W3C

Category Archives: Security

Perspectives on security research, consensus and W3C Process

Linux Weekly News published a recent story called “Encrypted Media Extensions and exit conditions”, Cory Doctorow followed by publishing “W3C DRM working group chairman vetoes work on protecting security researchers and competition”. While the former is a more accurate account of the status, we feel obligated to offer corrections and clarifications to the latter, and […]
More…

HTML Media Extensions to continue work

The HTML Media Extensions Working Group was extended today until the end of September 2016. As part of making video a first class citizen of the Web, an effort started by HTML5 itself in 2007, W3C has been working on many extension specifications for the Open Web Platform: capturing images from the local device camera, […]
More…

The Evolving Web Security Strategy: The Web Authentication Working Group to end passwords

Passwords are one of the most irritating and least secure parts of our everyday Web experience. Users re-use passwords, so when a single server is hacked, millions are put at risk across multiple websites. We can’t expect users to remember long and complicated passwords. A new effort at W3C called the Web Authentication Working Group […]
More…

Supporting HTTPS and HSTS on w3.org

W3C servers at MIT. W3C advocates that the Web platform “actively prefer secure communication”. Thanks to recent work in the Web Application Security Working Group and supporting client implementations, and the deployment work of the W3C Systems Team, we are now able to provide HTTPS access to all W3C resources. All W3C documents, including Recommendations, […]
More…

From a world-wide web of pages to a world-wide web of things – interoperability for connected devices

W3C is seeking to unlock the potential of the Internet of Things and reduce its fragmentation. Jeff Jaffe (W3C CEO) will give a keynote at the Industry of Things World USA conference in San Diego on 25 February 2016. He will explain how W3C is focusing on simplifying application development through a platform of platforms […]
More…

An array of tools to ensure security and privacy of the Open Web Platform

As noted in “Better specifications for the sake of the Web” last month, W3C conducts wide reviews for an ever-increasing number of specifications; and Virginie and Richard provided some tips to make those reviews more effective. We’re pleased to add more tools, focused on privacy and security on the Web. Today, the Technical Architecture Group […]
More…

W3C Welcomes the FIDO 2.0 Member Submission

Today, W3C welcomes the FIDO 2.0 Platform specifications as a Member Submission. On the Web, passwords are both an everyday inconvenience for users and a weakness against modern security threats. Users re-use passwords across different sites and password databases are irresistible targets for an enterprising attacker. W3C is committed to bringing the Web to its […]
More…

Better specifications for the sake of the Web

This post is co-authored by Virginie Galindo and Richard Ishida, currently working hand in hand to promote better wide review of W3C specifications. The Open Web Platform is getting increased traction from new communities and markets thanks to the attractive portability and cross-device nature of its specifications – characteristics which are strengthened by horizontal and […]
More…

TPAC2015 and IETF94

We held TPAC 2015, our annual organization-wide meeting, on 26-30 October 2015 in Sapporo, Japan. We registered a record attendance of 580 participants throughout the week, breaking last year’s record participation of 550. 43 work groups met face-to-face, participants organized 50 breakout sessions on security, web payments, web of things, web-based signage, HTML, Testing, CSS, […]
More…