This functionality has been fully implemented and released.
Microsoft has contributed funding to enable us to develop extensions to the ShibOnedotThree code base to interoperate with their forthcoming (est. end of 2005) Active Directory Federation Services product, which is included in the Windows 2003 R2 refresh.
See http://www.microsoft.com/WindowsServer2003/R2/Identity_Management/ADFSwhitepaper.mspx (or non-Word version)
The precise term for the "specification" to be supported is the WS-Federation Passive Requestor Interoperability Profile. This document is not yet public, although versions of it have been made available to the core development team. The profile uses SAML 1.1 tokens to carry user information, making it relatively similar to some of Shibboleth today.
We will deliver extensions or incremental releases (as necessary) of ShibOnedotThree that enable Shibboleth IdentityProvider and ServiceProvider deployments to interoperate with ADFS in both directions (supplying assertions to Microsoft's IIS agent and consuming assertions generated by ADFS.
- ShibADFSNotes