OASIS Committee/Project Specification
SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems
Specifies the use of SAML V2.0 attribute queries and assertions to support distributed authorization in support of X.509-based authentication.
SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems
Specifies the use of SAML V2.0 attribute queries and assertions to support distributed authorization in support of X.509-based authentication.
Produced by:
OASIS Security Services (SAML) TCVoting history:
March 2008
OASIS Standard:
Cite as:
Cite as:
[SAML-X509-authn-attrib] SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based Systems. Edited by Eve Maler, Rob Philpott, Tom Scavo, and Ari Kermaier. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib-profile-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-x509-authn-attrib-profile-cd.html.
SAML V2.0 Deployment Profiles for X.509 Subjects
Specifies how a principal who has been issued an X.509 identity certificate is represented as a SAML Subject, how an assertion regarding such a principal is produced and consumed, and finally how two entities exchange attributes about such a principal.
SAML V2.0 Deployment Profiles for X.509 Subjects
Specifies how a principal who has been issued an X.509 identity certificate is represented as a SAML Subject, how an assertion regarding such a principal is produced and consumed, and finally how two entities exchange attributes about such a principal.
Produced by:
OASIS Security Services (SAML) TCVoting history:
March 2008
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-deploy-x509]
SAML V2.0 Deployment Profiles for X.509 Subjects. Edited by Tom Scavo. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-x509-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-profiles-deploy-x509.html
SAMLv2.0 HTTP POST “SimpleSign” Binding
Defines a SAML HTTP protocol binding, specifically using the HTTP POST method, and not using XML Digital Signature for SAML message data origination authentication. Rather, a “sign the BLOB” technique is employed wherein a conveyed SAML message is treated as a simple octet string if it is signed. Conveyed SAML assertions may be individually signed using XMLdsig. Security is optional in this binding.
SAMLv2.0 HTTP POST “SimpleSign” Binding
Defines a SAML HTTP protocol binding, specifically using the HTTP POST method, and not using XML Digital Signature for SAML message data origination authentication. Rather, a “sign the BLOB” technique is employed wherein a conveyed SAML message is treated as a simple octet string if it is signed. Conveyed SAML assertions may be individually signed using XMLdsig. Security is optional in this binding.
Produced by:
Security Services (SAML) TCVoting history:
March 2008
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-binding-simplesign] SAMLv2.0 HTTP POST "SimpleSign" Binding. Edited by Jeff Hodges and Scott Cantor. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign.html.
SAML V2.0 X.500/LDAP Attribute Profile
A replacement for the X.500/LDAP Attribute Profile found in the original SAML 2.0 Profiles specification [SAML2Prof]. The original profile results in well-formed but schema-invalid XML and cannot be corrected without a normative change.
SAML V2.0 X.500/LDAP Attribute Profile
A replacement for the X.500/LDAP Attribute Profile found in the original SAML 2.0 Profiles specification [SAML2Prof]. The original profile results in well-formed but schema-invalid XML and cannot be corrected without a normative change.
Produced by:
Security Services (SAML) TCVoting history:
March 2008
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-X.500] SAML V2.0 X.500/LDAP Attribute Profile. Edited by Scott Cantor. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-attribute-x500.html.
Code List Representation (Genericode) Version 1.0
Describes the OASIS Code List Representation model and W3C XML Schema, known collectively as “genericode”.
Code List Representation (Genericode) Version 1.0
Describes the OASIS Code List Representation model and W3C XML Schema, known collectively as “genericode”.
Produced by:
OASIS Code List Representation Technical CommitteeVoting history:
December 2007
OASIS Standard:
Cite as:
Cite as:
[genericode-v1.0] Code List Representation (Genericode) Version 1.0. Edited by Anthony B. Coates. 28 December 2007. OASIS Committee Specification 01. http://docs.oasis-open.org/codelist/cs-genericode-1.0/doc/oasis-code-list-representation-genericode.html. Latest version: http://docs.oasis-open.org/codelist/cs-genericode-1.0/doc/oasis-code-list-representation-genericode.html.
SAML 2.0 Protocol Extension for Requested Authentication Context
Defines a protocol extension to SAML 2.0 specification Error: Reference source not found that facilitates a more flexible model for expressing Authentication Context than that currently supported. The extension allows service providers to express combinations of Authentication Context classes in their requests for authentication assertions. The expectation is that the extension, when its additional functionality was necessary, would be used in replacement of the existing Authentication Context mechanisms in the authentication request message. Readers should be familiar with Error: Reference source not found before reading this document.
