OASIS Security Services TC

The original Call For Participation for this TC may be found at http://lists.oasis-open.org/archives/tc-announce/200011/msg00005.html

The charter was revised at the first meeting of the TC on 9 January 2000, as minuted at http://lists.oasis-open.org/archives/security-services/200101/msg00014.html

The charter was further revised at a meeting of the TC on 18 February 2003, as minuted at http://lists.oasis-open.org/archives/security-services/200302/msg00049.html

The charter was further revised as discussed at a TC meeting on 11 November 2003 (see http://lists.oasis-open.org/archives/security-services/200311/msg00042.html) with balloting from 12 to 19 November (see http://www.oasis-open.org/apps/org/workgroup/security/ballot.php?id=268&)

The charter for this TC is as follows.


The official name is the Security Services Technical Committee (SSTC). It is sometimes unofficially called the "SAML TC" or the "SSTC/SAML committee".

Statement of Purpose

Inter- and intra-enterprise application architectures require interoperable security solutions that transcend the boundaries of single security domains. The interoperable exchange of security information between domains, including the ability to federate identities across such domains, is crucial to developing solutions for business problems such as performing Web Single Sign-On, utilizing distributed authorization services, and securing e-business transactions.

The purpose of the TC is to define, enhance, and maintain a standard XML-based framework for creating and exchanging authentication and authorization information.

Scope of Work

The TC is engaged in evolving the suite of SAML specifications. The scope of the SAML 2.0 effort will be guided by the above Statement of Purpose. This effort will deliver on the following goals:

  • Address issues and enhancement requests that have arisen from experience with real-world SAML implementations and with other security architectures that use SAML.
  • Add support for features that were deferred from previous versions of SAML.
  • Develop an approach for unifying various identity federation models found in real-world SAML implementations and SAML-based security architectures.

List of Deliverables

The TC is targeting the V2.0 release for the middle of 2004. The release will include updates to the following specifications published by the TC for V1.1:

  • SAML Assertions and Protocol
  • Bindings and Profiles
  • Glossary
  • Security and Privacy Considerations
  • Conformance Program

Additional documents, such as new SAML profile specifications may also be produced at the Committee's discretion. The TC's intent is to pursue OASIS Standard status for all SSTC Draft Specifications.


The primary audience for the final output of this TC is security system architects and implementers.

Language of the TC

All business of the TC will be conducted in English.