Microsoft participated in the testing with Active Directory Federation Services 2.0 (formerly code-named Geneva), which is slated to ship later this year. ADFS 2.0 is part of a larger identity platform that includes Windows Identity Foundation and Windows Cardspace.
Microsoft said earlier this year it would have SAML 2.0 certification before it released Geneva. The SAML profiles ADFS 2.0 supports cover the core features of federation.
ADFS 2.0 provides identity information and serves as a Security Token Service (STS), a transformation engine that is key to Microsoft's identity architecture. ADFS lets companies extend Active Directory to create single sign-on between local network resources and cloud services.
It wasn't all smooth sailing for Microsoft, however, as some participants reported problems using Internet Explorer 6.0 and 7.0 for SAML single sign-on, which is primarily a Web browser action.
The issue was noted in a report by the Drummond Group, which conducted the testing, and centered on long URL values mostly when encryption was enabled during specific operations. Internet Explorer does not accept URLs longer than 2,083 characters. Testers got around the issue by using other browsers. Microsoft tested against IE 8 and Firefox 3.5.2.
While Microsoft's participation was an important milestone for the advancement of SAML, McDowell says the current testing is significant on other fronts.
The test marks a transition with the Kantara Initiative now taking over future tests. The group will adopt the Liberty Alliance testing methods and expand the scope of tests to include other protocols in addition to SAML. And it will build off the eGovernment profile testing as new profiles for other vertical markets, including healthcare and telecommunications, are developed.
"Having countries come together and agree on a deployment profile, that is not to be understated," McDowell says. The level of cooperation between governments will serve as a model for other industries, he says.
In addition, next year Kantara will pick two other protocols to test from a list made up of WS-Security, Information Card, Identity Metasystem Interoperability, OAuth, and XRD.
Kantara also will take cues from Project Concordia and eventually begin to test cross-protocol interoperability.
The next Kantara interoperability test is slated for next year.
Follow John on Twitter.