As many people know, I have the pleasure ofbeing the co-chair of the OASIS Web Services Secure Exchange (WS-SX)Technical Committee (TC). The OASIS staff have just announced ( ) thattwo of our specifications WS-Trust and WS-SecureConversation havebecome OASIS Standards.
WS-Trust defines the necessary syntax andsemantics for establishing trust between parties and defines the role and protocols of a SecurityToken Service (STS). WS-SecureConversation defines a syntax and semanticsfor establishing long running secure exchanges (a secure context if you like)between parties and thus aims to improve the performance of suchexchanges.
These specs are a key part of the Web ServicesSecurity Roadmap and I am really pleased to see them become OASISstandards. When combined with WS-Security (already an OASIS standard)these specs provide the building blocks upon which many moreadvanced scenarios, requiring more than just message level securitycan be built.
You can find the links to the specification documents that were submitted to be considered as potential OASIS standards here:
I would like to thank and congratulate themembers of the TC for their hard work, help and support in reachingthis major milestone. I would also like to thank the larger community that reviewed our specs and gave us valuable feedback and comments.