OASIS Security Services TC & SAML OASIS promotes SGML/XML-based standards Security Services TC Established January 2001 Participants mostly "web access management" vendors   ... and PKI vendors mix of "web apps" folks and security folks, ~50 in all Summer 2001 targets for final docs ... Standardize XML-based "security assertions" "Security Assertions Markup Language" (SAML) Web SSO scenarios, especially inter-domain B2B scenarios Random XML-based protocols scenarios XML-based syntax assumed ... Main inputs: S2ML (Netegrity), AuthXML (Securant) http://www.oasis-open.org/committees/security/

Internet2 Shibboleth, OASIS Security Services 50th IETF, March 2001 RL "Bob" Morgan, rlmorgan@ washington.edu