World Wide Web Consortium - W3C
Main
- World Wide Web Consortium (W3C) Type: Site
- W3C - ICANN WIki From: ICANN Wiki Type: Entry Date: 2022-04-05 Focus: history
- World Wide Web Consortium (W3C) From: W3C Type: Page Date: 2022-06-01
- W3C Mission From: W3C Type: Page Date: 2023-01-01 Focus: history
- Facts About W3C From: W3C Type: Page Date: 2023-01-01 Focus: history
- Standards - W3C From: W3C Type: Page Date: 2021-01-01
The World Wide Web Consortium (W3C) is an international community that develops open standards to ensure the long-term growth of the Web.
First started as an IETF application area at the beginning of 1990, the Web standard stack, given its foreseen volume and applicative nature on top of the Internet protocols, quickly spun off its own forum. The W3C then laid the foundations of the Web with the development of HTML 4 and XML at the end of the last century. It still works closely with IETF today, on the HTTP or URL specifications and in other areas of common interest (e.g. crypto, security, video).
an international community where Member organizations, a full-time staff, and the public work together to develop Web standards. Led by Web inventor and Director Tim Berners-Lee and CEO Jeffrey Jaffe, W3C’s mission is to lead the Web to its full potential.
On 29 August 2012 five leading global organizations jointly signed an agreement to affirm and adhere to a set of Principles in support of The Modern Paradigm for Standards; an open and collectively empowering model that will help radically improve the way people around the world develop new technologies and innovate for humanity.
In 1989, Tim Berners-Lee invented the World Wide Web (see the original proposal). He coined the term “World Wide Web,” wrote the first World Wide Web server, “httpd,” and the first client program (a browser and editor), “WorldWideWeb,” in October 1990. He wrote the first version of the “HyperText Markup Language” (HTML), the document formatting language with the capability for hypertext links that became the primary publishing format for the Web. His initial specifications for URIs, HTTP, and HTML were refined and discussed in larger circles as Web technology spread.
W3C standards define an Open Web Platform for application development that has the unprecedented potential to enable developers to build rich interactive experiences, powered by vast data stores, that are available on any device. Although the boundaries of the platform continue to evolve, industry leaders speak nearly in unison about how HTML5 will be the cornerstone for this platform. But the full strength of the platform relies on many more technologies that W3C and its partners are creating, including CSS, SVG, WOFF, the Semantic Web stack, XML, and a variety of APIs.
Working Groups
Decentralized Identifiers Working Group
Verifiable Credentials Working Group
JSON-LD Working Group
The Working Group maintains the JSON-LD specifications (i.e., JSON-LD 1.1, JSON-LD 1.1 API, JSON-LD 1.1 Framing) that together provide a JSON format for Linked Open Data to interoperate at web-scale, in a method which is familiar to and usable by web-focused software engineers.
JSON-LD Framing allows developers to query by example and force a specific tree layout to a JSON-LD document.
This specification describes a superset of the features defined in JSON-LD Framing 1.0 [JSON-LD10-FRAMING] and, except where noted, the algorithms described in this specification are fully compatible with documents created using the previous community standard.
This specification defines a set of algorithms for programmatic transformations of JSON-LD documents. Restructuring data according to the defined transformations often dramatically simplifies its usage. Furthermore, this document proposes an Application Programming Interface (API) for developers implementing the specified algorithms.
JSON is a useful data serialization and messaging format. This specification defines JSON-LD 1.1, a JSON-based format to serialize Linked Data. The syntax is designed to easily integrate into deployed systems that already use JSON, and provides a smooth upgrade path from JSON to JSON-LD. It is primarily intended to be a way to use Linked Data in Web-based programming environments, to build interoperable Web services, and to store Linked Data in JSON-based storage engines.
Developers share a common problem: they want a simple, but extensible way to create an API for a web service that gets the job done, doesn’t design them into a corner, and allows developers to easily interact with their service without reinventing the wheel. JSON-LD [JSON-LD] has become an important solution, as it bridges the gap between formally data and more colloquial JSON interfaces used in APIs from numerous providers. This guide attempts to define certain best practices for publishing data using JSON-LD, and interacting with such services.
This is the repository for a recommended context for JSON-LD 1.1, as well as the RDFa Core Initial Context, developed and maintained by the W3C JSON-LD Working Group. Most of the major resources in this repository are redirected from W3C URI-s that have been in use by the community for a while. These are as follows:
This specification describes a superset of the features defined in [JSON-LD10-FRAMING] and, except where noted, the algorithms described in this specification are fully compatible with documents created using the previous community standard.
