Addressing the "Web Security Standards Deficit"

Although the web browser has become the primary vehicle for most users for interacting with the Internet, there is still a considerable lack of generally supported standards for security-related operations such as digital signatures and on-line distribution of authentication/signature keys.  WebPKI.org aims to change this.
 
How?  That's indeed a very good question!  It seems that something along the lines of the way Microsoft recently introduced Information Cards could be suitable to not get caught in endless standardization processes.  Put in real-world terms that means providing open specifications and free implementations (including Open Source) and only IF AND WHEN the result turns out well, continue to the next step (formal standardization).
 
Naturally, tracking the needs of the [presumed] user community is an important aspect that you should always be aware of but the method above doesn't preclude that anymore than a "real" standardization effort.  In fact, the fees, procedures, and general attitude that is common within standardization bodies, often makes external input quite limited.

Authentication Token for the "Cloud"
 
"Cloud" Token Documents + Code

WASP - Signing Data in Browser Sessions
 
Tutorial/Introduction
FAQ
The entire document set
 
Invoking Security Extensions in Browsers
 
The following is a proposal based on WASP: XML Browser Extension Scheme

KeyGen2 - "Universal Provisioning"
 
Vision Paper
Cut-down Description (the entire spec is not yet public)
Emulator "snapshot"
Universal Keystore

Primary Contact
 
anders.rundgren.net@gmail.com
 
LinkedIn profile