OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Useful market critique of aspects of SAML, other identity standards, from NSTIC pilots

As some of you know, the US government is conducting a multi-year identity federation and standards project, NSTIC, which among other things has funded several rounds of pilot grants to promote projects demonstrating advanced identity services. These projects report periodically to NSTIC's "IDESG" community; those reports are captured and spooled on its website. The most recent slide decks and recordings can be found here:


Another series of reports will be out shortly in January.

Let me particularly call to your attention the report from the Daon/AARP pilot program for user-centric electronic health records, which can be found in the presentation "Daon slides".  The slides and comments presented a number of interesting observations about practical challenges that the pilot project encountered, in employing SAML, OpenID and other relevant standards, particularly at slides 11-12, 15-16, 19, 20, 21, 24 and 25.

You may wish to consider whether any of this feedback is useful guidance for your own further development and maintenance of SAML, its profiles, and other existing or future related work that might address the gaps noted by the pilot report.

Thanks for your consideration.

Regards, JBC

James Bryce Clark, General Counsel
OASIS: Advancing open standards for the information society

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]