This specification defines a set of algorithms for programmatic transformations of JSON-LD documents. Restructuring data according to the defined transformations often dramatically simplifies its usage. Furthermore, this document proposes an Application Programming Interface (API) for developers implementing the specified algorithms.
This specification describes a superset of the features defined in JSON-LD 1.0 [JSON-LD10] and, except where noted, documents created using the 1.0 version of this specification remain compatible with JSON-LD 1.1
Developers share a common problem: they want a simple, but extensible way to create an API for a web service that gets the job done, doesn’t design them into a corner, and allows developers to easily interact with their service without reinventing the wheel. JSON-LD [JSON-LD] has become an important solution, as it bridges the gap between formally data and more colloquial JSON interfaces used in APIs from numerous providers. This guide attempts to define certain best practices for publishing data using JSON-LD, and interacting with such services.
JSON-LD Teleconference Minutes
Since its original publication in 2014 by the RDF 1.1 Working Group, JSON-LD 1.0 has become an essential format for describing structured data on the World Wide Web. It is estimated to be used by between 10% and 18.2% of all websites. This is due largely to its adoption as a recommended format by schema.org. It has been adopted by several Recommendations including those from the Social Web, Web Annotation, and Linked Data Platform Working Groups, and current Working Groups have expressed interest in alignment of their specifications, such as the Publishing and Web of Things Working Groups. It has provided a much-needed bridge between communities that need rich semantics, and those that desire an intuitive and easily usable format (see separate wiki page for more details).
WebAuthN Working Group
The mission of the Web Authentication Working Group, in the Security Activity is to define a client-side API providing strong authentication functionality to Web Applications.
This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. Conceptually, one or more public key credentials, each scoped to a given WebAuthn Relying Party, are created by and bound to authenticators as requested by the web application. The user agent mediates access to authenticators and their public key credentials in order to preserve user privacy. Authenticators are responsible for ensuring that no operation is performed without user consent. Authenticators provide cryptographic proof of their properties to Relying Parties via attestation. This specification also describes the functional model for WebAuthn conformant authenticators, including their signature and attestation functionality.
The Web Authentication Working Group will develop recommendation-track specifications defining an API, as well as signature and attestation formats which provide an asymmetric cryptography-based foundation for authentication of users to Web Applications.
Overall goals include obviating the use of shared secrets, i.e. passwords, as authentication credentials, facilitating multi-factor authentication support as well as hardware-based key storage while respecting the Same Origin Policy (SOP) by default and allowing for explicit, constrained SOP relaxation.
W3C ID History
- W3C Workshop on Strong Authentication & Identity From: W3C Type: Page Date: 2018-12-11
- A Public Identity From: W3C By: Tim Berners-Lee Type: Page Date: 2018-01-19
- Call for Participation in Digital Identity Community Group From: W3C Type: Post Date: 2019-06-20
- The Platform for Privacy Preferences 1.1 (P3P1.1) Specification From: W3C Type: Specification Date: 2018-08-30
- Web Design Issues - Identity From: W3C By: Tim Berners-Lee 1998 Type: Page Date: 2009-08-27
- Identity Interoperability From: W3C Type: Post Date: 2013-01-07
- Identity Definitions in the P3P Specification From: W3C Type: Page Date: 2006-11-13
- Identity Rights Agreements and Provider Reputation From: W3C By: IdentityWoman, Phillip J. Windley, Aldo Castaneda Related: IDCommons Type: Page Date: 2006-01-26
- W3C Workshop on Identity in the Browser From: W3C Type: Report Date: 2011
- A draft charter of Web Identity From: W3C Related: Channy Yun Type: Post Date: 2011-10-05
- ISSUE-17: Identity, Agent, Person, Persona, Account etc. need clarifications From: W3C Type: Page Date: 2015-03-03
- WebID From: W3C Type: Entry Date: 2018-06-17
- USER IDENTITY ON THE WEB COMMUNITY GROUP From: W3C Type: Org Date: 2014-10-26
The W3C Strong Authentication and Identity Workshop gathered experts in the space to explore the existing standards landscape, examine existing technology roadmaps, and identify potential future work for how strong identity and strong authentication should work on the web. The workshop explored aligning recent W3C specifications (WebAuthn, Verifiable Claims, Web Payments) and work that is ongoing in the W3C Credentials Community Group (DID, DIDAuth) along with the IETF and ISO, as well as other existing community standards such as IndieAuth, Open ID Connect, OAuth, and SAML.
