10-11 September 2014, Silicon Valley (Mountain View), California
Many projects and companies are now requiring high security Web applications with improved authentication, and the W3C is positioned to enable technologies ranging from simple multi-factor authentication to full-blown smartcard-based authentication available to Web applications. For an example of new relevant work, the Web Cryptography API will soon expose standardized cryptographic functionality to Web applications across all major browsers.
Before re-chartering Web Cryptography Working Group or any new Working Group, the W3C believes that consensus around a long-term strategy should be solidified, and so the W3C is holding a workshop to determine what the web ecosystem needs to fully realize the potential of authentication on the Web in interoperating with other groups such as the FIDO Alliance and the Smartcard Alliance.
The aim of this workshop is to bring together those interested in discussing the integration of high-value authentication and hardware-based security in the Open Web Platform. This integration could make available to the Open Web Platform the current security capabilities of platforms via standards in this area.
The integration of hardware tokens for Web applications has been discussed in several Working Groups in W3C, such as the Web Cryptography Working Group, the SysApps Working Group, and in other workshops. Nevertheless there are different forms of secure tokens (from smartcards to secure micro-SD) and different services that could be brought by those trusted elements (storage, cryptographic operations, secure operations, authentication). Industry efforts in this area like the FIDO Alliance, which includes the use of mobile devices and biometric readers for authentication, have also been rapidly maturing and could intersect with the W3C in a number of mutually beneficially ways. The goal of this workshop is to outline a consensus for future deliverables and scope for the Web Cryptography Working Group charter or another Working Group charter and potentially list secure services to be developed on the Open Web Platform.
We invite you to submit a paper and to attend this workshop to help shape the next steps for the Web Cryptography API.
The Web Cryptography Working Group will be rechartering their Working Group after exiting the Candidate Recommendation phase, and this is expected to happen at some point this year. Thus, having a clear consensus on how the current API can be extended is vital to plan the next phase of the Working Group, or any new Working Groups that may be related. Various aspects of the technology needed for high-value authentication may also be well-suited for existing other Working Groups or new Working Groups.
Possible topics include, but are not limited to the following:
If you are working at the intersection of the Web and authentication, we want you to attend this workshop. We also want to know more about what direction the Web Cryptography API should take in the coming years.
Participation is free and open to W3C members and non-members. Due to space constraints, the workshop is limited to 70 attendees.
Position papers or statements of interest are required to be eligible to participate in this workshop. Organizations or individuals wishing to attend must submit a position paper explaining their perspectives on a workshop topic of their choice no later than 30 July 2014. Participants should have an active interest in the area selected, ensuring other workshop attendees will benefit from the topic and their presence.
Position papers should:
See the position papers submitted for the previous W3C workshop that led to the Web Cryptography Working Group as an example.
The authors of particularly salient or representative submissions will be given the opportunity to present their position at the workshop, to foster discussion. Those submitters not selected to present are still encouraged to attend the workshop to contribute to the discussion, although we still have a strict upper limit of 70.
Position papers must be in English, and HTML format is strongly preferred, though we will also accept plain text or PDF format; presentation slides are also preferred to be in HTML, but other slide formats are acceptable. All submissions should be a few paragraphs to two pages in length (approximately 500–2000 words), although they may link to longer versions or appendices.
Please note that all submitted position papers will be published on the public Web page of the workshop.
Position papers should be submitted via email to the <firstname.lastname@example.org> mailing list.
W3C's Web Cryptography Next Steps Workshop is at Microsoft's Silicon Valley Labs in Mountain View, California
1065 La Avenida St
Mountain View, CA 94123
United States+1 (650) 693-1001
10-11 September 2014
Note that hotels in the Mountain View area tend to book fast, so booking your hotel soon is recommended.
The nearest airport is the San Jose International Airport (SJO).
The workshop will focus around several topics identified by the position papers. Each topic session starts with 1–3 five-minute lightning talks, followed by 30–45 minutes of discussion. The goal of the discussion is not be to resolve the technical issues of the topic, but to determine its relevance and priority to the next steps in the charter of the Web Cryptography Working Group or any other existing or new Working Groups. The workshop day will end with a session on establishing the planned deliverables of a revised Web Cryptography Working Group charter or any other existing or new charter.
W3C Workshops, meetups, and other events bring you into direct contact with leading Web technology experts: representatives from industry, research, government, and the developer community.
Whether your interests are focused on a particular topic being discussed by a Working Group, or you wish to reach a diverse international audience setting W3C's strategic direction, sponsorship helps your organization reach W3C's engaged participants.
Sponsorships offset a portion of our meeting costs, so W3C welcomes multiple sponsors for each event. All proposals for sponsorship are subject to W3C approval.
If you're interested in being a sponsor of the W3C Next Steps for Web Cryptography Workshop, please contact J. Alan Bird at email@example.com or +1 617 253 7823.
For additional information, please visit the Sponsorship program.