Subject Re: SAML 2.0 conformance test for an open source offering
From David Simonsen <david@xxxxxxx>
Date Thu, 8 Jul 2010 09:11:17 +0200

On Jul 7, 2010, at 11:39 PM, Scott Cantor wrote:
> The real cost is time (usually on the part of the actual developers, whose
> time is limited and valuable), and there's the question of the value. Who in
> this community cares? Nobody that I've ever talked with.

An anecdote to support Scott's view:
The DK gov SSO (Ping based) some time ago would ONLY connect to systems that had the SAML2 conformance stamp on it (yep, that's true!!!). During those dark days I presented WAYF's use of simpleSAMLphp for a group of about 70 public institutions - and guess what? 6 months later the DK-gov-guys announced their OIO-SAML-PHP-integration tool - based on simpleSAMLphp ;-)

All that being said, I believe it's useful in many cases simply to announce something like: yes, it's all SAML2-conformance compliant. Especially when going cross-sector - but mostly important to semi-technical / semi-decision maker people.

My 2 €-cents...


David Simonsen
Mobil +45 3121 6152
skype: david_simonsen

WAYF sekretariatet
H.C. Andersens Boulevard 2
1553 København V

JPEG image