We'd all like to see the US NSTIC project move forward and produce something of value. One of the first things NSTIC needs is a credible draft standards landscape. We'd like to use IIW13 (http://www.idcommons.org/internet-identity-workshop-13-october-18-20-in-mountain-view-2/) to start open collaboration on that, by brainstorming to: * validate or improve some rough categories; * collect and solicit additions to lists of known standards and gaps for each category; and * seek some agreement on how to refine, and more broadly consult about, those lists.In the spirit of moving forward fast: Seems like a good idea to collect all the data that we can easily gather on existing relevant standards projects. Tragically, there's no such thing as the Official Global Database Of Everyone's Standards and Drafts. In the spirit of cooperation: Representatives from six relevant standards organizations have huddled and agreed to cooperate on brainstorming sessions at IIW next week: in alpha order, Kantara, OASIS, OIX, SAFE-BioPharma, Smart Card Alliance and W3C. Of course, there are lots of other equally valuable stakeholders; but we needed some moderators, and standards people who have been showing up reliably at NSTIC and IIW seemed like a good start. This is an unconference; nobody bosses anybody. In the spirit of fitting into the IIW ecology: There's a lot of ground to cover, but it would be piggy to consume a whole IIW day. So we are planning to propose 3 sessions. Helps keep the scale bearable. And obviously, other stuff will be going on in the same time slots. All we can expect, in that time frame, is a beginning list of known projects, and some plans to collectively grow it. But that's enough for a start. Note: It's not a perfect taxonomy of categories, and the exemplar standards listed are definitely not complete. But this rough sort still may help us organize lists, and solicit additions. Session Topics Incomplete list of obvious stuff Moderators/scribes1 Authorization, SSO, token data Kantara, OIX, OAuth, OpenID, KMIP, etc. Don Thibeau (OIX) & Joni Brennan (Kantara)Access control and assertion languages SAML, SCIM, XACML, SPML, LDAP, RuleML/ RIF, WS-Policy, XSPA, W3C Provenance, etc.2 “Frameworks“, assurance levels, interparty liability Kantara, OIX, SAFE-BioPharma, Trust Elevation, etc. Rich Furr (SAFE-BioPharma) & Cathy Medich (SCA)Device-specific (mobile; smartcards; browser, etc.) SCA (14443, 7816, etc), SAFE-BioPharma, W3C mobile, W3C DNT, INCITS M1, etc. 3 Privacy, anonymity & policy P3P, W3C DNT, PMRM, VRM, IETF RFCs 3323, 4941, 6280, etc. Harry Halpin (W3C) & Jamie Clark (OASIS) Plan for iterating the lists Public reviews? Wikis? Meetings?Ideally, after a few rounds of this, we will have a first approximation of an existing-standards map, and something to use in identifying gaps.So, consider this your notice that a handful of standards folks will propose three sessions on Wednesday to go standards-hunting, and you're invited to participate. See you in Santa Clara!