The world of the last few years has been buzzing with the need for personal privacy a world in which personal data is typically abused by large corporations on the (mistaken) belief that this is the only business model in a connected world. It seems to have got to the point where there has been so much focus on protecting the identity of an individual online that we have actually made it difficult, frustratingly and unnecessarily difficult, to actually claim a completely public identity online.
The mission of the W3C Digital Identity Community Group is to identify and resolve real world identity issues, to explore and build a more secure trusted digital identity ecosystem on internet for people, organizations and things fully controlling, protecting and expressing their identity. Our work focuses on the ecosystem’s scalability, interoperability, mobility, security and privacy. We intend to integrate interoperable identity solutions, systems and networks in our ecosystem.
This is the specification of the Platform for Privacy Preferences 1.1 (P3P 1.1). This document, along with its normative references, includes all the specification necessary for the implementation of interoperable P3P 1.1 applications. P3P 1.1 is based on the P3P 1.0 Recommendation and adds some features using the P3P 1.0 Extension mechanism. It also contains a new binding mechanism that can be used to bind policies for XML Applications beyond HTTP transactions.
Identifiers - what is identified?
When XML is used to represent a directed laballed graph which is used to represent information about things, then one must be able to make statements about parts of an XML document, parts of the DLG (such as RDF nodes) and of course the objects described.
TimBL’s diagram at TPAC2012Over the years many different authentication systems have been developed. Each one proposes a method for an agent to prove his relation to an identifier - called a Principal. A Principal is a string that can be mapped to a URI, that usually refers to some network resource, which itself can then be linked to a subject. An LDP authorization system may authenticate agents that are allowed access to a resource using different types of Principals. This page lists a number of ways Authorization agents can prove identity of an agent using one Principal, with an ACL that may be using a different type of Principal. The aim is to gather such examples together in order to find an general theory that underpins these proofs.
The P3P Specification Working Group has taken the view point that most information referring to an individual is «identifiable» in some way. As with other important areas of the specification, the goal of the working group was to allow for a wide variety of understandings of identity in order to allow data collectors to best express their policy and users to make choices based on a definition of identity information that is important to them. (1)
Abstract: While decentralized, user-centric identity systems provide hope that useful, secure identity systems may be possible on the Internet, ensuring that user data is protected in these system requires more than a technical solution. In this paper, we describe a project underway at Identity Commons to create a framework within which users can express their protection preferences (called identity rights agreements). Part of this project will establish a reputation system for identity providers and relying parties that engenders trust and lowers user risk.
Over the last ten years, for most end-users there has been no visible progress beyond cookie-managed usernames and passwords entered via HTML forms. Current password-based logins offers little value to the end-user, as they are forced to bear the onerous responsibility of remembering too many passwords or simply re-using low-security passwords.
As passwords and cookies are easily compromised, both web-site operators and users then expose themselves to massive security breaches. Despite the large amount of valuable standardization work on identity, it is unclear how user agents such as Web browsers can interact with both identity-consuming applications and server-side federated identity services, and many current identity specifications either assume or underspecify secure authentication in the browser. The key missing component to enable trusted identity on the Web is likely then to be found in user-centric cross-browser standards for secure authentication and session management.
The W3C has prepared Web Identity working group and make a draft charter. As following is main track for works.
As for today we don’t seem to have clear strategy on how to define and use Online Identity related concepts.
The W3C is still exploring better ways to do authentication, for example in the 2014 workshop on authentication. The WebID is a Community Group, and anyone can start a Community Group. A Community Group does not necessarily reflect the endorsement of the W3C, but we encourage grassroots communities to experiment with technology that may become a future standard.
Currently, more and more services are created on the web and require information about you, me, all of us. Therefore, users have to give away a lot of information about themselves to many different services. The point is that the users lose control of their identity on the web, by filling a lot of forms (e.g., through subscriptions). Privacy on the Internet is extremely important and must remain. Personal information is used by services we, sometimes, don’t even know about, and it is a real problem. The aim of this group would be to think about new ways to identify individuals over the internet using trusted web based identities embedded directly into the core protocols of the web. At the same time it is important to maintain equilibrium between total privacy and providing information when needed, which means, when the user wants to.
