In the last meeting of the W3C Security Group on February 22, 1995 a strong sentiment was expressed that development of the W3C security protocol could proceed from an existing commercial design through the addition of features of other competing designs. Unfortunately, this suggestion was interpreted by some as endorsement of the base design as the W3C security standard.
This is not the case: No current security protocol has been endorsed by W3C security standard. To ensure that the future W3C security standard is widely accepted in accordance with the above objectives, current development is proceeding both top-down and bottom-up along the sequence scenarios - requirements - design - implementation. It is a plan of the W3C team that transition to the W3C security protocol be enabled by software which will interoperate with existing Web products that provide security.
At the February 22 meeting, several W3C members offered development resources toward this standard. While a formal release date has not yet been set, we expect an initial release to be issued by the end of the year. Formal adoption of the protocol will proceed according to the W3C Consortium standard setting process.
Director, W3 Consortium
MIT Laboratory for Computer Science