OASIS Web Services Security (WSS) TC

TC Page     Send a comment to this TC


Delivering a technical foundation for implementing security functions such as integrity and confidentiality in messages implementing higher-level Web services applications

Table of Contents


November 28th 2006

We are pleased to announce that a set of Errata has been approved by the OASIS Web Services Security (WSS) TC. The errata are as follows:

  • WS-Security SOAP Message Security 1.1 Errata
  • X.509 Token Profile 1.1 Errata
  • Kerberos Token Profile 1.1 Errata
  • SAML Token Profile 1.1 Errata
  • SOAP With Attachments (SWA) Profile Errata

The specs and the related errata can be found here.

The formal announcement of this Errata from OASIS is available here.

February 21st 2006

The WS-Security 1.1 document set that was submitted for public review towards the end of last year has now been approved as a formal OASIS standard. Links to those documents can be found below in the Technical Work Produced by the Committee section.


The purpose of the OASIS WSS TC is to continue work on the Web Services security foundations as described in the WS-Security specification, which was written within the context of the Web Services Security Roadmap as published in April 2002. The work of the WSS TC will form the necessary technical foundation for higher-level security services which are to be defined in other specifications.

For more information, see the TC Charter and FAQ

Technical Work Produced by the Committee

OASIS Standard 1.1

The following documents make up the WS-Security 1.1 OASIS standard. The links below are to the PDF versions of the documents. If you prefer HTML or Microsft Word (.doc) versions of the documents, you will find those in the document repository.

Related schema files

Here are the links to the 1.1 and 1.0 schema files. Note that the 1.1 schema does not replace the 1.0 schema, rather it builds upon it by defining an additional set of capabilities within a 1.1 namespace.

OASIS Standard 1.0

Note that all OASIS Standards documents are available from the standards page.

1.0 Errata - Updated February 2006

The WSS TC has produced a set of non-normative errata to these 1.0 documents. Note that these documents are errata to the WS-Security 1.0 OASIS Standard documents but are not themselves documents that have gone through the full OASIS standards process. They are Committee Draft documents produced by the WSS TC. The errata material is listed below.

About our other documents/work in progress

The TC is currently working on a set of documents that will be the 1.1 version of the specification. The latest versions of those documents are in the document repository.

The e-mail archive is available here. If you experience problems please notify webmaster@oasis-open.org

External Resources

Although not produced by the OASIS WSS TC, the following information offers useful insights into its work.

OASIS WSS TC Approves Three Web Services Security Specifications for Public Review
Cover Pages, 9 Sept 2003

OASIS Web Services Security TC (WSS) Approves Committee Draft Specifications.
Cover Pages, 26 Jan 2004

OASIS Web Services Security Specification Approved as an OASIS Standard.
Cover Pages, 8 April 2004

OASIS Web Services Security TC Prepares Additional WSS Profiles.
Cover Pages, 13 Aug 2004

Companies Demonstrate Interoperability of WS-Security OASIS Standard
OASIS News, 20 Apr 2005

Japanese translation of WS-Security provided as a voluntary service to the community by the XML Consortium.

Mailing Lists and Comments

wss: the list used by TC members to conduct Committee work. TC membership required to post. TC members are automatically subscribed; the public may view archives.

wss-comment: a public mail list for providing input to the OASIS wss Technical Committee members. Send a comment or view archives.

wss-dev: an unmoderated, public mail list that provides an open forum for developers to exchange ideas and information on implementing the wss OASIS Standard. Subscribe or view archives.*

*To minimize spam, you must subscribe to this list before posting.

Additional Information


In general, the TC meets by phone every other week on Tuesdays at 7am Pacific Time (10am Eastern Time). Exceptions to this rule will occur from time to time and will be posted here. The full meeting schedule is now in the on-line calendar. From now on please use the on-line calendar to find meeting times, logistics and agendas.

You can access the on-line calendar here or by clicking on the schedule link in the menu at the top of this page.


Click here to see a summary of WSS TC liaison reps to other groups.

Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.