STATUS: Charter Approved

An updated version of this charter has been approved by the W3C Membership and Director. The Web Authentication Working Group is now launched and on GitHub.

[DRAFT] Web Authentication Working Group Charter

This charter was sent for W3C Advisory Committee review December 18, 2015.

The mission of the Web Authentication Working Group, in the Security Activity is to define a client-side API providing strong authentication functionality to Web Applications.

Start date [dd monthname yyyy] (date of the "Call for Participation", when the charter is approved) End date [dd monthname yyyy] (1 year from start date) Chairs Richard Barnes, Mozilla

Anthony Nadalin, Microsoft Team Contacts TBD (0.2 FTE ) Meeting Schedule Teleconferences: 1-hour calls will be held weekly.

Face-to-face: we will meet during the W3C's annual Technical Plenary week; additional face-to-face meetings may be scheduled by consent of the participants, no more than 3 per year.

Goals The Web Authentication Working Group will develop recommendation-track specifications defining an API, as well as signature and attestation formats which provide an asymmetric cryptography-based foundation for authentication of users to Web Applications. Overall goals include obviating the use of shared secrets, i.e. passwords, as authentication credentials, facilitating multi-factor authentication support as well as hardware-based key storage while respecting the Same Origin Policy.