OASIS Security Services (SAML) TC
Defining and maintaining a standard, XML-based framework for creating and exchanging security information between online partners
Nathan Klingenstein, ndk@internet2.edu, Chair
Thomas Hardjono, hardjono@mit.edu, Chair
Anil Saldhana, anil.saldhana@redhat.com, Secretary
Hal Lockhart, hal.lockhart@oracle.com, Secretary
Scott Cantor, Secretary
Table of Contents
- Announcements
- Overview
- Technical Work Produced by the Committee
- Mailing Lists and Comments
- Additional Information
2008-06-17: OASIS officially launches SAML XML.org! Visit the saml.xml.org site for numerous resources on SAML and to take part in the worldwide SAML community. Visit the OASIS SAML wiki to keep up on the details of TC work, such as specific SSTC deliverables in process and their review cycles.
The Security Assertion Markup Language (SAML), developed by the Security Services Technical Committee of OASIS, is an XML-based framework for communicating user authentication, entitlement, and attribute information. As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application.
If you are a manager looking for a high-level overview of SAML, the Executive Overview is recommended. If you are looking for a technical introduction to SAML concepts and capabilities, it is recommended to start with the Technical Overview. Additional technical information, including the complete set of SAML specifications, can be found in the knowledgebase at saml.xml.org.
For more information, see the TC Charter and FAQ.
Technical Work Produced by the Committee
Visit the specifications page at saml.xml.org for SAML 2.0 and the other core SAML specifications produced by the SSTC.
Information about ongoing committee deliverables can be found at the SAML OASIS wiki.
security-services: the list used by TC members to conduct Committee work. TC membership is required to post. TC members are automatically subscribed; the public may view archives.
saml-dev: an unmoderated, public mail list that provides an open forum for developers to exchange ideas and information on implementing the SAML OASIS Standard. Subscribe (to minimize spam, you must subscribe to these lists before posting) or view archives.
To comment on the work of the SSTC, follow the commenting instructions.
SSTC Meetings: "Quorate" TC teleconferences are held every other Tuesday from 12 to 2pm U.S. Eastern time (9 to 11am U.S. Pacific time). Please contact Thomas Hardjono for dial-in details. Teleconference meetings are not exposed on the public OASIS calendar in order to avoid conference bridge theft. No face-to-face (F2F) meetings are currently scheduled.
SAML Stuff: Don't forget: You can buy OASIS-branded items from Cafe Press, including SAML gear!
Past SSTC chairs and co-chairs:
- Hal Lockhart, Oracle (June 2005 to June 2010)
- Brian Campbell, Ping Identity Corp. (Mar 2007 to Mar 2009)
- Prateek Mishra, Oracle Corp. (Nov 2002 to Mar 2007)
- Rob Philpott, RSA Security (Nov 2002 to Mar 2006)
- Joe Pato, Hewlett-Packard and Jeff Hodges, Sun Microsystems (May 2001 to Nov 2002)
- Eve Maler, Sun Microsystems (Jan 2001 to May 2001)
- Marc Chanliau, Netegrity (Jan 2001)
Past SSTC coordinating editors:
- Bob Blakley, IBM
Other past SSTC chair sponsorship:
- Oblix, Inc. (via Jeff Hodges)
Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.