In EPractice Lab, a question "Which of the following security technologies are used by WS-Security?"
A. SAML
B. XACML
C. XML Encryption
D. XML Canonicalization
E. XML Digital Signatures.
I believe the answer should be A, C, D, E.
But the given answer is C,D,E.
Why SAML is not used by WS-Security?
According to
http://en.wikipedia.org/wiki/WS-Security about WS-Security:
The protocol...allows the communication of various security token format: SAML....
... open to various security token models: SAML Assertions, X 509 Certificate, Kerberos tickets ....