The AuthXML Working Group has announced the submission of its AuthXML specification to the OASIS XML Security Services Technical Committee. In January, Netegrity, Inc. and a small group of vendors also submitted its Security Services Markup Language draft specification to the OASIS TC. AuthXML is a vendor-neutral specification that enables the integration of proprietary Web security, network security, B2B infrastructures and applications with individual Internet-based user sessions and transactions; the AuthXML Working Group is comprised of over 45 active contributors.
From the text of the AuthXML Working Group announcement:
"The AuthXML Working Group today announced that it has submitted the AuthXML specification to the OASIS XML Security Services Technical Committee to advance the creation of a unified security interoperability standard based on XML. AuthXML will be considered along with other initiatives, including S2ML, to establish a standardized XML framework for exchanging authentication and authorization information across disparate Web technologies, applications and platforms."
"AuthXML addresses critical security interoperability issues that are limiting the ability of the Internet to support secure electronic transactions that span multiple Web sites and organizations. With each organization conducting business on the Web using separate systems for performing user authentication and authorization, exchanging security data between trading partners, affiliated organizations, and between businesses and consumers, is impossible. AuthXML defines a standard method for presenting and maintaining security details as a user or session traverses linked Web sites that are based on proprietary technologies."
"The AuthXML Working Group is comprised of over 45 active contributors, and its AuthXML specification has been reviewed by more than 225 organizations. Through a broad collaborative effort, the AuthXML specification has evolved rapidly. This advanced level of development will allow AuthXML to make a significant contribution and become even more refined within the auspices of the OASIS XML Security Services Technical Committee.
"AuthXML is a vendor-neutral specification that enables the integration of proprietary Web security, network security, B2B infrastructures and applications with individual Internet-based user sessions and transactions. The specification derives its name from the fact that it uses XML and links the two primary components of Web transaction security: Authentication and Authorization. AuthXML is designed to enable the seamless flow of Web-based transactions between trading partner sites that may be using different security systems, and within a given site that may be deploying multiple applications that require integrated security. The goal of the AuthXML Working Group is to achieve a universally accepted standard that uses XML technology to enable authentication and authorization functions to be performed across and interoperate with multi-vendor Web security systems, packaged and custom Web applications, and network level security systems."
- Announcement: "AuthXML Working Group Submits AuthXML Specification to OASIS XML Security Services Technical Committee. Major Initiative Aims To Merge Related XML Security Standards Within OASIS."
- "AuthXML Standard for Web Security." - Main reference page
- OASIS XML Security Services Technical Committee
- AuthXML Web site
- "Security Services Markup Language (S2ML)."