1.8 Vendor-Extensible Fields

As specified in section 2, the Microsoft Web Browser Federated Sign-On Protocol uses the SAML 1.1 token format, as specified in [SAMLCore], for security tokens. Vendors can extend the SAML Advice element to communicate extended data in the security token.<1> [MS-MWBE] specifies extensions to this protocol using the SAML Advice element. The XML elements placed under the SAML 1.1 Advice element can be guaranteed to be unique if the vendor registers the XML namespace URN with the Internet Assigned Numbers Authority (IANA).

Vendors can use the existing extensibility points, as specified in [WSFederation1.2] section 13.<2> As described in that specification, new URL parameters can be used to communicate extended information as part of the protocol. There is no process for guaranteeing that URL parameters added to the protocol by individual vendors are uniquely named across multiple vendors.