Since a couple of years I am an active member of the W3C Web Cryptography Working Group.

On 10 and 11 September W3C organizes a workshop about the next steps for cryptography on the web. And because a lot of people ask me how these meetings are organized, I will give a little insight in our Working Group.

The workshop will start with some general sessions to define the goals of our two days of meetings. After this introduction the first block of presentations are about incremental changes that could be made to the current W3C Web Cryptography API, which is now being implemented in browsers. In this block I will present a proposal on how we could extend the Web Cryptography API to also support signing documents with legally binding digital signatures. The presentation will be followed by a panel discussion in which we shall discuss all proposed changes in more detail. The rest the day will be filled with presentations and a panel about how the Open Web Platform can best incorporate various new multi-factor authentication technologies, ranging from biometrics to hardware tokens.

The second day will start with a session about hardware tokens for trusted execution environments. Followed by a session about exciting new security features for the web. The workshop will close with a panel about what W3C’s focus should be, for the next coming years, related to security and more specifically cryptography on the web.

I’m looking forward to participate in these interesting discussions during the sessions, breaks, breakout sessions and evenings.