3.1.5.2 SAML 1.1 Assertion Extension

The IP/STS uses the SAML 1.1 Assertion Extension when responding to wsignin1.0 requests. Although the protocol details are largely similar, it is necessary in this section to distinguish between the requestor IP/STS and resource IP/STS roles.

The IP/STS is a requestor IP/STS when issuing a token to a relying party that is in a different security realm than the IP/STS. Conversely, the IP/STS is a resource IP/STS when issuing a token to a relying party that is in the same security realm as the IP/STS.