Web Initial Sign-on (WebISO)

The WebISO working group is dormant for now.
Please contact Steve Olshansky, WebISO working group flywheel, with questions or comments.

The WebISO Working Group is investigating the realm of "web initial sign-on" (WebISO) packages: systems designed to allow users, with standard web browsers, to authenticate to web-based services across many web servers, using a standard, typically username/password-based central authentication service. The intent is to share experience in this realm and to work towards common solutions. The group's output may take the form of: recommendations for best practice and architecture; recommendations for interfaces between services and WebISO infrastructure; common WebISO protocols and/or common implementations. Key related projects include the Internet2 Shibboleth project, the Open Knowledge Initiative, and the uPortal project, to name a few.

The WebISO Working Group is chaired by Nathan Dors.

NOTEWELL: All Internet2 Activities are governed by the Internet2 Intellectual Property Framework.

Discussion

Working group discussion occurs via an email list and regular conference calls.

• To subscribe to the WebISO WG list, send email to sympa at internet2 dot edu, with the message body:

  subscribe <list name> <your name>

  For example:

  subscribe mace-webiso Jane Doe

  To unsubscribe, send email to sympa at internet2 dot edu, with the message body:

  unsubscribe mace-webiso

  Subscription is required to post messages to the mail listing. Archives are public.

• To participate in the next conference call, join the mailing list and look for an announcement. Calls are scheduled bi-weekly on Tuesdays, 3:30 PM EDT.

WebISO Related Software

The links below are to software packages developed by Internet2 universities that have been discussed by the Working Group. Note that the "WebISO" name does not refer to a particular software package.

• Pubcookie from the Pubcookie Team (pubcookie.org)

• Central Authentication Service (CAS) from Yale University

• WebAuth from Duke University

• Campus-Wide Login (CWL) from University of British Columbia

• Bluestem from University of Illinois

• Brown Web-Authentication from Brown University

• Stanford WebAuth

Documents

• WebISO: Target-Side Models, 27 Oct 2003
  draft-internet2-webiso-target-side-models-01.html
• WebISO: Service Model and Component Capabilities, 22 Oct 2002
  draft-internet2-webiso-model-01.html
• WebISO Web Application Agent Questionnaire, 3 Oct 2002
  webiso-questionnaire.txt (Text)
  Responses:
  • CAS, Yale
  • Bluestem, UIUC
  • A-Select, SURFnet
  • PAPI, RedIRIS
  • Pubcookie
  • Web AuthN/AuthZ, Michigan Tech
  • eIdentity Web Authentication, Colorado State
  • Distauth, UC Davis
  • AuthPortal,Virginia Tech
  • WebAuth, Duke
  • Shibboleth
  • Cosign, Michigan
  • Univerity of Texas Health Science Center
  • Campus-wide Login (CWL) system, UBC
  • WebAuth, Stanford
• Trusted Delegation of Privileges in an N-Tier Environment, 28 Jul 2002
  draft-lajoie-trust_and_delegation-02.html
• Scenarios ("straw man" draft), 11 Dec 2001
  draft-internet2-webiso-scenarios-01.txt
• Web Initial Sign-On Overview Draft, 12 Nov 2001
  draft-internet2-webiso-overview-01.txt
• Web Initial Sign-On Requirements, Updated 11 Dec 2001
  draft-internet2-webiso-requirements-07.html
• WebISO Presentation (MS Powerpoint)
  Ryan Muldoon, 24 Aug 2001
• (Obsolete?) WebISO Overview and Requirements (MS Word)
  Scott Fullerton and Ryan Muldoon, 2 Aug 2001

Minutes of MACE-Webiso Conference Calls

Links

• OKI Authentication Specification
• OASIS/SAML - industry standardization effort for webiso-like systems