overriden depending on the recipient of the assertions.
Simplified application architecture. Both origins
-and targets are now referred to using a single
+and targets now reference each other using a single
identifier called a "provider id".
The Attribute Authority can be configured to answer
The origin now validates all requests from 1.2+ targets
against federation metadata.
-Compatibility with 1.1 targets.
+Compatibility with 1.1 targets using a "legacy" or
+"default" configuration.
Separate logs are created for errors and transaction
auditing.
Mechanism for throttling requests to the Handle Service.
This improves performance by preventing the server from
-becoming saturated with signing requests.
+becoming saturated with signing requests. Throttle can
+be adjusted based for servers with more than two CPUs.
Support for signatures on all SAML Assertions and
Responses, which allows for more interoperability
-with other SAML-based software.
+with other SAML-based software and profiles.
Attribute Release Policies can contain match functions
on attribute values. This allows the release of specific
Attribute Release Policies.
Updated library dependencies, including OpenSAML and XML
-Security.
+Security, with substantial performance improvements when
+signing.
Many important bug fixes
Target
-----------------
+
+New XML-based configuration system supporting runtime
+adjustment of many settings and better integration with
+supplemental configuration files
+
+Ability to partition deployment into "Applications" at the
+vhost, path, or document level
+
+"Lazy" sessions allow applications to redirect browser
+to initiate a session, allowing content to decide it
+needs authentication or attributes at runtime
+
+Flexible support for multi-federation deployment, including
+selection of credentials and authorities based on the request
+and the origin site or federation
+
+Support for more types of key and certificate formats
+
+Improved pluggability for many aspects of system, including
+access control modules
+
+Clearer trace logging and support for a transaction/audit log
+
+Pooling and caching of HTTP and TLS connections to origins
+
+Support for alternative SAML name formats for intra-enterprise
+deployments and better interoperability with SAML products
+
+Support for tailoring attribute query behavior, particularly
+non-fatal failure modes for intelligent applications prepared
+to deal with missing information
+
+Updated library dependencies, including OpenSAML, Xerces parser,
+XML Security, and support for all GCC 3.x compiler versions
+
+Support for Apache 2.0 as well as Apache 1.3 and IIS
+
+Many important bug fixes