際際滷

際際滷Share a Scribd company logo

What's new in web standards?

Daniel Appelquist
Daniel Appelquist

This document summarizes recent developments in web standards. Key points include: the rise of mobile and JavaScript, new real-time communication technologies like WebRTC, debates around DRM extensions, advances in offline capabilities and push notifications, evolving system application APIs, and work on payments, HTTP 2.0, and securing the web. It also discusses upcoming elections for the W3C Technical Architecture Group and encourages getting involved in W3C working groups.

1 of 17
Download to read offline
Whats New in Web Standards? Daniel Appelquist (@torgo) Open Web Advocate, Telef坦nica Digital Co-Chair, W3C Technical Architecture Group
The Web is Evolving The Web is now a mobile platform Video, 2d & 3d graphics Increasing primacy of JavaScript Peer to peer communication technologies Sophisticated platform APIs Threat from native application environments
WebRTC WebRTC is real-time video, audio, data peer-to-peer browser-to-browser Makes it easy to build Skype in your browser (by the way, Telef坦nicas own TokBox/OpenTok API is a WebRTC-based product) VP8 or h.264 as mandatory codec Why does it matter? Could mean the difference between interoperable WebRTC and WebRTC islands
DRM (EME) Debate Proposed draft extension spec to HTML5 to support protected (video) content The HTML working group has a draft - Google, Microsoft, Net鍖ix Lots of controversy
While we are not in favor of DRM, we do hear from many users who want to watch streaming movies to which they rent access rather than buy to own. -Brendan Eich, CTO of Mozilla The W3C has a duty to send the DRM-peddlers packing, just as the US courts did in the case of digital TV. There is no market for DRM, no public purpose served by granting a veto to unaccountable, shortsighted media giants who dream of a world where your mouse rings a cashregister with every click and disruption is something that happens to other people, not them. -Cory Doctorow, Author and Futurist For me the open web and the internet are tools that we use to express democratic values, political discourse, parody, use and sharing of culture - DRM does not fit in this image because it is made not to do that. - Amelia Andersdotter, EMP, The Pirate Party The W3C community is currently exploring Web technology that will strike a balance between the rights of creators and the rights of consumers. In this space in particular, W3C seeks to lower the overall proprietary footprint and increase overall interoperability, currently lacking in this area. -Tim Berners-Lee, Director of W3C
System Applications Whats a system application API? Something outside the Web? Yes and no. Web features that are privileged - and carry security risks Task scheduler (n辿e Alarms), Contacts, Messaging, Telephony, Raw Sockets Future: Bluetooth, Secure Element (smartcard), System Settings, Network Interface, Calendar
Web & Mobile Interest Group Taking forward the work of CoreMob Accelerate the development of Web technology so that it becomes a compelling platform for mobile applications and the obvious choice for cross platform development. Looking at end to end scenarios on mobile and what specs are needed to support these Collecting data and promoting the issues the group things are important / key missing elements/APIs/capabilities in the Web stack Web&Mobile IG: www.w3.org/Mobile/IG/ CoreMob report: coremob.github.io/coremob-2012/
The Future of Installable Webapps? Demonstration in Shenzhen: Firefox OS and Tizen phones with same installable (hosted) webapps W3C (draft) JSON manifest 鍖le Stock Firefox OS / customized Tizen Install to home screen as a core feature of the Web
