Anzeige-Sprache von Mozilla
Gelinde
ales in deutscher Sprache auswählen könnte, was leider für viele
Anzeigen nicht zutrifft.
mfG Gelinde
Axel.N...@telekom.de
http://www.w3.org/2011/identity-ws/
-Axel
Background
As the Web becomes increasingly a focal point for economic and social activity, there is an urgent need for trustworthy, widely-applicable digital identity management. This includes the need for authentication and authorization to work across multiple web-sites, enterprises, devices, and browsers in a uniform and easy-to-use manner. For critical enterprise activity, effective government engagement, and sensitive social information accessed over the Web, a higher level of identity assurance, privacy protection, and security is required beyond simple username/password combinations. To address many of these issues, digital identity should become a core part of Web architecture, enabled by a combination of server and client-side solutions. Achieving this vision, however, requires addressing numerous technical, operational, policy, and legal issues. This workshop's purpose is to consider how the intersection of those issues with the use of browser technology can lead to this vision.
Many approaches to managing digital identity, such as SAML and OpenID, have been deployed without requiring special-purpose technology on the browser client. There is, however, a general understanding within the technical community that client-side mechanisms working together with the server will improve usability, security, and trust. Ideally, effective identity authentication and authorization shouldn't be tied to a single browser, but be capable of being switched across multiple devices such as phones and desktops in a privacy-respecting manner. At the same time, it would need to provide a level of assurance high enough to be suitable for use in financial, healthcare, and government-grade applications. Implementing digital identity technologies of this sort is an effort that crosses the boundary between server and client. Rather than starting from a blank slate, any new work should compliment existing technologies while enhancing usability, privacy, and security.
Goals and Scope
This workshop will investigate strategies to facilitate the development and deployment of improved identity authentication and authorization technologies across the Web. Solutions to be explored are effective enhancements to Web browsers that lead to trustworthy benefits that can be realized in the near term. Also included in the workshop will be explorations into the operational, policy, and legal issues that must be addressed by the solutions. Results from this workshop will provide input to existing and possible future co-ordination and standardization work at W3C. Among the relevant W3C Working Groups interested in this work include:
- the W3C Web Applications Working Group;
- the W3C Federated Social Web Incubator Group;
- the W3C Geolocation Working Group;
- the W3C Device API and Policy Working Group.
The workshop is attracting a broad set of stakeholders, including implementers of browsers, user-interface designers, as well as developers and operators of Web applications that rely on digital identities. Also participating are digital identity experts focused on legal, policy, privacy, and security considerations. The workshop will feature presentations of key ideas and from implementers, while also reserving significant time for effective open-space discussion with participants.
Participation Requirements
All participants are required to submit a position paper via Easychair by April 22nd 2011. W3C membership is not required to participate in this workshop.
Topics for position papers may include, but are not limited to:
- mutually beneficial relationships between server-side and client-side identity approaches;
- novel and existing approaches toward digital identity on the Web that could be integrated across browsers;
- interactions between identity in the browser and the use of identity across multiple devices;
- the relationship between the Web and enterprise identity;
- How websites communicate their account management interfaces and their requirements for authentication;
- user experience and interface issues for identity and security in the browser;
- APIs for identity management and security tokens;
- statements of interest and implementation experience from browser vendors, Web application developers, and plug-in developer;
- analysis of current digital identity solutions in terms of security and privacy;
- anonymity, reputation, and zero-knowledge proofs;
- assuring trustworthy results, including obligations and responsibilities of both users and browsers;
- use-cases and requirements from enterprise, online banking, government, health, business, regulatory bodies, and activist groups;
- social, policy, and legal regulatory issues relating to identity, security, and privacy as they potentially impact any of the above;
- proposals for co-ordination between standards bodies long active in the digital identity space and the W3C.
The total number of participants will be limited. To ensure diversity, a limit might be imposed on the maximum number of participants per organization.
Instructions for how to register will be sent to submitters of accepted position papers. These instructions will also indicate a possible limit on the maximum number of participants per organization.
Workshop sessions and documents will be in English. Position papers, presentations, minutes and the workshop report will be public.
There is no fee to participate.
Expression of Interest
To help the organizers plan the workshop: If you wish to participate, please as soon as possible send a message to hha...@w3.org with a short (one paragraph) "expression of interest" stating:
- that a representative from your organization plans to submit a position paper
- how many participants your organization is sending
- whether or not you wish to make a presentation
Note: Sending that expression of interest does not mean that you registered for the workshop. It is still necessary to send a position paper (see below).
Position Papers
You paper must meet the following criteria:
- explains your interest in the Workshop
- aligned with the Workshop's stated goals as outlined above.
- Maximum of 5 pages long
- formatted in (valid) HTML/XHTML, PDF, or plain text
Based on a review of all submitted position papers, the Program Committee will select the most relevant and invite the submitters of those papers to the Workshop. From among all accepted papers, the program committee will choose a small number of papers judged most appropriate for fostering discussion, and ask the authors of those papers to give short presentations about them at the Workshop. After the workshop, those presentations will then be published on the workshop home page. However, the primary focus of the workshop will not be on presentations, but on open discussion and consensus on future directions for identity in the browser.
Important dates
| Date | Event |
|---|---|
| March 21st 2011 | Call for Participation issued |
| April 22nd 2011 | Deadline for position papers |
| May 9th 2010 | Program released |
| May 16th 2011 | Deadline for registration |
| May 24-25th 2011 | Workshop |
Workshop Organization
Workshop sessions and documents will be in English.
Chairs
- J. Trent Adams,ISOC
- Harry Halpin, W3C
Program Committee
- Siddharth Bajaj, Symantec
- Wendell Craig Baker, Yahoo!
- Aaron Brauer-Rieke, Center for Democracy and Technology
- Joni Brennan, Kantara Initiative
- David Crocker, Brandenberg InternetWorking
- Matthew Gardiner, CA Technologies
- Kaliya Hamlin, Identity Commons
- Mike Hanson, Mozilla
- Dick Hardt
- Sam Hartmann, Painless Security
- Ashish Jain, Paypal
- Ben Laurie, Google
- Mark Masse, Disney
- Eve Maler, Forrester Research
- Prateek Mishra, Oracle
- Deirde Mulligan, UC Berkeley
- Yutaka Oiwa, AIST
- Mike Perry, Tor Project
- Yngve Pettersen, Opera
- Aza Raskin, MassiveHealth
- David Recordon, Facebook
- David Singer, Apple
- Tom Smedinghoff, Wildman Harrold
- Don Thibeau, OpenID Foundation
- Paul Trevithick, Azigo
- John Tolbert, Boeing
- Rigo Wennig, W3C
- Craig Wittenberg, Microsoft
Venue
The Workshop will be hosted in Mountain View by the Mozilla Foundation. More detailed venue information will be made available in due course.
Deliverables
Position papers, agenda, accepted presentations, and report will also be published online.