SAML Enhanced Client SASL and GSS-API Mechanisms

Document Type Expired Internet-Draft (kitten WG)
Last updated 2016-04-12 (latest revision 2015-10-10)
Stream IETF
Intended RFC status (None)
Expired & archived
plain text pdf html bibtex
Stream WG state In WG Last Call
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Security Assertion Markup Language (SAML) 2.0 is a generalized framework for the exchange of security-related information between asserting and relying parties. Simple Authentication and Security Layer (SASL) and the Generic Security Service Application Program Interface (GSS-API) are application frameworks to facilitate an extensible authentication model. This document specifies a SASL and GSS-API mechanism for SAML 2.0 that leverages the capabilities of a SAML-aware "enhanced client" to address significant barriers to federated authentication in a manner that encourages reuse of existing SAML bindings and profiles designed for non-browser scenarios.


Scott Cantor (
Simon Josefsson (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)