Welcome to IDtrust XML.org.

This is the official community gathering place and information resource for identity and trusted infrastructure standards. The site is hosted by the OASIS IDtrust Member Section, a group that encourages new participation from developers and users. This is an open, vendor-neutral community-driven site, and the public is encouraged to contribute content. See more about this site.

PKI and Privacy


While PKI has been feared by many as being inherently privacy invasive (see for example some of Roger Clarke's work), much work has been done to either manage and design PKIs to be safe with regards to privacy (see e.g. Australian Government PKI Privacy Guidelines) or to proactively enhance privacy using PKI technology (e.g. Privacy Positive Aspects).



Read more

OASIS IDtrust Member Section and Technical Committees

The OASIS Identity and Trusted Infrastructure (IDtrust) Member Section promotes greater understanding and adoption of standards-based identity and trusted infrastructure technologies, policies, and practices. The group provides a neutral setting where government agencies, companies, research institutes, and individuals work together to advance the use of trusted infrastructures, including the Public Key Infrastructure (PKI).

Everyone is welcome to join OASIS IDtrust, review the list of organizations that participate in this work, and browse the group's e-mail archives.

Read more

Authentication frameworks

Several comprehensive authentication infrastructures have been established around the world, in both the government and private sector, of varying degrees of comprehensiveness. Some are policy frameworks which seek to provide guidance to e-business implementers, while other infrastructures provide live services to help with authentication. Most of the latter today use PKI.

Read more

Introductions to PKI

There are a great many introductions to PKI available online (and in text books).

Read more

Cross recognition arrangements

Cross certification

Attempts to create cross border trust within PKI frameworks has historically been attempted through "Cross Certification" which aims to demonstrate that two different CAs are producing certificates unde comparable conditions so that their certificates may be regarded as equivalent.  

The major challenge in cross certification is that the policy mapping involved is labor intensive and time consuming.  

Bridge CAs 

Read more

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I