SAML 2.0 Protocol Extension for Requested Authentication Context
Defines a protocol extension to SAML 2.0 specification Error: Reference source not found that facilitates a more flexible model for expressing Authentication Context than that currently supported. The extension allows service providers to express combinations of Authentication Context classes in their requests for authentication assertions. The expectation is that the extension, when its additional functionality was necessary, would be used in replacement of the existing Authentication Context mechanisms in the authentication request message. Readers should be familiar with Error: Reference source not found before reading this document.
Produced by:
Security Services (SAML) TCVoting history:
May 2007
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-ext-req-auth] SAML 2.0 Protocol Extension for Requested Authentication Context. Edited by Paul Madsen and Ashish Patel. 23 May 2007. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-protocol-ext-rac-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-protocol-ext-rac.html.
SAML V2.0 Protocol Extension for Third-Party Requests
Defines an extension to the SAML V2.0 protocol specification [SAML2Core] that facilitates requests made by parties other than the intended response recipient. Protocol extensions enable extension-aware SAML requesters and responders to modify protocol behavior in a generic, layered fashion. Readers should be familiar with [SAML2Core] before reading this document.
SAML V2.0 Protocol Extension for Third-Party Requests
Defines an extension to the SAML V2.0 protocol specification [SAML2Core] that facilitates requests made by parties other than the intended response recipient. Protocol extensions enable extension-aware SAML requesters and responders to modify protocol behavior in a generic, layered fashion. Readers should be familiar with [SAML2Core] before reading this document.
Produced by:
Security Services (SAML) TCVoting history:
May 2007
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-third-party-ext] SAML V2.0 Protocol Extension for Third-Party Requests. Edited by Scott Cantor. 23 May 2007. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-protocol-ext-thirdparty-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-protocol-ext-thirdparty.html.
SAML 2.0 Shared Credentials Authentication Context Extension and Related Classes
Defines an authentication context extension to the SAML 2.0 Authentication Context specification SAMLAC that allows providers to distinguish whether or not the credential by which a principal authenticates to the identity provider is known to be shared amongst a group of users or unique to that user. Two new Authentication Context classes and associated schemas are also introduced to distinguish between these two cases.
Readers should be familiar with SAMLAC before reading this document.
SAML 2.0 Shared Credentials Authentication Context Extension and Related Classes
Defines an authentication context extension to the SAML 2.0 Authentication Context specification SAMLAC that allows providers to distinguish whether or not the credential by which a principal authenticates to the identity provider is known to be shared amongst a group of users or unique to that user. Two new Authentication Context classes and associated schemas are also introduced to distinguish between these two cases.
Readers should be familiar with SAMLAC before reading this document.
Produced by:
Security Services (SAML) TCVoting history:
May 2007
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-context-ext] SAML 2.0 Shared Credentials Authentication Context Extension and Related Classes. Edited by Paul Madsen and Ashish Patel. 23 May 2007. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-context-ext-sc-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-context-ext-sc.html.
SAML V2.0 Text-Based Challenge/ Response Token AuthenticationContext Class
Covers a subset of challenge/response schemes including those that are based on cryptographic functions and time-based tokens. The notion of text-based challenge/response tokens are not covered by any of the current authentication context definitions.
This document proposes an authentication context class to cover the general case of text-based challenge/response tokens to facilitate signaling their use in SAML. Such schemes include, for example, scratch tokens, numbered list tokens, grid tokens, etc. associated with a challenge/response authentication function. This document also proposes an extension that enables text-based challenge/response token parameters to be specified in relevant authentication contexts. This extension would be included in the of such contexts.
SAML V2.0 Text-Based Challenge/ Response Token AuthenticationContext Class
Covers a subset of challenge/response schemes including those that are based on cryptographic functions and time-based tokens. The notion of text-based challenge/response tokens are not covered by any of the current authentication context definitions.
