Press Release

OASIS Expands to Include PKI Forum

Security Alliance Moves Adoption Agenda to International Consortium

Dallas, TX, USA, 4 November 2002 — OASIS, the global standards consortium, today announced that it will expand its organization to include the security advocacy group, PKI Forum. As the newest OASIS Member Section, PKI Forum will continue to advance the use of the Public-Key Infrastructure (PKI) as a foundation for secure transactions in e-business and Web services applications. “Since much new standards and application development activity is in the world of XML-related standards, and since it is vital for PKI to become integrated into applications, this move makes sense. The synergies among the groups within OASIS should help PKI move to the next phase as an unseen but foundational part of the infrastructure,” said Victor S. Wheatman, Vice President and Research Area Director for Gartner, Inc. The OASIS PKI Member Section joins a growing list of OASIS activities that address Web services and security including WS-Security, the Security Assertion Markup Language (SAML), the XML Access Control Markup Language (XACML), the Rights Language, the Service Provisioning Markup Language (SPML) and XML Common Biometric Format (XCBF) and the Digital Signature Services (DSS) protocol. “OASIS advances the adoption of today’s most important Web services security standards. PKI is an important foundation for those standards, and it makes perfect sense for PKI Forum to be part of the consortium,” noted Terry Leahy of Wells Fargo, who served as chair of the PKI Forum Executive Board and now leads the OASIS PKI Member Section Steering Committee. Leahy added that moving PKI Forum’s activities within OASIS will benefit members from both organizations as well as increase market awareness of all the e-business enabling tehnologies. “Coordination and interoperability between the various security standards are key factors for the success of Web services,” said Patrick Gannon, president and CEO of OASIS. “Advancing the adoption of PKI alongside other Web services and e-business security standards at OASIS makes it easier for every company with a serious stake in the security agenda to be represented and involved in this work.” Under the new organizational structure, members of PKI Forum will join OASIS and be eligible to contribute to all OASIS technical work. Existing OASIS members will have the option to participate in PKI committee activities without additional membership dues. PKI committees will be formed and operate under the OASIS technical process. The PKI Forum Executive Board will continue to guide the alliance as the OASIS PKI Member Section Steering Committee. Members include Derek Brink of RSA Security, Peter Doyle of Baltimore Technologies, John Sabo of Computer Associates, Mitch Arnone of Schlumberger Network Solutions, Patrick Gen Kanaishi of Neucom, Terry Leahy of Wells Fargo, and Jeff Stapleton of KPMG. OASIS will host open mail lists for public comment on PKI Forum activities, and completed work will be freely available to the public without licensing or other fees. About PKI Forum (www.oasis-pki.org) PKI Forum brings technology and service providers, integrators and end-users together to accelerate the adoption and use of PKI applications, digital certificates and other real world solutions, as well as to facilitate interoperability through multi-vendor testing of industry standards and educational outreach. Established in 1999, PKI Forum serves as a global information resource for PKI and advocates cooperation and market awareness enabling organizations to understand and exploit the value of PKI in applications relevant to their businesses. About OASIS (http://www.oasis-open.org) OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, XML conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. OASIS has more than 500 corporate and individual members in 100 countries around the world. For more information: Carol Geyer Director of Communications OASIS (www.oasis-open.org) carol.geyer@oasis-open.org +1.978.667.5115 x209

The work of OASIS is supported by organizations from around the world. Members include:

View all our members