Appendix C

This appendix lists the industry standards that are discussed in this book.

Security Assertion Markup Language (SAML)

For more information about SAML, see the following:

The OASIS Standard specification, "Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1"
http://www.oasis-open.org/committees/download.php/3406/oasis-sstc-saml-core-1.1.pdf

(Chapter 1, "An Introduction to Claims," and Chapter 2, "Claims-Based Architectures," cover SAML assertions.)

For more information about these protocols, see the following:

The IETF draft specification, "Internet Security Association and Key Management Protocol (ISAKMP)"
- http://tools.ietf.org/html/rfc2408

For more information about WS-Federation, see the following:

For more information about WS-Federation Passive Requestor Profile, see the following:

Section 13 of the OASIS Standard specification, "Web Services Federation Language (WS-Federation) Version 1.2"
http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002
"WS-Federation: Passive Requestor Profile" on MSDN
https://msdn.microsoft.com/en-us/library/bb608217.aspx

For more information about WS-Security, see the following:

The OASIS Standard specification, "Web Services Security: SOAP Message Security 1.1 (WS-Security 2004)"
http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-SOAPMessageSecurity.pdf

For more information about WS-SecureConversation, see the following:

For more information about WS-Trust, see the following:

For more information about XML Encryption (used to generate XML digital signatures), see the following:

The W3C Recommendation, "XML Encryption Syntax and Processing"
http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/