https://notes.karlmcguinness.com/tags/post-quantum/Recent content in Post-Quantum on Control Plane by Karl McGuinnessHugoen-uspublic@karlmcguinness.com (Karl McGuinness)public@karlmcguinness.com (Karl McGuinness)Fri, 24 Apr 2026 12:00:00 -0700https://notes.karlmcguinness.com/notes/saml-at-the-post-quantum-crossroads/Fri, 24 Apr 2026 12:00:00 -0700public@karlmcguinness.com (Karl McGuinness)https://notes.karlmcguinness.com/notes/saml-at-the-post-quantum-crossroads/OpenID Connect is not new, and its core specifications are now international standards. Yet SAML remains the enterprise SSO default because it is familiar, explicit, and deeply deployed. The problem is that XML Signature complexity, aging implementation stacks, and post-quantum migration pressure make SAML harder to defend as the long-term enterprise baseline. The industry needs both a clearer secure OIDC baseline and a credible migration path for existing SAML federations.