This document proposes an authentication context class to cover the general case of text-based challenge/response tokens to facilitate signaling their use in SAML. Such schemes include, for example, scratch tokens, numbered list tokens, grid tokens, etc. associated with a challenge/response authentication function. This document also proposes an extension that enables text-based challenge/response token parameters to be specified in relevant authentication contexts. This extension would be included in the
Produced by:
Security Services (SAML) TCVoting history:
May 2007
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-text-challenge] SAML V2.0 Text-Based Challenge/ Response Token Authentication Context Class. Edited by Sharon Boeyen and Thomas Wisniewski. 23 May 2007. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-text-based-challenge-response-authn-context-class-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/SpecDrafts-Post2.0/sstc-saml-text-based-challenge-response-authn-context-class-cd-01.html.
eContracts Version 1.0
Describes the generic hierarchical structure of a wide range of contract documents. The TC envisages that the primary use of the eContracts Schema will be to facilitate the maintenance of precedent or template contract documents and contract terms by persons who wish to use them to create new contract documents with automated tools. Use cases covered include negotiated business contracts, ticket contracts, standard form business and consumer contracts and click-through agreements.
eContracts Version 1.0
Describes the generic hierarchical structure of a wide range of contract documents. The TC envisages that the primary use of the eContracts Schema will be to facilitate the maintenance of precedent or template contract documents and contract terms by persons who wish to use them to create new contract documents with automated tools. Use cases covered include negotiated business contracts, ticket contracts, standard form business and consumer contracts and click-through agreements.
Produced by:
OASIS LegalXML eContracts TCVoting history:
April 2007
OASIS Standard:
Cite as:
Cite as:
[econtracts-v1.0] eContracts Version 1.0. Edited by Laurence Leff and Peter Meyer. 27 April 2007. OASIS Committee Specification. http://docs.oasis-open.org/legalxml-econtracts/CS01/legalxml-econtracts-specification-1.0.html. Persistent version: http://docs.oasis-open.org/legalxml-econtracts/CS01/legalxml-econtracts-specification-1.0.html.
Web Services Resource Metadata 1.0
The components introduced by the WS Resource Framework (WSRF) address functional aspects of modeling stateful resources (such as systems resources) using Web services. WSRF uses WSDL (currently WSDL 1.1) as the form of service description. There is a need to be able to supplement the descriptive information available about a WS-Resource. The format of the information about the components of a WS-Resource is standardized by WSRF, most notably in the resource properties document [WS-ResourceProperties].
In the realm of resource properties, the loosely coupled operations for reading and writing of properties [WS-ResourceProperties] would benefit from metadata. An example of this type of metadata is the mutability constraints and an enumeration of possible values for resource property elements. This document explains the need for such metadata and proposes an information model representing it that would be applicable to Manageable Resources and WS-Resources in general.
Web Services Resource Metadata 1.0
The components introduced by the WS Resource Framework (WSRF) address functional aspects of modeling stateful resources (such as systems resources) using Web services. WSRF uses WSDL (currently WSDL 1.1) as the form of service description. There is a need to be able to supplement the descriptive information available about a WS-Resource. The format of the information about the components of a WS-Resource is standardized by WSRF, most notably in the resource properties document [WS-ResourceProperties].
In the realm of resource properties, the loosely coupled operations for reading and writing of properties [WS-ResourceProperties] would benefit from metadata. An example of this type of metadata is the mutability constraints and an enumeration of possible values for resource property elements. This document explains the need for such metadata and proposes an information model representing it that would be applicable to Manageable Resources and WS-Resources in general.
Produced by:
OASIS Web Services Resource Framework (WSRF) TCVoting history:
November 2006
OASIS Standard:
Cite as:
Cite as:
[WS-Resource-Metadata]
Web Services Resource Metadata 1.0. Edited by Dan Jemiolo. November 9, 2006. OASIS Committee Specification 01. http://docs.oasis-open.org/wsrf/wsrf-ws_resource_metadata_descriptor-1.0-spec-cs-01.htm.
Extensible Resource Identifier (XRI) Syntax V2.0
This is the normative technical specification for XRI generic syntax. For a non-normative introduction to the uses and features of XRIs, see Introduction to XRIs [XRIIntro].
Extensible Resource Identifier (XRI) Syntax V2.0
This is the normative technical specification for XRI generic syntax. For a non-normative introduction to the uses and features of XRIs, see Introduction to XRIs [XRIIntro].
Produced by:
OASIS Extensible Resource Identifier (XRI) TCVoting history:
November 2005
OASIS Standard:
Cite as:
Cite as:
[XRI]
Extensible Resource Identifier (XRI) Syntax V2.0. Edited by Drummond Reed and Dave McAlpin. 14 November 2005. OASIS Committee Specification 01. http://docs.oasis-open.org/xri/xri-syntax/2.0/specs/cs01/xri-syntax-V2.0-cs.html. Latest version: http://docs.oasis-open.org/xri/2.0/specs/xri-syntax-V2.0.html
No results with the selected filters