SWAMID Operations invites everyone to read and comment on a proposal for a new version of the SAML WebSSO Technology Profile.
The current version technology profile was decided over ten years ago and refers to the previous version of the standard saml2int. This standard has been updated since then and we as an identity federation have received additional requirements via the eduGAIN SAML Profile. SWAMID Operations has therefore produced a proposal for a more complete technology profile that contains current requirements within SWAMID and eduGAIN and via saml2int.
Most changes are non-technical information in metadata that can be updated without any settings in the IdP or SP software having to be adjusted. There are a few things that may need to change technically, especially around the key lengths and encryption methods of signing and encryption certificates. This also applies to requirements for the web server's certificate, but these follow the requirements that are also set in other cases regarding the use of web certificates.
An important change introduced in the technology profile concerns the identity federation operator for SWAMID, ie. Sunet. The proposal adds rules on how SWAMID Operations will manage the SAML WebSSO identity federation.
To see who the change affects your IdP or SP, go to https://metadata.swamid.se and look up your entityId.
Policy documents included in Community Consensus Process 4
- SAML WebSSO Technology Profile v2.0
Zoom meeting for presentation and discussion
Community Consensus Process Time Period
During the period October 25 to November 19, it is possible to discuss and comment on the proposed changes. Subsequently, SWAMID Operations will go through comments and discussions that have emerged. The arenas for discussions and comments are the mailing list saml-admins and direct mail to SWAMID Operations.