| Security home

Security Activity Statement

The work in the W3C Security Activity currently comprises two Working Groups and one Interest Group: the XML Security Working Group focuses on maintaining and revising the XML Security Specifications. The Web Application Security Working Group has the mission to develop security and policy mechanisms to improve the security of Web Applications, and enable secure cross-site communication. The Web Security Interest Group serves as a forum for discussion about improving standards and implementations to advance the security of the Web.

The XML Security Working Group started up in summer 2008, and has decided to publish an interim set of 1.1 specifications as it works towards producing a more radical change to XML Signature. The XML Signature 1.1 and XML Encryption 1.1 specifications clarify and enhance the previous specifications without introducing breaking changes, although they do introduce new algorithms. These specifications are at Candidate Recommendation stage, and are currently the subject of discussion in a Patent Advisory Group.

The Web Application Security Working Group and the Web Security Interest Group were launched in early September 2011.

Highlights Since the Previous Advisory Committee Meeting

The following deliverables of the XML Security Working Group are in Candidate Recommendation:

• XML Signature v1.1
• XML Encryption v1.1
• XML Signature Properties
• XML Security Generic Hybrid Ciphers

The XML Security PAG is chartered to study issues and propose solutions related to XML Encryption 1.1 and XML Signature 1.1.

The Advisory Committee reviewed a proposal to launch a Web Application Security Working Group and a Web Security Interest Group. Both proposals were approved by the Director in early September 2011.

Upcoming Activity Highlights

The Web Application Security Working Group will have its face-to-face kick-off meeting at the upcoming TPAC.

Summary of Activity Structure

Group	Chair	Team Contact	Charter
XML Security Working Group (participants)	Frederick Hirsch	Thomas Roessler	Chartered until 30 June 2012
Web Application Security Working Group (participants)	Brad Hill, Eric K. Rescorla	Thomas Roessler	Chartered until 31 March 2013
Web Security Interest Group	Adam Barth	Thomas Roessler	Chartered until 31 March 2013

---

This Activity Statement was prepared for TPAC 2011 per section 5 of the W3C Process Document. Generated from group data.

Thomas Roessler, Security Activity Lead

Copyright � 2011 W3C^� (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark, document use and software licensing rules apply. Your interactions with this site are in accordance with our public and Member privacy statements.

$Id: Activity.html,v 1.212 2011/10/03 13:42:31 roessler Exp $