OASIS takes over PKI development
Further development and promotion of Public-Key Infrastructure (PKI) security
technology for e-business and Web services applications will be done by the
OASIS global standards consortium, which announced this week that it is taking
over the PKI Forum.
Including PKI with the other OASIS XML-based standards for e-business
applications ''makes sense'' to Victor Wheatman, vice president and research area
director at Gartner Inc., a Stamford, Conn.-based consulting firm. Integration
with XML standards is vital for the advancement of the PKI technology, he
''The synergies among the groups within OASIS should help PKI move to the next
phase as an unseen but foundational part of the infrastructure,'' Wheatman said
when OASIS outlined its plans.
PKI will now be included with other OASIS projects involving Web services and
security, including Security Assertion Markup Language (SAML), the XML Access
Control Markup Language (XACML), the Rights Language, the Service Provisioning
Markup Language (SPML) and XML Common Biometric Format (XCBF) and Digital
Signature Services (DSS) protocol.
The PKI Forum, renamed the OASIS PKI Member Section, will continue to be led
by Terry Leahy of Well Fargo Bank, who has been serving as chairman of the board
for the forum, according to the OASIS announcement.
In other security standards related news, OASIS announced that its members
have approved the Security Assertion Markup Language (SAML) 1.0 as an OASIS Open
Standard, which is the consortium's highest level of ratification. SAML is an
XML-based framework for Web services that allows the exchange of authentication
and authorization information among business partners. SAML enables Web-based
security interoperability functions, such as single sign-on, across sites hosted
by multiple companies.
For more information, click on http://www.pkiforum.org and http://www.oasis-open.org.
Rich Seeley is Web Editor for Campus Technology.