The official name is the Security Services Technical Committee (SSTC). It is sometimes unofficially called the "SAML TC" or the "SSTC/SAML committee".
Statement of Purpose
Inter- and intra-enterprise application architectures require interoperable security solutions that transcend the boundaries of single security domains. The interoperable exchange of security information between domains, including the ability to federate identities across such domains, is crucial to developing solutions for business problems such as performing Web Single Sign-On, utilizing distributed authorization services, and securing e-business transactions.
The purpose of the TC is to define, enhance, and maintain a standard XML-based framework for creating and exchanging authentication and authorization information.
Scope of Work
The TC is engaged in evolving the suite of SAML specifications. The scope of the SAML 2.0 effort will be guided by the above Statement of Purpose. This effort will deliver on the following goals:
Address issues and enhancement requests that have arisen from experience with real-world SAML implementations and with other security architectures that use SAML.
Add support for features that were deferred from previous versions of SAML.
Develop an approach for unifying various identity federation models found in real-world SAML implementations and SAML-based security architectures.
List of Deliverables
The TC is targeting the V2.0 release for the middle of 2004. The release will include updates to the following specifications published by the TC for V1.1:
SAML Assertions and Protocol
Bindings and Profiles
Security and Privacy Considerations
Additional documents, such as new SAML profile specifications may also be produced at the Committee's discretion. The TC's intent is to pursue OASIS Standard status for all SSTC Draft Specifications.
The primary audience for the final output of this TC is security system architects and implementers.
Language of the TC
All business of the TC will be conducted in English.