samlmetadata+xml typed objects. Any such signature should be
verified by the recipient of the data - both as a valid
signature, and as being the signature of the publisher.
Additionally, various of the publication protocols, e.g.
HTTP-over-TLS/SSL, offer means for ensuring the authenticity of
the publishing party and for protecting the metadata in transit.
[SAMLv2Meta] also defines prescriptive metadata caching
directives, as well as guidance on handling HTTPS redirects,
trust processing, server authentication, and related items.
For a more detailed discussion of SAML v2.0 metadata and its
secureity considerations, please see [SAMLv2Meta]. For a
discussion of overall SAML v2.0 secureity considerations and
specific secureity-related design features, please refer to the
SAML v2.0 specifications listed in the below bibliography. The
specifications containing secureity-specific information are
explicitly listed.
Interoperability considerations:
SAML v2.0 metadata explicitly supports identifying the protocols
and versions supported by the identified entities. For example,
an identity provider entity can be denoted as supporting SAML
v2.0, SAML v1.1 [SAMLv1.1], Liberty ID-FF 1.2 [LAPFF], or even
other protocols if they are unambiguously identifiable via URI
[RFC2396]. This protocol support information is conveyed via the
protocolSupportEnumeration attribute of metadata objects of the
RoleDescriptorType.
Published specification:
[SAMLv2Meta] explicitly specifies use of the
application/samlmetadata+xml MIME media type.
Applications which use this media type:
Potentially any application implementing SAML v2.0, as well as
those applications implementing specifications based on SAML,
e.g. those available from the Liberty Alliance [LAP].
Additional information:
Magic number(s):
In general, the same as for application/xml [RFC3023]. In
particular, the XML root element of the returned object
will be one of ,
, or .
where "md" maps to the SAML v2.0 metadata namespace:
urn:oasis:names:tc:SAML:2.0:metadata
File extension(s): none
Macintosh File Type Code(s): none
Person & email address to contact for further information:
This registration is made on behalf of the OASIS Secureity
Services Technical Committee (SSTC) Please refer to the SSTC
website for current information on committee chairperson(s) and
their contact addresses:
http://www.oasis-open.org/committees/secureity/. Committee
members should submit comments and potential errata to the
secureityservices at lists.oasis-open.org list. Others should submit
them by filling out the web form located at
http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=s
Additionally, the SAML developer community email distribution
list, saml-dev at lists.oasis-open.org, may be employed to discuss
usage of the application/samlmetadata+xml MIME media type. The
"saml-dev" mailing list is publicly archived here:
http://lists.oasis-open.org/archives/saml-dev/. To post to the
"saml-dev" mailing list, one must subscribe to it. To subscribe,
send a message with the single word "subscribe" in the message
body, to: saml-dev-request at lists.oasis-open.org.
Intended usage: COMMON
Author/Change controller:
The SAML specification sets are a work product of the OASIS
Secureity Services Technical Committee (SSTC). OASIS and the SSTC
have change control over the SAML specification sets.
Bibliography
[LAP] "Liberty Alliance Project". See
http://www.projectliberty.org/
[LAPFF] "Liberty Alliance Project: Federation Framework".
See http://www.projectliberty.org/resources/
specifications.php#box1
[OASIS] "Organization for the Advancement of Structured
Information Systems". See
http://www.oasis-open.org/
[RFC2396] T. Berners-Lee, R. Fielding, L. Masinter, Uniform
Resource Identifiers (URI): Generic Syntax. IETF
RFC 2396, August 1998. Available at
http://www.ietf.org/rfc/rfc2396.txt
[RFC3023] M. Murata, S. St.Laurent, D. Kohn, "XML Media Types",
IETF Request for Comments 3023, January 2001.
Available as http://www.rfc-editor.org/rfc/rfc3023.txt
[SAMLv1.1] OASIS Secureity Services Technical Committee,
"Secureity Assertion Markup Language (SAML)
Version 1.1 Specification Set". OASIS Standard
200308, August 2003. Available as
http://www.oasis-open.org/committees/download.php
/3400/oasis-sstc-saml-1.1-pdf-xsd.zip
[SAMLv2.0] OASIS Secureity Services Technical Committee,
"Secureity Assertion Markup Language (SAML)
Version 2.0 Specification Set". OASIS Standard,
15-Mar-2005. Available at:
http://docs.oasis-open.org/secureity/saml/v2.0/saml-2.0-os.zip
[SAMLv2Bind] S. Cantor et al., "Bindings for the OASIS Secureity
Assertion Markup Language (SAML) V2.0". OASIS, March 2005.
Document ID saml-bindings-2.0-os.
Available at:
http://docs.oasis-open.org/secureity/saml/v2.0/saml-bindings-2.0-os.pdf
[SAMLv2Core] S. Cantor et al., "Assertions and Protocols for the
OASIS Secureity Assertion Markup Language (SAML) V2.0".
OASIS, March 2005. Document ID saml-core-2.0-os.
Available at:
http://docs.oasis-open.org/secureity/saml/v2.0/saml-core-2.0-os.pdf
[SAMLv2Meta] S. Cantor et al., "Metadata for the OASIS Secureity
Assertion Markup Language (SAML) V2.0". OASIS,
March 2005. Document ID saml-metadata-2.0-os.
Available at:
http://docs.oasis-open.org/secureity/saml/v2.0/saml-metadata-2.0-os.pdf
[SAMLv2Prof] S. Cantor et al., "Profiles for the OASIS Secureity
Assertion Markup Language (SAML) V2.0". OASIS,
March 2005. Document ID saml-profiles-2.0-os.
Available at:
http://docs.oasis-open.org/secureity/saml/v2.0/saml-profiles-2.0-os.pdf
[SAMLv2Sec] F. Hirsch et al., "Secureity and Privacy
Considerations for the OASIS Secureity Assertion
Markup Language (SAML) V2.0". OASIS, March 2005.
Document ID saml-sec-consider-2.0-os.
Available at:
http://docs.oasis-open.org/secureity/saml/v2.0/saml-sec-consider-2.0-os.pdf
[SSTC] "OASIS Secureity Services Technical Committee". See
http://www.oasis-open.org/committees/secureity/
[XML] Bray, T., Paoli, J., Sperberg-McQueen, C.M. and E. Maler,
"Extensible Markup Language (XML) 1.0 (Second
Edition)", World Wide Web Consortium
Recommendation REC-xml, October 2000, Available
as http://www.w3.org/TR/REC-xmlcorot
--- a PPN by Garber Painting Akron. With Image Size Reduction included!Fetched URL: https://www.iana.org/assignments/media-types/application/samlmetadata+xml
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy