W3C Workshop on Identity in the Browser 24/25th May 2011, Mountain View (USA)

Call For Participation

Background

Now available:
Final Report

As the Web becomes increasingly a focal point for economic and social activity, there is an urgent need for trustworthy, widely-applicable digital identity management. This includes the need for authentication and authorization to work across multiple web-sites, enterprises, devices, and browsers in a uniform and easy-to-use manner. For critical enterprise activity, effective government engagement, and sensitive social information accessed over the Web, a higher level of identity assurance, privacy protection, and security is required beyond simple username/password combinations. To address many of these issues, digital identity should become a core part of Web architecture, enabled by a combination of server and client-side solutions. Achieving this vision, however, requires addressing numerous technical, operational, policy, and legal issues. This workshop's purpose is to consider how the intersection of those issues with the use of browser technology can lead to this vision.

Many approaches to managing digital identity, such as SAML and OpenID, have been deployed without requiring special-purpose technology on the browser client. There is, however, a general understanding within the technical community that client-side mechanisms working together with the server will improve usability, security, and trust. Ideally, effective identity authentication and authorization shouldn't be tied to a single browser, but be capable of being switched across multiple devices such as phones and desktops in a privacy-respecting manner. At the same time, it would need to provide a level of assurance high enough to be suitable for use in financial, healthcare, and government-grade applications. Implementing digital identity technologies of this sort is an effort that crosses the boundary between server and client. Rather than starting from a blank slate, any new work should compliment existing technologies while enhancing usability, privacy, and security.

Goals and Scope

This workshop will investigate strategies to facilitate the development and deployment of improved identity authentication and authorization technologies across the Web. Solutions to be explored are effective enhancements to Web browsers that lead to trustworthy benefits that can be realized in the near term. Also included in the workshop will be explorations into the operational, policy, and legal issues that must be addressed by the solutions. Results from this workshop will provide input to existing and possible future co-ordination and standardization work at W3C. Among the relevant W3C Working Groups interested in this work include:

The workshop is attracting a broad set of stakeholders, including implementers of browsers, user-interface designers, as well as developers and operators of Web applications that rely on digital identities. Also participating are digital identity experts focused on legal, policy, privacy, and security considerations. The workshop will feature presentations of key ideas and from implementers, while also reserving significant time for effective open-space discussion with participants.

Participation Requirements

All participants are required to submit a position paper via Easychair by April 27th 2011. W3C membership is not required to participate in this workshop. Submissions are currently closed.

Topics for position papers may include, but are not limited to:

The total number of participants will be limited. To ensure diversity, a limit might be imposed on the maximum number of participants per organization.

Instructions for how to register will be sent to submitters of accepted position papers. These instructions will also indicate a possible limit on the maximum number of participants per organization.

Workshop sessions and documents will be in English. Position papers, presentations, minutes and the workshop report will be public.

There is no fee to participate.

Expression of Interest

To help the organizers plan the workshop: If you wish to participate, please as soon as possible send a message to [email protected] with a short (one paragraph) "expression of interest" stating:

Note: Sending that expression of interest does not mean that you registered for the workshop. It is still necessary to send a position paper (see below).

Position Papers

Your paper must meet the following criteria:

Based on a review of all submitted position papers, the Program Committee will select the most relevant and invite the submitters of those papers to the Workshop. From among all accepted papers, the program committee will choose a small number of papers judged most appropriate for fostering discussion, and ask the authors of those papers to give short presentations about them at the Workshop. After the workshop, those presentations will then be published on the workshop home page. However, the primary focus of the workshop will not be on presentations, but on open discussion and consensus on future directions for identity in the browser.

Important dates

Date Event
March 21st 2011 Call for Participation issued
April 27th 2011 Deadline for position papers
May 13th 2011 Program released
May 16th 2011 Deadline for registration
May 24-25th 2011 Workshop

Workshop Organization

Workshop sessions and documents will be in English.

Chairs

Program Committee

Venue

The workshop will be hosted in Mountain View by the Mozilla Foundation at their headquarters at 650 Castro St. Suite 300, Mountain View, CA 94041. The 650 building is a five-story office building, with a Le Boulanger and UPS Store at the ground level. From the main lobby, take the elevator to the second floor. On exiting the elevator, turn right into the Mozilla lobby (look for the giant metal dinosaur). Snacks and lunch will be provided both days, with dinner provided on the 24th.

The building is near the south end of the street, close to El Camino Real. Caltrain access is convenient; the train stop is at the north end of Castro, about a six-block walk to the building.

For those coming by car, parking on Castro is limited to two hours, but there are numerous city lots located within three blocks. The Mountain View City Hall/Performing Arts Center has a large street lot behind the building. Castro Avenue's cross streets also have all-day street parking.

There are numerous hotels within either walking distance or a short taxi ride away, such as:

Nearby Events

Coming up earlier in the month of May is the 12th Internet Identity Workshop May 3-5 in Mountain View, which will include discussions about identity in the browser (and other agents) along with identity on the web generally. "IDBrowser" will give attendees of the W3C Workshop on Identity in the Browser 30% the regular registration price.

Our W3C workshop is partially overlapping with the IEEE Symposium on Privacy and Security and right before the Web 2.0 Privacy and Security workshop in Oakland. So, feel free to register for both these international security events as well as the W3C workshop.

Deliverables

Position papers, agenda, accepted presentations, and report will also be published online.