Information

Cryptography Usage Guideline in Web Standards
  • Upcoming
  • Tentative
  • Breakout Sessions

Meeting

Event details

Date:
Japan Standard Time
Status:
Tentative
Location:
R09
Participants:
Veronica Cristiano, Simone Onofri
Big meeting:
TPAC 2025 (Calendar)

Several Web standards rely on cryptographic algorithms to ensure security and privacy properties.
However, choosing the right algorithm and configuring it correctly is often challenging for developers who are not cryptography experts. The number of available algorithms, evolving standards, and frequent deprecations make it difficult to identify secure and interoperable solutions.

SING Interest Group proposes a session on the use of cryptography to present an ongoing draft addressing this topic.
This draft document aims to provide a clear and practical overview of standardized cryptographic algorithms and their recommended usage in various contexts. It offers guidelines on when and how to use specific algorithms, parameter choices, and common pitfalls to avoid — promoting a consistent, standards-based, and secure use of cryptography across web technologies.

You can find the most recent editor's draft at https://w3c.github.io/security-guidelines-cryptography/.

The purpose of this session is to present the current version of the document and discuss its content, by collecting feedback from participants and discussing some open points that require further analysis or decisions.

Agenda

Chairs:
Veronica Cristiano, Simone Onofri

Description:
Several Web standards rely on cryptographic algorithms to ensure security and privacy properties.
However, choosing the right algorithm and configuring it correctly is often challenging for developers who are not cryptography experts. The number of available algorithms, evolving standards, and frequent deprecations make it difficult to identify secure and interoperable solutions.

SING Interest Group proposes a session on the use of cryptography to present an ongoing draft addressing this topic.
This draft document aims to provide a clear and practical overview of standardized cryptographic algorithms and their recommended usage in various contexts. It offers guidelines on when and how to use specific algorithms, parameter choices, and common pitfalls to avoid — promoting a consistent, standards-based, and secure use of cryptography across web technologies.

You can find the most recent editor's draft at https://w3c.github.io/security-guidelines-cryptography/.

The purpose of this session is to present the current version of the document and discuss its content, by collecting feedback from participants and discussing some open points that require further analysis or decisions.

Goal(s):
Collect feedback on the draft document and discuss open points

Materials:

Joining Instructions

Instructions are restricted to W3C users . You need to log in to see them.

Export options

Personal Links

Please log in to export this event with all the information you have access to.

Public Links

The following links do not contain any sensitive information and can be shared publicly.

Feedback

Report feedback and issues on GitHub.