Call for Participation Signature and XML Encryption (original) (raw)

W3C Workshop on

Next Steps for XML Signature and XML Encryption

25/26 September 2007 -- Mountain View, California

hosted by VeriSign

Workshop Goals and Scope

Audience

This Workshop addresses implementors and users of the XML Signature and XML Encryption Suites of specifications to discuss experiences and next steps. The intended audience includes specification writers that have built their work on top of these specifications.

Scope and Background

The XML Signature and XML Encryption suites of specifications have seen broad deployment, and form the basis for a number of security related specifications in the Web and Web Services worlds. Use of these specifications has reached a stage where it is useful to review the issues and lessons learned in implementations, deployments and development of specifications based on these standards. The W3C has recently launched the XML Security Specifications Maintenance Working Group to address a limited number of work items, and to develop a roadmap for future work on these specifications.

This workshop will serve as a means to discuss experience and issues with the XML Security suite of specifications and to identify gaps and emerging issues that might feed future work.

In particular, the workshop is expected to investigate the following areas:

• Interoperability and robustness issues, such as spurious validation errors;
• Performance aspects of implementations of the XML security specifications;
• The interaction of the existing suite of specifications with XML 1.1;
• The effect of the ongoing work on Efficient XML Interchange on the XML security specifications;
• Use cases and requirements that are either not addressed or are insufficiently addressed by the current suite of specifications, including legal requirements for digital signature formats;
• Experience and consequences of building other specifications or standards with the XML Signature and XML Encryption suites of specifications as a basis;
• Insights into the interaction of the XML Security specifications with the evolving XML environment.

Workshop Goals

The aim of this workshop is to make recommendations to the W3C and to build community consensus about possible next steps for the XML Security specifications.

Important Dates

Requirements for Participation

• Each participant in the workshop must be associated with a position paper. Position papers must be submitted no later than 14 August.
• W3C membership is not required in order to participate in the Workshop.
• Pre-registration of participants will be mandatory.
• The total number of participants will be limited. To ensure diversity, a limit might be imposed on the maximum number of participants per organization.
• Instructions for how to register will be sent to submitters of accepted position papers. These instructions may also indicate a possible limit on the maximum number of participants per organization.
• Workshop sessions and documents will be in English.
• Press representatives must contact w3t-pr@w3.org.

Position Papers

Position papers are the basis for the discussion at the workshop. These papers will also be made available to the public from the workshop site.

Topics

Position papers should contribute to the workshop's discussion about

• detailed use cases and requirements
• implementation and interoperability experience
• usage experience
• the interaction of the XML Security specifications with the evolving XML environment

They should also explain the participants' position with respect to possible specific work items that W3C could take up in within the workshop's broader scope.

Format

All papers should be 1 to 5 pages, although they may link to longer versions or appendixes.

Accepted position papers will be published on the public Web pages of the workshop. Submitting a position paper comprises a default recognition of these terms for publication. Allowed formats are (valid) HTML/XHTML, PDF, or plain text. Papers in any other formats will be returned with a request for correct formatting. Good examples of position papers can be seen in the transactions of the W3C Workshop on Usability and Transparency of Web Authentication.

The Program Committee may ask the authors of particularly salient position papers to explicitly present their position at the workshop to foster discussion. Presenters will be asked to make the slides of the presentation available on the workshop homepage in HTML, PDF, or plain text.

Position papers must be submitted via email to member-xmlsec-submit@w3.org no later than 14 August.

Workshop Organization

Workshop Chairs

• Frederick Hirsch, Nokia; Chair, XML Security Specifications Maintenance Working Group, W3C
• Thomas Roessler, W3C; Security Activity Lead

Program Committee

The workshop is organized by the W3C XML Security Specifications Maintenance Working Group. Current participants are:

• Gregory Berezowsky (Afilias Limited)
• Elisabetta Carrara (ENISA)
• Juan Carlos Cruellas
• Phillip Hallam-Baker (VeriSign)
• Frederick Hirsch (Nokia)
• Giles Hogben (ENISA)
• Konrad Lanz (A-SIT)
• Peter Lipp (A-SIT)
• Hal Lockhart (BEA Systems, Inc.)
• Robert Miller (MITRE Corporation)
• Ram Mohan (Afilias Limited)
• Sean Mullan (Sun Microsystems, Inc.)
• Anthony Nadalin (IBM Corporation)
• Chris Nautiyal (FSTC)
• Thomas Roessler (W3C)
• Rich Salz (IBM Corporation)
• Aleksey Sanin
• Daniel Schutzer (FSTC)
• Ed Simon
• Andrew Sullivan (Afilias Limited)
• Panagiotis Trimintzios (ENISA)
• Tarun Tyagi (Data Recovery Software)
• Greg Whitehead (HP)

Sponsors

The Workshop will be hosted by VeriSign in Mountain View, California, USA.

Deliverables

Position papers will be put on the workshop's web-site. The agenda and the accepted presentations will also be published online. The XML Security Specifications Maintenance Working Group will use the workshop outcome as input toward its work item to devise a roadmap for future work on the XML Security Specifications.