#standards
- News · Apr 15, 2026Post-quantum migration starts to reach identity and PKI
As NIST post-quantum standards mature, certificate and PKI vendors began planning crypto-agile migrations for machine identity.
- News · Mar 2, 2026OAuth 2.1 consolidation draft continues through the IETF
Work continued on OAuth 2.1, which folds widely adopted security practices into a single specification and removes legacy grants.
- News · Aug 1, 2025OpenID Foundation finalizes OpenID4VC High Assurance Interoperability Profile
The OpenID Foundation advanced OpenID for Verifiable Credentials profiles, improving interoperability for issuing and presenting digital credentials.
- News · Jul 22, 2025Identity providers adopt the Shared Signals Framework for continuous access
Adoption of the Shared Signals Framework and CAEP grew, letting providers share security events and revoke sessions in near real time.
- News · May 15, 2025W3C publishes Verifiable Credentials Data Model 2.0 as a Recommendation
The W3C finalized the Verifiable Credentials Data Model 2.0 family as Recommendations, a milestone for decentralized identity and the EU Digital Identity Wallet.
- News · Jan 21, 2025IETF publishes OAuth 2.0 Security Best Current Practice as RFC 9700
The OAuth 2.0 Security BCP became RFC 9700, consolidating hardening guidance such as PKCE everywhere and sender-constrained tokens.
- News · Dec 10, 2024FIDO Alliance advances passkey portability and credential exchange
The FIDO Alliance published specifications to let users securely move passkeys between providers, addressing a key adoption blocker.
- News · Aug 21, 2024NIST releases updated Digital Identity Guidelines (SP 800-63-4) draft
NIST advanced SP 800-63-4, emphasizing phishing-resistant authentication, syncable passkeys, and revised identity proofing guidance.