There are several other official, semi-official, and non-official committees and conferences that address security issues. Our purpose is to mention a few of them so as to establish a few players that may affect the standardization process.
One of them is NIST, which has been active in United States Standards activities (often in partnership with DoD agencies) for quite some time. NIST has for several years being hosting the OSE implementors' workshop which includes a special interest group on security. NIST has also being sponsoring workshops on security labels, an area that has direct bearing on both upper and layer protocol standards. As a result of this work, NIST is developing a FIPS on security labels for information transfer [FIP93d].
Another set of organizations are those that were created by the Council of European Community such as ETSI (European Telecommunications Standardization Institute) and EWOS (European Workshop for Open Systems). ETSI and EWOS are producing Functional Standards and have been producing Security profiles for several protocols (such as MHS). Moreover, there are several European collaborative research programs (such as RACE and ESPRIT) that are providing technical support for the European Security Standards.
NATO is sponsoring several standards committees active in security standardization. Thus, a good number of NLSP comments were influenced by NATO concerns.
Finally, interesting and useful work is published as Internet Drafts by the IETF (Internet Engineering Task Force). The most recent draft by John Linn (DEC, member of the common authentication technology wg) is a revival of an older DEC product and defines a Generic Security Service Application Program Interface (GSS-API). Interestingly enough, there have been several recent papers in the UK that advocate this approach as an alternative to the GULS.
IETF has recently formed a new group (IPSEC) tasked with developing an SP3 type protocol in the Internet and a key management protocol.