Web Standards Korea

Web Standards Korea and Google Korea today announced the results of a survey on web openness with a pool of 348 developers. According to the study, developers believed that web openness helps promote continuous innovation, while 75% of respondents believed that multiple government regulations(34%) and isolated solutions that deviate from global standards(41%) were the greatest obstacles to fostering an open web environment.

In addition, only 13% of the developers answered that Korea’s web environment did not lag behind that of other countries. The majority answered that the Korean web environment fell behind others by 1-5 years(57%), and some even said 5-10 years (26%).

As to what issues need to be resolved immediately to eliminate the discrepancy between local standards and global standards, 74% of the respondents replied ‘Active X’, followed by online payment policy(17%), and name verification policy(7%). In response to an open-ended question asking what is further required for the advancement of the mobile internet, which is recently enjoying a tremendous rise in popularity, 15% of respondents replied ‘web standardization/global standards, 12% replied ‘expansion of wireless internet network,’ and 7% said ‘deregulation’.

On the other hand, a very positive evaluation was given to the benefits of web openness, with 50% of the respondents replying that web openness promotes continuous innovation, 31% saying that it maximizes efficiency of development and 17% responding that it helps facilitate entry into the global market.

Also, almost 45% of respondents answered that they set open browsers such as Firefox(20%), Chrome(12%), Safari(11%) and Opera(1%) as the default browsers, showing high preference of open browsers among developers.

Channy Yun, the Manager of the Web Standards Korea, stated that “More innovation can be achieved in the web environment when openness is guaranteed,” adding, “As this study reveals, developers, the industry and the government should come together to find a way to resolve issues hindering web development, such as the implementation of global standards and the relaxation of excessive regulations.

Won-Jin Lee, Managing Director, Google Korea & JAPAC Global Accounts & Agency stated that “The increased flexibility in the web environment following the full-scale introduction of the mobile internet is viewed very positively.” and explained that “The introduction of global standards will provide a chance for both local developers and companies to gain greater competitiveness in the global market.”

The above study was conducted by the Web Standards Korea and Google Korea to understand the current situation of web openness in Korea as well as to obtain a deeper understanding of the direction the web should be headed in. The survey was conducted on developers that attended the HTML5 Open Conference, where a total of 384 developers responded.

The HTML5 Open Conference hosted by Web Standards Korea, was the first HTML5 technology related conference of its kind in Korea. The Conference was held to communicate that HTML5, the next-generation web application platform, is an open web standard created to enhance user experience.

The Open Web made a community to fix the discriminative treatment of public services to non-IE and non-Windows users. Most of public services has offered only ActiveX based national certification service. By the law of digital signature, official CAs must not reject certification services to all people. But, CAs has done to non-IE and non-Windows users. Prof. Kim, law professor indicated this point. In last year, he gathered pre-accusers and and proposed to fix this situation to Ministry of Information and Communication. The officer said to try to do that, but, there was no reaction of government for six month.

At last, Open Web, with 83 netizens behind had filed a lawsuit against Korea Financial Telecommunications & Clearings Institute, one of official CAs with damage claim of $460,000 on the January 24th, 2007.

You can read more detail in Web Security Certificate Issuer Preps $10mil Lawsuit with Korean Administration and KFTC and MOGAHA to be sued before Vista releases of ZDNEt Korea’s article. The KFTC had over 80% market share in official CAs and was made by korean banks. Most of banks has used KFTC’s internal network and infra-system.

Recently there was a court arbitration between OpenWeb and KFTC. The KFTC insisted that supporting of all O/S and browsers is impossible and costly expensive. But, the judge demanded the settlement in each other, if OpenWeb suggests the proper range, deadline and cost, the KFTC must accept that. The OpenWeb will require alternative technology such as Java applet (e.g. OpenOCES in Danish for Firefox, Opera and Safari users in other operating systems within eight months.

Whereas, the Ministry of Government and Home Affairs decided to renewal of E-gov site. I’ll continually follow up this lawsuit and progression of government.

Mr. Vladimir said his experience of Korean internet banking to know technical issue about SEED. Thanks for his trouble in korean sites. I’ll introduce technical description for that. (Before you read this article, please read his It’s gone to SEED.)

In first introduction of SEED in 1997, there was only cryptographic ActiveX or NSPlugin (was deprecated after browser wars). It works issuing and managing personal certificate by national CAs and “adding digital signature” to “important text” as like account number to transfer money in transaction. InisafeWeb is one of them. (There are almost eight providers in Korea, so if you use several national CA services such as banking, cyber trading and e-government, you must install at least over three same functional ActiveX control. It’s so ridiculous)

I will explain a brief process of transactions using ActiveX. If someone want to make secure transaction, he inputs necessary information in HTML form. A javascript function called by submit sends them to Cryptographic ActiveX control. It encrypts them and adds digital signature with user’s public key. Encrypted message by ActiveX returns in HTML form again. And form.submit() is finally executed. Web server decrypts and validates form data made by user certificate with CA via OCSP. After requested tasks was executed by web server and it sends to results to his browser. In this stage, some bank site often gives encrypted message for decryption by interaction between ActiveX control and Javascript.