Push API The use case: Web applications that can remotely invoke alerts on your device Familiar feature of native platforms W3C Push API almost done Uses a con鍖gurable push server Survived patent exclusion from Nokia Meanwhile, Apple push API has been released with Mavericks Safari
/* Hypothetical end-to-end flow! +--------+ +--------+ +--------+ +--------+! | webapp | | user | | push | | app |! | | | agent | | server | | server |! +--------+ +--------+ +--------+ +--------+! | | | |! |-----register------>| | |! | | | |! | (user accepts) | |! | | | |! | |<-setup push service->| |! | | | |! |<---success---------| | |! | | | |! |<--activate service with PushService attributes----------------->|! | | | |! | | |<--push notification-|! | | | per service API |! | | | |! | | (match to user agent) |! | | | |! | |<--push notification--| |! | | per service protocol | |! | | | |! | (match to webapp) | |! | | | |! |<---system message--| | |! | | | |! */
Advances in Of鍖ine : Service Worker Off-line is hard; HTML5 Appcache doesnt work well Service worker: a new architecture to support of鍖ine webapps A separate JavaScript worker that can act as an application-speci鍖c proxy Some assembly required: youre the application developer, you decide how much off-line service logic your app needs and you build it
Web Payments How can the Web better support payments as a 鍖rst class citizen? The stakeholders include traditional 鍖nancial COs (banks, credit cards, infrastructure), Mobile Operators, traditional disruptors (Paypal, etc), new disruptors (Bitcoin, etc) Can Web standards play a role? (e.g. Web crypto, access to the secure element) Workshop happening: 24-25 March 2014, Paris Bring all stakeholders together - watch this space
HTTP 2.0 IETF speci鍖cation in working draft phase but consolidating quickly Incorporates many improvements on HTTP from Googles SPDY work Con鍖rmed last week by HTTP (IETF) working group chair: HTTP 2.0 will only run over TLS (secure connection) On the horizon: QUIC UDP-based transport protocol + security + multiplexing could radically improve Web performance
Securing the Internet / Web Post-Snowden Lots of energy in IETF (e.g. secure http2) Lots of discussion in W3C - somewhat less consensus What can W3C do to harden the Web? Highlight Security Best Practices; Web Crypto API; Focus on the UI of security in the browser
TAG Election Technical Architecture Group - a technical steering board for Web Standards 2 seats up for election this year - nominations in by 29 November W3C member companies can nominate, but nominees can be from anywhere Follow us at @w3ctag, check out our work on Github: github.com/w3ctag
Whats the TAG Working On? Review and feedback - Web Audio, WebRTC, Web Components, Push API, Web Animations, Web Crypto Helping with liaisons, especially with IETF (HTTP, JSON) and ECMA TC39 (Javascript, JSON) Capability URLs best practices API Design Guide Extensible Web Of鍖ine Web EME - architectural issues thereof Secure the Web document: Security recommendations for Web Sites
Get Involved w3.org - news and links Basic info, links and news w3.org/community - Community Groups Incubation of new stuff - e.g. responsive images, copyright reform Want to participate in a working group? Most working groups have public mailing lists, or become an invited expert Many working groups are now on Github github.com/w3c/ - many specs including HTML5 github.com/sysapps/ - system applications github.com/w3ctag/ - the TAG github.com/w3c-webmob/ - Web & Mobile Interest Group Workshops and outreach events

