DRAFT Web Identity Working Group Charter

This document was a draft for informal review. It led to the chartering of a separate Web Cryptography Working Group.

For informal discussion of Web identity work ideas, send comments and subscribe to public-identity@w3.org (public archives).

The mission of the Web Identity Working Group, part of the Security Activity, is to provide specifications to enable an improved and secure experience around identity on the Web, including multiple personae and private browsing on the Web.

Join the Web Identity Working Group.

End date 30 November 2013
Confidentiality Proceedings are Public
Chairs @@ (@@)
@@ (@@)
Team Contacts
Harry Halpin (FTE %: @@)

Usual Meeting Schedule Teleconferences: topic-specific calls may be held, normally weekly.
Face-to-face: We will meet during the W3C's annual Technical Plenary week; other additional F2F meetings may be scheduled


The mission of the Web Identity Working Group is to provide Web developers secure and uniform access to elementary cryptographic operations, session state information, and authentication credentials for devices like browsers. We also will enable cross-device identity synchronization across these environments. These specifications will application programming interfaces (APIs) and, if necessary, formats.

The Web Identity Working Group deliverables must address issues of accessibility, internationalization, mobility, security, and privacy. This group will strive to make its work compatible with existing server-side identity solutions including SAML, OpenID, and OAuth and will focus on increasing uniform support for asymmetric cryptography amongst browsers and in existing solutions although password-based (symmetric) systems should be supported.

The Web Identity Working Group should aim to produce specifications that have wide deployment amongst end-users, and so should work carefully with as many major implementers as possible. The Web Identity Working Group should adopt, refine and when needed, extend, existing practices and community-driven draft specifications when possible. The identity work should integrate well with Web Applications and so should be developed in concert with Web Application developers and the Web Application and HTML Working Groups. Comprehensive test suites will be developed for each specification to ensure interoperability, and the Working Group will assist in the production of interoperability reports.

Success Criteria

In order to advance to Proposed Recommendation, each specification is expected to have two independent implementations of each of feature defined in the specification.


Recommendation-Track Deliverables

The working group will deliver at least the following:

Other Deliverables

Additionally, the Web Identity Working Group has the goal to improve the deployment of secure and privacy-respecting identity on the Web through outreach and interaction with the larger identity eco-system and by participating in both industry and government-led joint efforts with other organizations in the identity eco-system. So other non-normative documents may be created such as:

Note: The group will document significant changes from this initial schedule on the group home page.
Specification FPWD LC CR PR Rec
Cryptography API December 2011 February 2012 July 2012 September 2012 November 2012
Web Identity Sync March 2012 September 2012 March 2011 August 2012 October 2013
Identity API March 2012 September 2012 March 2011 August 2012 October 2013


The production of the deliverables depends upon the resources available, and will change as new information and implementation experience is reported to the group. The most up-to-date timeline is available from the Web WG Publication Status page.

Dependencies and Liaisons

HTML Working Group
To co-ordinate with any identity-specific features that may need to be added to HTML in order to better enable identity managers in browsers such as a proposals for session-specific form markup.
Web Applications Working Group
To co-ordinate with APIs and features around building Web Applications
Device APIs and Policy Working Group
To coordinate regarding features for devices services such as Contacts and the File API functionality.
Protocols and Formats Working Group
To ensure that Web Identity WG deliverables support accessibility requirements.
Privacy Interest Group
So that users have options to respect their privacy, the Web Identity working group should engage in any developments in privacy.
WebAppSec Working Group
To co-ordinate with any security requirements and specifications arising from the security needs of Web Applications.
So that users have options to respect their privacy as regards third-party tracking, the Web Identity Working Group may interact with preference expression mechanisms and technologies for selectively allowing or blocking tracking elements.

