Could be a great place for someone wearing a Project SAFE hat (and T-shirt ;-)) to present a paper.
W3C Workshop on Authentication, Hardware Tokens and Beyond
Many projects and companies are now requiring high security Web applications with improved authentication, and the W3C is positioned to enable technologies ranging from simple multi-factor authentication to full-blown smartcard-based authentication available to Web applications. For an example of new relevant work, the Web Cryptography API will soon expose standardized cryptographic functionality to Web applications across all major browsers.
Before re-chartering Web Cryptography Working Group or any new Working Group, the W3C believes that consensus around a long-term strategy should be solidified, and so the W3C is holding a workshop to determine what the web ecosystem needs to fully realize the potential of authentication on the Web in interoperating with other groups such as the FIDO Alliance and the Smartcard Alliance.
The aim of this workshop is to bring together those interested in discussing the integration of high-value authentication and hardware-based security in the Open Web Platform. This integration could make available to the Open Web Platform the current security capabilities of platforms via standards in this area.
Goals and Scope
The integration of hardware tokens for Web applications has been discussed in several Working Groups in W3C, such as the Web Cryptography Working Group, the SysApps Working Group, and in other workshops. Nevertheless there are different forms of secure tokens (from smartcards to secure micro-SD) and different services that could be brought by those trusted elements (storage, cryptographic operations, secure operations, authentication). Industry efforts in this area like the FIDO Alliance, which includes the use of mobile devices and biometric readers for authentication, have also been rapidly maturing and could intersect with the W3C in a number of mutually beneficially ways. The goal of this workshop is to outline a consensus for future deliverables and scope for the Web Cryptography Working Group charter or another Working Group charter and potentially list secure services to be developed on the Open Web Platform.
We invite you to submit a paper and to attend this workshop to help shape the next steps for the Web Cryptography API.