Welcome to IDtrust XML.org.

This is the official community gathering place and information resource for identity and trusted infrastructure standards. The site is hosted by the OASIS IDtrust Member Section, a group that encourages new participation from developers and users. This is an open, vendor-neutral community-driven site, and the public is encouraged to contribute content. See more about this site.

NetworkWorld: Internet Identity Workshop throws up the question of what's next in identity?

I expected to learn quite a bit at the Internet Identity Workshop (IIW) - the semi-annual ID geekfest in Mountain View, Calif., and I did indeed learn quite a bit. Some of it was even about identity services, applications and projects. And it appears the question now in identity circles is what comes next?

Read more

PingFederate Web Services Provides WS-Trust Security Token Service (STS)

Ping Identity announced that PingFederate Web Services 2.6 is available for immediate download from its Web site. Now packaged as an optional add-on module for PingFederate, Ping Identity's industry-leading standalone federated identity software, PingFederate Web Services 2.6 adds support for the OASIS WS-Trust 1.3 standard, as well as the ability to create and validate CA SiteMinder SMSESSION tokens.

Read more

CNET: Expect More PKI in 2008

Wasn't 1999 supposed to be "the year of Public Key Infrastructure (PKI)?" Yes, I know, another analyst prediction that didn't come to fruition. It's fair to chastise the analysts for another missed call, but PKI certainly shares some of the blame. It really is difficult to imagine a "year of PKI" because PKI isn't your typical technology trend. PKI isn't a standalone security widget, it is a complex infrastructure that must be integrated into existing applications and business processes.

Read more

Symmetric Key Management System (SKMS)

Symmetric Key Management Systems address the need to improve the way that enterprises manage symmetric keys over their lifecycle.

Read more

Symmetric Cryptography Authentication

While not as popular as public key methods, there are strong mechanisms for establishing authenticity through symmetric cryptography. If Alice and Bob know they have a reliable and unique shared secret (symmetric) key, then the ability for either of them to sensibly decrypt a message with that key provides strong evidence that the encrypted message came from the other party. Defence methods like the Fortezza card uses symmetric authentication in this way.


XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I