New Identity Incubation Project at Apache

There is a new Apache Software Foundation (ASF) site run by Hans Granqvist and dedicated to a project that is intended as an incubator for thinking and innovation around Identity 2.0. The project is known as TSIK (Trust Services Integration Toolkit) and joins the WSS4J initiative as a possible foundation for Apache's identity solutions.

Hans’ first posting says:

Some of the initial ideas of TSIK is to implement WS-* standards as they are developed, in particular the ones related to implementation of a federated ID protocol such as Microsoft's InfoCard, but also other federated ID protocols could be of interest, for example, Liberty Alliance, Sxip networks, Identity Commons, LID NetMesh,

This is wonderful. To put it slightly differently, it is my hope that by implementing the Infocard Identity Metasystem components Apache would effectively build in support for the whole gamut of identity tokens, including those used by Liberty, Sxip, Identity Commons, LID and Passel. In other words, I see InfoCards and the Metasystem as a platform, not a competitor, for these other systems.

Hans goes on to say:

“The Apache TSIK is an incubation subproject of the Apache Web Services Project to develop a Java class library for implementations of various W3C and OASIS specifications related to XML and Web services security.

“For more information on current APIs and usage patterns, check out the javadoc TSIK API.


“TSIK was originally developed as closed source by VeriSign over a period of five years before being opened up and incubated at Apache in August, 2005. TSIK today is comercially used in several software products and appliances.

“Comparison to WSS4J

“Apache currently have another project, WSS4J, that implements WS-Security 1.0 from OASIS Web Services Security TC.

“WSS4J's functionality overlaps TSIK's, but there are some differences. WSS4J uses Apache Axis as SOAP engine, and builds on the Apache XML-Security project. TSIK contains its own XML security engine as well as its own SOAP stack implementation.


“Initially, there is room for both WSS4J and TSIK since they serve somewhat different target audiences. Over time, depending on the desire of TSIK developers, TSIK XML security layers may be re-architected to use Apache XML-Security libraries. WSS4J and TSIK may also assimilate into a single project using the best parts of both…

“Incubation Disclaimer

“The Apache TSIK project is an effort undergoing incubation at the Apache Software Foundation (ASF). As such, it is not yet a full ASF project. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.

“The initial proposal for Apache TSIK is here.

“Mailing lists

There is a TSIK developer mailing list set up. Please join in to discusss current implementation and future direction of TSIK.

I've met with excellent people from the WSS4J project as well as from TSIK, and it would be silly for me to comment on the overlap between these initiatives – even if I understood the implications. All I know is that Apache's identity people are good news for the whole industry – and a harbinger of what Doc Searls is talking about here.

Clearly this type of involvement at Apache starts to answer some of the very legitimate questions posed to me by Julian Bond. More on this going forward.

[tags: , , , , ]

Published by

Kim Cameron

Work on identity.