The Liberty Alliance next week will announce two new draft specifications and for the first time turn over a portion of its work to a standards group providing the first evidence that efforts to create a standards-based identity management framework may be fragmenting.
"I fear that the IBM/Microsoft Web Services Security Group and the Liberty Alliance have passed the point of no return in that they can no longer get together and create a common model for federated identity," says Dan Blum, an analyst with the Burton Group. "Above WS-Security, they are not sharing similar components."
Draft specifications for Liberty’s second and third phases of work, which now incorporate the WS-Security protocol for securing Web services messages, also will be introduced at RSA and will outline how to build a permission framework and sets of services for user identities that can be shared across the Internet. The second phase of
The two draft specifications are not being submitted to OASIS at this time but will be opened to the usual public review.
"I think it is significant that Liberty is ready to open up to a wider world than its own group," says Prateek Mishra, co-chair of the Security Services technical committee at OASIS and director of technology and architecture at Netegrity, a Liberty Alliance member.
Work on SAML 2.0 will begin at the end of June, according to Mishra.
Handing Version 1.1 over to OASIS is a milestone because