ID in the Browser 2011
- Identity in the Browser: Easy Wins and Guiding Principles From: W3C By: Naveen Agarwal, Miranda Callahan, Tyler Close, Travis McCoy, Chris Messina, Glen Murphy, Dirk Pranke Related: Google Type: Paper Date: 2011
- National Strategy for Trusted Identities in Cyberspace - Requirements and Potential Use Cases From: W3C By: Peter Alterman Related: NIH Type: Paper Date: 2011
- A Vision for Browser-Assisted Web Authentication From: W3C By: Siddharth Bajaj, Slawek Ligier Related: Symantec Type: Paper Date: 2011
- The Chained Identity Systems of Online Entertainment From: W3C By: Wendell Baker Related: Yahoo! Type: Paper Date: 2011
- Identity in the Platform - Thinking Beyond the Browser From: W3C By: Dirk Balfanz Related: Google Type: Paper Date: 2011
- Web authentication is deeply flawed, and it is time to fix it From: W3C By: Patrik Bichsel, Dave Raggett, Rigo Wenning Type: Paper Date: 2011
- Considering Browsers' Role in a User-Centric Online Identity Ecosystem: Privacy and Context From: W3C By: Aaron Brauer-Rieke Related: Center for Democracy & Technology Type: Paper Date: 2011
- Expression of Interest - Improving Identity Management on the Internet From: W3C By: David W Chadwick, George Inman, Kristy Siu Related: University of Kent Type: Paper Date: 2011
- NSTIC, Privacy and Social Login From: W3C By: Francisco Corella, Karen P. Lewison Related: Pomcor Type: Paper Date: 2011
- Tailored Signatures with DOSETA From: W3C By: D. Crocker Related: Brandenburg InternetWorking Type: Paper Date: 2011
- AuthenTec Online Open Authentication From: W3C By: Vito Fabbrizio, Greg Kerr Related: AuthenTec Type: Paper Date: 2011
- Account Management: A Deployment and Usability Problem From: W3C By: Phillip Hallam-Baker Related: Comodo Group Type: Paper Date: 2011
- Empowering Individuals with Tools to Manage Their Personal Data for the Identity in the Browser From: W3C By: Kaliya Hamlin, Mary Hodder Related: Personal Data Ecosystem Consortium Type: Paper Date: 2011
- Federated Browser-Based Identity using Email Addresses From: W3C By: Mike Hanson, Dan Mills, Ben Adida Related: Mozilla Type: Paper Date: 2011
- The Chicken, the Egg and the Rooster: Why Internet Identity is Still Unsolved From: W3C By: Dick Hardt Type: Paper Date: 2011
- Identity as a Platform Service From: W3C By: Sam Hartman (Painless Security), Josh Howlett Related: JANET(UK) Type: Paper Date: 2011
- Looming private information fiasco versus the new cloud business model: The next generation will ask "Where were you when this was going down?" From: W3C By: Carl Hewitt Type: Paper Date: 2011
- Identity in the Browser - Avoiding Common Flaws From: W3C By: Brad Hill Type: Paper Date: 2011
- Importance and Impact of Requirements on Technical Solutions for Identity From: W3C By: Frederick Hirsch Related: Nokia Type: Paper Date: 2011
- Mobile Provided Identity Authentication on the Web From: W3C By: Jonas Hogberg Related: Ericsson Type: Paper Date: 2011
- The Nexus of Identity From: W3C By: Maryann Hondo, Mary Ellen Zurko, Matthew Flaherty, Paula K. Austel, Sridhar Muppidi Related: IBM Type: Paper Date: 2011
- How to Improve the Security around the Mobile User Authentication Process? From: W3C By: John Hwang Related: Neustar Type: Paper Date: 2011
- Evolution of Identity in the Face of a New Lightweight Web Services Paradigm Shift From: W3C By: Phil Hunt Related: Oracle Type: Paper Date: 2011
- The Emerging JSON-Based Identity Protocol Suite From: W3C By: Michael B. Jones Related: Microsoft Type: Paper Date: 2011
- Identity Security within Web Browsers From: W3C By: Kevin Jones, Narm Gradiraju, Jack Matheson Related: Intel Type: Paper Date: 2011
- Selected issues with web identity mechanisms and a possible way forward From: W3C By: Vladimir Katardjiev, Goran Eriksson Related: LM Ericsson AB Type: Paper Date: 2011
