Web Services Directory

Verisign's XML Trust Services pages giving an overview of the XML security standards and their relationship to Verisign products.

The XNS Public Trust Organization (XNSORG) manages XNS (eXtensible Name Service), a new XML-based open platform for universal data exchange with global identity, privacy, and permission management.

The Liberty Alliance Project is an alliance formed to deliver and support a federated network identity solution for the Internet that enables single sign-on for consumers as well as business users in an open, federated way.

The International Security, Trust, and Privacy Alliance (ISTPA) is a global alliance of companies and technology providers working together to clarify and resolve existing and evolving issues related to security, trust, and privacy.

OASIS home page for XML-Based Security Services TC (SSTC), Security Assertion Markup Language (SAML)

W3C home page for XKMS. The XML Key Management Specification (XKMS) comprises two parts -- the XML Key Information Service Specification (X-KISS) and the XML Key Registration Service Specification (X-KRSS).

The Platform for Privacy Preferences Project (P3P), developed by the World Wide Web Consortium, is emerging as an industry standard providing a simple, automated way for users to gain more control over the use of personal information on Web sites they visit. At its most basic level, P3P is a standardized set of multiple-choice questions, covering all the major aspects of a Web site's privacy policies. Taken together, they present a clear snapshot of how a site handles personal information about its users. P3P-enabled Web sites make this information available in a standard, machine-readable format. P3P enabled browsers can "read" this snapshot automatically and compare it to the consumer's own set of privacy preferences. P3P enhances user control by putting privacy policies where users can find them, in a form users can understand, and, most importantly, enables users to act on what they see.

Provides an overview of SAML and how it relates to the Netegrity product architecture

XML Cover Pages home page on XKMS

Digital signatures provide integrity, signature assurance and non-repudiatability over Web data. Such features are especially important for documents that represent commitments such as contracts, price lists, and manifests. In view of recent Web technology developments, the proposed work will address the digital signing of documents (any Web resource addressable by a URI) using XML syntax. This capability is critical for a variety of electronic commerce applications, including payment tools.

XrML - eXtensible rights Markup Language - provides a universal method for specifying rights and issuing conditions (licenses) associated with the use and protection of content.

Hosted by Entrust, discussion papers, explanations and links related to XML security standards.

XWSS.org is a forum which offers security professionals, application developers, product managers, system auditors and IT operations staff a way to exchange ideas and share information about XML Web Services and security issues. Includes discussion forums, news, articles, white papers and links.

The XML Key Management Specification (XKMS) comprises two parts -- the XML Key Information Service Specification (X-KISS) and the XML Key Registration Service Specification (X-KRSS).

SAML Yahoo Discussion Group

The XML Trust Center is designed to aggregate information about advances in XML and public key infrastructure technologies, and to provide a common forum for the discussion and elaboration of issues related to interoperable trust in XML. The Trust Center offers developer tools, documentation, and an interactive community in which developers can share ideas and debate emerging technologies. Sponsored by Verisign

The XML Cover Pages Security Assertion Markup Language (SAML) resources

Yahoo Discussion Group for XKMS

The mission of this working group is to develop an XML compliant syntax used for representing the signature of Web resources and portions of protocol messages (anything referencable by a URI) and procedures for computing and verifying such signatures. This is a joint Working Group of the IETF and W3C

The PICS specification enables labels (metadata) to be associated with Internet content. It was originally designed to help parents and teachers control what children access on the Internet, but it also facilitates other uses for labels, including code signing and privacy. The PICS platform is one on which other rating services and filtering software have been built.