Information

Cryptography Usage Guideline in Web Standards
  • Past
  • Confirmed
  • Breakout Sessions

Meeting

Event details

Date:
Japan Standard Time
Status:
Confirmed
Location:
Floor 5 - 504
Participants:
Jordan Bayles, Chris Blume, Bert Bos, Tim Cappalli, Veronica Cristiano, Tommaso De Orchi, Nick Doty, Zahra Ebadi Ansaroudi, Tatsuya HAYASHI, Johann Hofmann, Rogerio Matsui, Koichi Moriyama, Simone Onofri, Amir Sharif, Kouhei Ueno, Anna Weine, Elaine Wooton
Big meeting:
TPAC 2025 (Calendar)

Several Web standards rely on cryptographic algorithms to ensure security and privacy properties.
However, choosing the right algorithm and configuring it correctly is often challenging for developers who are not cryptography experts. The number of available algorithms, evolving standards, and frequent deprecations make it difficult to identify secure and interoperable solutions.

SING Interest Group proposes a session on the use of cryptography to present an ongoing draft addressing this topic.
This draft document aims to provide a clear and practical overview of standardized cryptographic algorithms and their recommended usage in various contexts. It offers guidelines on when and how to use specific algorithms, parameter choices, and common pitfalls to avoid — promoting a consistent, standards-based, and secure use of cryptography across web technologies.

You can find the most recent editor's draft at https://w3c.github.io/security-guidelines-cryptography/.

The purpose of this session is to present the current version of the document and discuss its content, by collecting feedback from participants and discussing some open points that require further analysis or decisions.

Agenda

Chairs:
Veronica Cristiano, Simone Onofri

Description:
Several Web standards rely on cryptographic algorithms to ensure security and privacy properties.
However, choosing the right algorithm and configuring it correctly is often challenging for developers who are not cryptography experts. The number of available algorithms, evolving standards, and frequent deprecations make it difficult to identify secure and interoperable solutions.

SING Interest Group proposes a session on the use of cryptography to present an ongoing draft addressing this topic.
This draft document aims to provide a clear and practical overview of standardized cryptographic algorithms and their recommended usage in various contexts. It offers guidelines on when and how to use specific algorithms, parameter choices, and common pitfalls to avoid — promoting a consistent, standards-based, and secure use of cryptography across web technologies.

You can find the most recent editor's draft at https://w3c.github.io/security-guidelines-cryptography/.

The purpose of this session is to present the current version of the document and discuss its content, by collecting feedback from participants and discussing some open points that require further analysis or decisions.

Goal(s):
Collect feedback on the draft document and discuss open points

Materials:

Minutes

 Read minutes

Export options

Personal Links

Please log in to export this event with all the information you have access to.

Public Links

The following links do not contain any sensitive information and can be shared publicly.

Feedback

Report feedback and issues on GitHub.