In fact, it’s almost same with SSL transaction. All browser has a certificate manager as similar User-interface as Mr. Vladimir saw. Why korean didn’t use browser’s basic function? One is SEED encryption algorithm. The other is the digital signature function not to be standardized in browser. It is similar with crypto.signText(), in fact, it was originated by that idea in 10 years. The cryptographic ActiveX has these functions.

Finally, I will explain the rest ActiveX controls. There has been a financial accidents by hacked personal certificate and security number affected by key logging tools. It caused by user’s insensible installing ActiveX in Korea. (Most people was educated by clicking “Yes” in prompting Security Warning in installing ActiveX by IE. Why? Most of public services has used ActiveX. So people cannot help affecting spywares or malwares. It’s just a vicious circle of security.) So most of bank started to give a prohibiting key logging(”SoftCamp”) and online firewall and vaccine ActiveXs(”Hauri”). InsisWeb is only Shinhan’s insurance processing ActiveX. As same as cryptographic ActiveX, there are each several providers of these tools. So installing ActiveXs were continually increased. Maybe most of korean has almost over 10 ActiveX controls to use public services.

The problem is that all ActiveX controls are highly coupled and there is no right to choose them to users. It’s not the end. Most of e-government sites offer DRM-enabled printing ActivX for all printer drivers. In credit card transactions, there are several providers and their ActiveX controls. In korea, even Visa3D was operated in ActiveX. (The government made a guideline to use National CA system over credit card transaction over $300. So If you want to buy something in online shopping mall, you must install above all.) If you want cyber trading…? Yes. There is another ActiveX.)

It’s very serious situation, there has been several warnings in Windows XP SP2 and ending support of Windows 98. But, korean government ignored them, most of software companies has used dodging tactics to protect their business.) Now it’s not only SEED’s problem in korean situation. It’s almost national Intranet system optimized in Windows and Internet Explorer attacked by inner hackers. It’s korean home brew.

There was an event called Browser War Episode II presented by the Silicon Valley WebBuilder on Feb.28. It brought together Mike Shaver from Mozilla, Chris Wilson from Microsoft’s IE team, H?kon Lie from Opera, and expertly moderator Douglas Crockford from Yahoo! to talk about the current state of the browser landscape.

Another vendor summit will be held in Korea to discuss future of web applications and review of korean situations.

—-
(Mar. 8, 2007, Seoul, Korea) The Global Web Technology Workshop will be held by the Future Web Forum (FWF) on March 16 at the Textile Center Bldg. in Samsungdong, Seoul, Korea. The FWF is a web expertgroup for the adoption of global web technologies and standards within the Korean web industry. The FWF consists of experts with over10 years of experience in Microsoft Korea, Apple Korea, OperaSoftware Korea and Web Standards.

This event is officially supported by Microsoft Korea, Mozilla Corporation and Opera Software Korea. In this workshop, Mr. Channy Yun of the Mozilla Korean Community will speak about Firefox 3 and rich web applications as well WHATWG activites. Mr. Goodhyun Kim of Microsoft Korea will speak about Windows Vista and multi-platform UX. Mr. Suyong Wang of Apple forum will explain the Safari Browser and the difficulties Macintosh users have on the Korean web environment. Finally Mr. Manyoung Cho of Opera Korea will introduce the Opera browser, Opera Widgets and Opera’s web standards evangelism efforts.

In a panel discussion, these experts will discuss the trends of global web technologies and the Korean situation caused by ActiveX incompatibility issues on Microsoft Windows Vista after eachpresentations. They will become this issue in view of outsider and global terms show screen casts of examples in internet banking and e-governments site in abroad.

This event will be helpful to explain global standards and the abnormal situation of the Korean Internet to decision makers in the Korean government and the Korean IT industry. The event is free.

There was 7th KWAG workshop held at one of NHN’s training centers. KWAG is a voluntarily gathered non-profit, and non-government group of people who share the interest in enhancing Web accessibility in Korea, and this workshop is a kind-of unconference which has no fixed form but the content of the meeting is freely created by voluntary individuals.

KWAG launched several small groups, that is TF’s at this 7th workshop. There are Web Accessibility Evaluation, Caption and Audio Description , Universial Web Design, Javascript Framework and KWAG 2.0 TF etc.

Have a quick look at the following photos to get how the workshop worked:

• some pictures taken by Hooney, one of the leading members of KWAG. The photos are grouped by the TF’s.
• photos taken by corean
• All Flickr photos tagged with kwag