Furthermore, the Web Identity Working Group expects to follow the following W3C Recommendations, Guidelines and Notes and, if necessary, to liaise with the communities behind the following documents:

External Groups

The following is a tentative list of external bodies the Working Group should collaborate with:

Internet Engineering Task Force
The IETF is responsible for defining robust and secure protocols for Internet functionality. A clear relationship with IETF is vital to assure the security and success of elements of Web Identity that supervenes upon protocol-level work. For example, the work of the Web Authorization Protocol (OAuth) Working Group will likely be a crucial underpinning and security reviews should involve the IETF Web Security (WebSec) Working Group . New and upcoming work may also be important, such as the JSON based cryptography formats being done in the IETF Web Object Encryption and Signing (WOES) Working Group, the Application Bridging for Federated Access Beyond Web (AFAB) Working Group and a possible new version of HTTP Auth.
ECMA Technical Committee 39 (TC39)
This is the group responsible for ECMAScript standardization and related features. As the Web Identity Working Group may require additional features to ECMAScript, it should collaborate with TC39.
Kantara Initiative
The Kantara Initative has several relevant groups such as the Identity and Access Services Work Group.
The Web Identity Working Group's work should enable higher-security and wider deployment of the SAML family of specifications and monitor working group.
OpenID Foundation
The Web Identity Working Group's work should enable higher-security and wider deployment of the OpenID family of specifications.
Open Identity Exchange
The Web Identity Working Group may have some interaction with trust frameworks.


To be successful, the Web Identity Working Group is expected to have 10 or more active participants for its duration, and to have the participation of the industry leaders in fields relevant to the specifications it produces. The Chairs and specification Editors are expected to contribute one to two days per week towards the Working Group. There is no minimum requirement for other Participants.

The Web Identity Working Group will also allocate the necessary resources for building test suites for each specification.

The Web Identity Working Group welcomes participation from non-Members. The group encourages questions and comments on its public mailing lists, as described in Communication. As needed, the group may also call for joint teleconferences and meetings with related organizations and standards bodies in the field of identity.

The group also welcomes non-Members to contribute technical submissions for consideration, with the agreement from each participant to Royalty-Free licensing of those submissions under the W3C Patent Policy. The Working Group may also call for the formation of Community Groups or work in other standards bodies such as the IETF.


Most Web Identity Working Group Teleconferences will focus on discussion of particular specifications, and will be conducted on an as-needed basis. At least one teleconference will be held per week.

Most of the technical work of the group will be done through discussions on one of the group's public mailing lists, for which there is no formal requirement for participation:

The group will use a Member-confidential mailing list for administrative purposes and, at the discretion of the Chairs and members of the group, for member-only discussions in special cases when a particular member requests such a discussion.

Information about the group (for example, details about deliverables, issues, actions, status, participants) will be available from the Web Identity Working Group home page.

Decision Policy

As explained in the W3C Process Document (section 3.3), this group will seek to make decisions when there is consensus and with due process. The expectation is that typically, an editor or other participant makes an initial proposal, which is then refined in discussion with members of the group and other reviewers, and consensus emerges with little formal voting being required. However, if a decision is necessary for timely progress, but consensus is not achieved after careful consideration of the range of views presented, the Chairs should put a question out for voting within the group (allowing for remote asynchronous participation -- using, for example, email and/or web-based survey techniques) and record a decision, along with any objections. The matter should then be considered resolved unless and until new information becomes available.

This charter is written in accordance with Section 3.4, Votes of the W3C Process Document and includes no voting procedures beyond what the Process Document requires.

Patent Policy

This Working Group operates under the W3C Patent Policy (5 February 2004 Version). To promote the widest adoption of Web standards, W3C seeks to issue Recommendations that can be implemented, according to this policy, on a Royalty-Free basis.

For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation.

About this Charter

This charter for the Web Identity Working Group has been created according to section 6.2 of the Process Document. In the event of a conflict between this document or the provisions of any charter and the W3C Process, the W3C Process shall take precedence.

Harry Halpin, <hhalpin@w3.org>, Team Contact
@@, <@@>, Team Contact
@@, @@, Chair
@@, @@, Chair

$Date: 2012/04/15 20:57:16 $