Call to Vote for OASIS Standard - Authentication Step-Up Protocol and Metadata Version 1.0

The OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC members [1] have approved submitting the following Candidate OASIS Standard to the OASIS membership to a membership vote for OASIS Standard:

Authentication Step-Up Protocol and Metadata Version 1.0
Candidate OASIS Standard 01
06 March 2017

This is a call to the primary or alternate representatives of OASIS Organizational Members to vote. This Committee Specification was approved by the Technical Committee and was submitted for the required 60-day public review [2]. All requirements of the OASIS TC Process having been met [3][4], the Candidate OASIS Standard is now submitted to the voting representatives of OASIS organizational members.

-- Voting Details --

The ballot opens at 11 May 2017 at 00:00 UTC and closes 24 May 2017 at 23:59 UTC. You can access the ballot at:

Internal link:

Publicly visible link:

The minimum number of affirmative votes required to approve this ballot is 40 (15% of 262 OASIS organizational member companies).

Each OASIS organizational member has one vote. OASIS members should ensure that their organization's voting representative votes according to the organization's wishes. If you do not know the name of your organization's voting representative is, go to the My Account page at

then click the link for your Company (at the top of the page) and review the list of users for the name designated as "Primary".

-- Information about the Candidate OASIS Standard and the Trust Elevation TC --

lectronic Identity Credential Trust Elevation Methods are used to increase assurance in entity identification using authentication events and related entity information for the purpose of risk mitigation when making access control policy decisions. The goals of the Authentication Step-Up Protocol are:

· To propose simple Trust Elevation architectural patterns demonstrating the use of Trust Elevation in modern Access Control architectures.

· To describe a common metadata set, mechanisms and protocol elements for Trust Elevation information exchanges.

· To promote the use of Trust Elevation elements to facilitate standardization among the many technologies and approaches currently in use for credential & authentication risk mitigation.

3 Statements of Use were received from HYPR Biometric Security, Aetna, and Acceptto Corp. [2]

About the TC:

The OASIS Trust Elevation TC works to define a set of standardized protocols that service providers may use to elevate the trust in an electronic identity credential presented to them for authentication. The Trust Elevation TC is intended to respond to suggestions from the public sector, including the U.S. National Strategy for Trusted Identities in Cyberspace (NSTIC). The Trust Elevation TC promotes interoperability among multiple identity providers--and among multiple identity federations and frameworks--by facilitating clear communication about common and comparable operations to present, evaluate and apply identity [data/assertions] to sets of declared authorization levels.


The prose specification document and related files are available here:

Editable source (Authoritative):



ZIP distribution file (complete):

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

-- Additional information --

[1] OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC

TC Charter

[2] Candidate OASIS Standard Special Majority Vote:

[3] Public reviews:
60-day public review, 11 March 2017:
- No comments received; comment resolution log pending

- 15-day public review, 17 November 2016:
- Comment resolution log:

- 30-day public review, 22 December 2015:
- Comment resolution log:

[4] Statements of Use:
- HYPR Biometric Security:

- Aetna:

- Acceptto Corp:

Associated TC: 
Electronic Identity Credential Trust Elevation Methods (Trust Elevation)
Associated MS: