Global Standardization Activities
Activities at W3C Technical Plenary and Advisory Committee Meetings Week (TPAC) 2019 in Fukuoka
The W3C (World Wide Web Consortium) Technical Plenary and Advisory Committee Meetings Week (TPAC) 2019 was held from September 16 to 20 in Fukuoka, and this meeting was the second time held in Japan. The activities of the NTT Group related to development of web technology in TPAC are described in this article.
Keywords: W3C TPAC, web authentication, digital signage
1. Overview of W3C TPAC 2019 in Fukuoka
The Technical Plenary and Advisory Committee Meetings Week (TPAC) is an annual general meeting held by the World Wide Web Consortium (W3C), which is a membership-based international consortium of industrial and academic organizations involved in standardizing and promoting web technology. The days before and after the plenary session held on that Wednesday were filled with various activities related to standardization, including face-to-face technical discussions in the Working Group (WG) and discussions on the use of technology from a business perspective and technology that has been adopted in the Business Group (BG). TPAC 2019 was held at the Hilton Fukuoka Sea Hawk and was the largest ever, with over 640 participants and over 100 meetings and sessions.
The key topics of the plenary session included an announcement regarding Sir Tim Berners-Lee, inventor of the World Wide Web as well as the founder and centripetal force within the W3C, of his intention to step down as director. There was also a report on the proposal for the W3C to obtain legal entity status in January 2021, which has been discussed in various meetings as a means to achieve stable operation of the W3C, and members were asked to make preparations within their own organizations. Concerning the handling of intellectual property in the standardization process, a proposal for a policy of early confirmation of royalty-free implementation by each organization, which is currently required at the time of recommendation, was promptly confirmed to prevent reworking in WG discussions.
2. NTT Group activities
The NTT Group provided stable Internet connection service during the conference via NTT Communications and NTT WEST. Meeting participants included many individuals from many countries, and communication between members via the Internet for web conferencing, GitHub, etc. required a very fast and robust network environment. By continuously and reliably performing daily tasks such as monitoring during meetings and equipment inspection after meetings, the NTT Group contributed to the high evaluation of the meetings by participants.
3. FIDO authentication and the WebAuthn WG
The standardization of web authentication in the W3C began with the contribution of the basic specifications of the web part (draft) by the FIDO Alliance in November 2015. The FIDO certification model was made compatible with operating systems and browser platforms and officially recommended as Level 1 in March 2019. Level 2 is currently being formulated.
NTT DOCOMO and NTT laboratories joined the FIDO Alliance as a board member and a sponsor member, respectively. NTT DOCOMO has chaired the Consumer Deployment WG and FIDO Japan WG and is contributing to the formulation and popularization of FIDO certification specifications by providing summaries of issues and feedback regarding commercial introduction and improvement of the FIDO specifications.
Seizing the opportunity of getting together with key persons involved in web security and authentication at TPAC 2019, three initiatives from Japan were taken up to promote even more widespread application of the simple and robust FIDO authentication model in commercial services, including web authentication.
3.1 Demonstration booths
The NTT Group took the initiative to set up web authentication demonstration booths during the week of the meeting. The FIDO Japan WG and the Japan FIDO Alliance member companies also participated by demonstrating web authentication on smartphones, web authentication using personal computers and security keys, and the operation of an authentication device that uses the veins in users’ palms. By popularizing FIDO certification and introducing new first-in-the-world initiatives in Japan, we were able to demonstrate the appeal of password-less authentication.
3.2 Luncheon speech
On the second day, we conducted a 30-minute presentation entitled “Contributions from NTT and Japan Teams for Simpler, Stronger Authentication.” The presentation covered how NTT DOCOMO was an early adopter by using the FIDO specifications for d ACCOUNTTM*2 log-in biometric authentication since May 2015  and initiatives of the NTT Group and Japanese companies regarding web authentication. Knowledge gained from world-first commercial applications and feedback for improving specifications were also presented along with ideas for moving forward. At TPAC 2019, which was held in Japan for the first time in a long while, a luncheon speech (a first for TPAC) describing valuable Japanese initiatives generated strong interest and lively discussion among several audience members (Photo 1).
3.3 WebAuthn WG
In the WebAuthn WG, more specific feedback was offered, and there was discussion on formulating Level 2. The three main points were 1) current differences in browser implementations, 2) problems with the specifications for providing a frictionless authentication experience, and 3) best practices for effective use of the many options for implementing password-less authentication. We believe these efforts have increased the momentum of standardization activities for reducing the risk of unauthorized access originating in the online use of passwords.
4. Web-based Signage BG
Web-based signage  is digital signage that uses web technology and features the implementation of services by simple installation of a web browser on a terminal. In the W3C, the Web-based Signage BG (co-chaired by NTT) began studies on the implementation of web-based signage in April 2012, starting with analysis of use cases, and has been discussing the implementation of the browser API required by services. The Web-based Signage BG meeting was held at TPAC 2019 for the first time in about two years. The history of the activities was reviewed, and it was confirmed that web-based signage has already been commercialized and is in use worldwide. Having achieved the initial goal of widespread use of web-based signage, the members agreed at the meeting to terminate activities of this BG.
5. Breakout session topics
One of the features of TPAC is “unconference-style” breakout sessions held on the day of the plenary session. Volunteer participants deal with all matters from setting the discussion topics to managing the sessions. The discussion topics can be very diverse, such as seeking broad audience perspectives on divided opinions within the WG, or proposing new topics for future discussion in the W3C. This time, 59 sessions were held with lively discussion, and up to 12 sessions were conducted simultaneously.
It goes without saying that the protection of privacy is an important issue, and browser vendors are expected to propose new specifications based on the discussions held in these sessions in the near future.
All brand, product, and company/organization names that appear in this article are trademarks or registered trademarks of their respective owners.