- Identity in the Federal Learning Registry From: W3C By: James Klo, Marie Bienkowski Related: SRI International Type: Paper Date: 2011
- Goals, Constraints, and Issues for Identity in the Browser From: W3C By: John Linn Related: RSA/EMC Type: Paper Date: 2011
- Browser Personas: Towards a Reasonable Middle Ground From: W3C By: Ben Livshits Related: Microsoft Type: Paper Date: 2011
- Backplane Protocol and Identity Scenario From: W3C By: Brian Mcginnis, Johnny Bufu, Vlad Skvortsov Related: Echo Type: Paper Date: 2011
- Privacy Delegate: a browser-based tool for privacy self-management in social networks From: W3C By: Miguel A. Monjas, Jose M. del Alamo, Juan-Carlos Yelmo, Jonas Hogberg Related: Ericsson Type: Paper Date: 2011
- Browser support for identity federation with many identity providers From: W3C By: RL "Bob" Morgan Related: University of Washington, InCommon Type: Paper Date: 2011
- Reparing HTTP authentication for Web security From: W3C By: Yutaka Oiwa, Tatsuya Hayashi, Boku Kihara Related: AIST Type: Paper Date: 2011
- Bridging the Disconnect Between Web Privacy and User Perception From: W3C By: Mike Perry Related: The Tor Project Type: Paper Date: 2011
- Improving password managers and multidevice synchronization From: W3C By: Yngve Pettersen Related: Opera Software ASA Type: Paper Date: 2011
- Two-factor Authentication for the Cloud From: W3C By: Anders Rundgren Related: PrimeKey Solutions AB Type: Paper Date: 2011
- The WebID Protocol & Browsers From: W3C By: Jeff Sayre, Henry Story Type: Paper Date: 2011
- Thoughts on Trust Infrastructure, User Interface, and Legal Issues From: W3C By: Stephen Schultze Related: Princeton University Type: Paper Date: 2011
- Statement of Interest and Requirements for W3C Workshop on Identity in the Browser From: W3C By: Dan Schutzer Related: Financial Services Roundtable/BITS Type: Paper Date: 2011
- Do you know who I am? From: W3C By: David Singer Related: Apple Type: Paper Date: 2011
- Building the Legal Framework for Browser-Enabled Identity From: W3C By: Thomas J. Smedinghoff, Wildman Harrold Related: Allen & Dixon Type: Paper Date: 2011
- A WebID Implementation in Pure JavaScript and Flash From: W3C By: Manu Sporny, David Longley, David I. Lehn, Mike Johnson Related: Digital Bazaar Type: Paper Date: 2011
- Identity in the Browser: Putting the Cart Before the Horse From: W3C By: Andy Steingruebl, Jeff Hodges Related: PayPal Type: Paper Date: 2011
- A usable identity management system for the Digital Public Space From: W3C By: Olivier Thereaux, Mo McRoberts, Richard Northover Related: British Broadcasting Corporation Type: Paper Date: 2011
- On OIX and NSTIC From: W3C By: Don Thibeau Related: OpenID Foundation, OIX Type: Paper Date: 2011
- Digital Identity in Perspective From: W3C By: John Tolbert Related: The Boeing Company Type: Paper Date: 2011
- Identity In The Browser at 5. Lessons Learned From: W3C By: Paul Trevithick Related: Azigo Type: Paper Date: 2011
- Browser Support for the Open Authorization (OAuth) Protocol From: W3C By: Hannes Tschofenig, Barry Leiba, Blaine Cook, Rob van Eijk Type: Paper Date: 2011
- The Need for a Web Security API From: W3C By: Sean Turner, Stephen Farrell, Peter Saint-Andre Related: IETF Type: Paper Date: 2011
- Server Authentication with DNSSEC From: W3C By: M. Vanderveen Type: Paper Date: 2011
- Browser Assisted Identity Management From: W3C By: Yu Wang, Aanchal Gupta Related: Yahoo! Type: Paper Date: 2011
- Position paper from Netflix, Inc. From: W3C By: Mark Watson, Mitch Zollinger, Wesley Miaw Related: Netflix Type: Paper Date: 2011
- GSS-REST, a Proposed Method for HTTP Application-Layer Authentication From: W3C By: Nicolas Williams Related: Cryptonector Type: Paper Date: 2011
- Consumer Third Party Authentication: Challenges and Potential Solutions From: W3C By: Craig H. Wittenberg Related: Microsoft Type: Paper Date: 2011