More Related Content

What's new in web standards?

  • 1. Whats New in Web Standards? Daniel Appelquist (@torgo) Open Web Advocate, Telef坦nica Digital Co-Chair, W3C Technical Architecture Group
  • 2. The Web is Evolving The Web is now a mobile platform Video, 2d & 3d graphics Increasing primacy of JavaScript Peer to peer communication technologies Sophisticated platform APIs Threat from native application environments
  • 3. WebRTC WebRTC is real-time video, audio, data peer-to-peer browser-to-browser Makes it easy to build Skype in your browser (by the way, Telef坦nicas own TokBox/OpenTok API is a WebRTC-based product) VP8 or h.264 as mandatory codec Why does it matter? Could mean the difference between interoperable WebRTC and WebRTC islands
  • 4. DRM (EME) Debate Proposed draft extension spec to HTML5 to support protected (video) content The HTML working group has a draft - Google, Microsoft, Net鍖ix Lots of controversy
  • 5. While we are not in favor of DRM, we do hear from many users who want to watch streaming movies to which they rent access rather than buy to own. -Brendan Eich, CTO of Mozilla The W3C has a duty to send the DRM-peddlers packing, just as the US courts did in the case of digital TV. There is no market for DRM, no public purpose served by granting a veto to unaccountable, shortsighted media giants who dream of a world where your mouse rings a cashregister with every click and disruption is something that happens to other people, not them. -Cory Doctorow, Author and Futurist For me the open web and the internet are tools that we use to express democratic values, political discourse, parody, use and sharing of culture - DRM does not fit in this image because it is made not to do that. - Amelia Andersdotter, EMP, The Pirate Party The W3C community is currently exploring Web technology that will strike a balance between the rights of creators and the rights of consumers. In this space in particular, W3C seeks to lower the overall proprietary footprint and increase overall interoperability, currently lacking in this area. -Tim Berners-Lee, Director of W3C
  • 6. System Applications Whats a system application API? Something outside the Web? Yes and no. Web features that are privileged - and carry security risks Task scheduler (n辿e Alarms), Contacts, Messaging, Telephony, Raw Sockets Future: Bluetooth, Secure Element (smartcard), System Settings, Network Interface, Calendar
  • 7. Web & Mobile Interest Group Taking forward the work of CoreMob Accelerate the development of Web technology so that it becomes a compelling platform for mobile applications and the obvious choice for cross platform development. Looking at end to end scenarios on mobile and what specs are needed to support these Collecting data and promoting the issues the group things are important / key missing elements/APIs/capabilities in the Web stack Web&Mobile IG: www.w3.org/Mobile/IG/ CoreMob report: coremob.github.io/coremob-2012/
  • 8. The Future of Installable Webapps? Demonstration in Shenzhen: Firefox OS and Tizen phones with same installable (hosted) webapps W3C (draft) JSON manifest 鍖le Stock Firefox OS / customized Tizen Install to home screen as a core feature of the Web
  • 9. Push API The use case: Web applications that can remotely invoke alerts on your device Familiar feature of native platforms W3C Push API almost done Uses a con鍖gurable push server Survived patent exclusion from Nokia Meanwhile, Apple push API has been released with Mavericks Safari
  • 10. /* Hypothetical end-to-end flow! +--------+ +--------+ +--------+ +--------+! | webapp | | user | | push | | app |! | | | agent | | server | | server |! +--------+ +--------+ +--------+ +--------+! | | | |! |-----register------>| | |! | | | |! | (user accepts) | |! | | | |! | |<-setup push service->| |! | | | |! |<---success---------| | |! | | | |! |<--activate service with PushService attributes----------------->|! | | | |! | | |<--push notification-|! | | | per service API |! | | | |! | | (match to user agent) |! | | | |! | |<--push notification--| |! | | per service protocol | |! | | | |! | (match to webapp) | |! | | | |! |<---system message--| | |! | | | |! */
  • 11. Advances in Of鍖ine : Service Worker Off-line is hard; HTML5 Appcache doesnt work well Service worker: a new architecture to support of鍖ine webapps A separate JavaScript worker that can act as an application-speci鍖c proxy Some assembly required: youre the application developer, you decide how much off-line service logic your app needs and you build it
  • 12. Web Payments How can the Web better support payments as a 鍖rst class citizen? The stakeholders include traditional 鍖nancial COs (banks, credit cards, infrastructure), Mobile Operators, traditional disruptors (Paypal, etc), new disruptors (Bitcoin, etc) Can Web standards play a role? (e.g. Web crypto, access to the secure element) Workshop happening: 24-25 March 2014, Paris Bring all stakeholders together - watch this space
  • 13. HTTP 2.0 IETF speci鍖cation in working draft phase but consolidating quickly Incorporates many improvements on HTTP from Googles SPDY work Con鍖rmed last week by HTTP (IETF) working group chair: HTTP 2.0 will only run over TLS (secure connection) On the horizon: QUIC UDP-based transport protocol + security + multiplexing could radically improve Web performance
  • 14. Securing the Internet / Web Post-Snowden Lots of energy in IETF (e.g. secure http2) Lots of discussion in W3C - somewhat less consensus What can W3C do to harden the Web? Highlight Security Best Practices; Web Crypto API; Focus on the UI of security in the browser
  • 15. TAG Election Technical Architecture Group - a technical steering board for Web Standards 2 seats up for election this year - nominations in by 29 November W3C member companies can nominate, but nominees can be from anywhere Follow us at @w3ctag, check out our work on Github: github.com/w3ctag
  • 16. Whats the TAG Working On? Review and feedback - Web Audio, WebRTC, Web Components, Push API, Web Animations, Web Crypto Helping with liaisons, especially with IETF (HTTP, JSON) and ECMA TC39 (Javascript, JSON) Capability URLs best practices API Design Guide Extensible Web Of鍖ine Web EME - architectural issues thereof Secure the Web document: Security recommendations for Web Sites
  • 17. Get Involved w3.org - news and links Basic info, links and news w3.org/community - Community Groups Incubation of new stuff - e.g. responsive images, copyright reform Want to participate in a working group? Most working groups have public mailing lists, or become an invited expert Many working groups are now on Github github.com/w3c/ - many specs including HTML5 github.com/sysapps/ - system applications github.com/w3ctag/ - the TAG github.com/w3c-webmob/ - Web & Mobile Interest Group Workshops and outreach events