Harry Halpin
2012-04-09 21:39:10 UTC
Everyone - thanks for all the feedback and work since the Workshop, we're finally launching:
W3C launched today a new Web Cryptography Working Group, whose
mission is to define an API that lets developers implement
secure application protocols on the level of Web applications,
including message confidentiality and authentication services,
by exposing trusted cryptographic primitives from the browser.
Web application developers will no longer have to create their
own or use untrusted third-party libraries for cryptographic
primitives. This will improve security on the Web. Some of the
chartered use cases for this API include:
http://www.w3.org/2012/webcrypto/
http://www.w3.org/2011/11/webcryptography-charter
* The ability to select credentials and sign statements can
be necessary to perform high-value transactions such as
those involved in finance, corporate security, and
identity-related claims about personal data.
* The provisioning and use of keys within Web applications
can be used for scenarios such as increasing the security
of user authentication and determining whether a particular
device is authenticated for particular services.
* The ability to check source integrity before executing
Javascript code previously stored in local storage.
Learn more about the Security Activity.
http://www.w3.org/Security/Activity
W3C launched today a new Web Cryptography Working Group, whose
mission is to define an API that lets developers implement
secure application protocols on the level of Web applications,
including message confidentiality and authentication services,
by exposing trusted cryptographic primitives from the browser.
Web application developers will no longer have to create their
own or use untrusted third-party libraries for cryptographic
primitives. This will improve security on the Web. Some of the
chartered use cases for this API include:
http://www.w3.org/2012/webcrypto/
http://www.w3.org/2011/11/webcryptography-charter
* The ability to select credentials and sign statements can
be necessary to perform high-value transactions such as
those involved in finance, corporate security, and
identity-related claims about personal data.
* The provisioning and use of keys within Web applications
can be used for scenarios such as increasing the security
of user authentication and determining whether a particular
device is authenticated for particular services.
* The ability to check source integrity before executing
Javascript code previously stored in local storage.
Learn more about the Security Activity.
http://www.w3.org/Security/Activity