This public report was first prepared for the W3C Advisory Committee Meeting 2016. See the accompanying W3C Fact Sheet — March 2016. For the previous edition, see the October 2015 W3C highlights. For future editions of this report, please consult the latest version.
A Chinese translation is available.
W3C's vision includes continuing to extend the capabilities of the Open Web Platform while defending it from security and privacy threats. Every one is concerned when it comes to security. We are raising the Open Web Platform to a higher standard of security. We ensure that specific Web security needs are met, and are doing so in collaboration with industry, academic experts, the public, and other standards organizations.
"When strong authentication is easy to deploy, we make the Web safer for daily use, personal and commercial. With the scope and frequency of attacks increasing, it is imperative for W3C to develop new standards and best practices for increased security on the Web."Sir Tim Berners-Lee, Web Inventor and W3C Director.
Strengthening and securing the core is a requirement. Another is to be on the lookout for emerging areas, exploring what new application areas in general might mean for the underlying Open Web Platform, looking at where the Web is going to be able to identify where interoperability is needed in the new Web. W3C continues to think about the future of the Web. See below a few candidates which bear the potential of growing the capability of the core Open Web Platform.
In parallel, we have broadened our focus on vertical industries. Application Foundations of the Open Web Platform are fluid in nature given their multiple interconnections —such as Security implications of device interactions, or Accessibility considerations of streaming media— but the future of the Web is informed by the future of Industry. Most are building their business on the Web and participate in our work to address Web-specific requirements they have. Those requirements fit into more than one Vertical aspect and across several of our key horizontal activities. Our Industry Vertical Champion Program shapes the future of the Web in the Industry.
Security continues to emerge as topic number 1 for the Web platform and W3C. We have a very broad and diverse platform, are constantly adding functions —social, video, mobile— all have had impact, modified the platform to cater for industry needs. W3C continues to advance our efforts to address security issues, in order of priority: Web user security, Web application security, and Web Platform security.
We have taken a number of steps since TPAC 2015 to improve the security and privacy of the Web Platform and two upcoming Web security milestones are WebCrypto & Killing Passwords.
The Web Cryptography API, anticipated to progress to Proposed Recommendation, is about performing basic cryptographic operations in web applications. These are core components for libraries to build upon, avoiding the need for developers to "roll their own" solutions.
The Web Authentication Working Group charter illustrates another field where the standardization pushed by W3C serves the telecommunications industry: the adoption of the FIDO-based authentication methods in browsers promises to simplify identity management, an important need that operators can both help fulfill and benefit from. Chartered to specify a Web API for strong authentication on the Web, this work gives us the real opportunity to move beyond passwords, to a more usable and more secure authentication experience on the Web.
With the prospects of bringing the high security ensured by hardware-tokens to the Web platform, we are continuing development of a Hardware Security Working Group draft charter.
There are a number of use cases that this standard will enable, including but not limited to the ability to manage credential information for hardware-based security modules, and the ability to access specific security sensitive services offered by hardware tokens such as Payments transaction authorization and Identity verification.
Content Security Policy Level 2, Mixed Content, Subresource Integrity, and Upgrade Insecure Requests are all Candidate Recommendations. These specs enable Web Application developers to secure their apps, cooperate with the browser environment on enforcement of security policies, and make it easier for large deployed sites to upgrade their security to HTTPS. Another significant deliverable from WebAppSec is the advancement to FPWD of Content Security Policy Level 3 late January.
Drawing upon these specifications, W3C upgraded its own website to HTTPS, offering encrypted, integrity-protected access to W3C resources and Recommendations.
We are systematically asking for Security and Privacy Considerations in charters and specification development. The TAG published a draft Security and Privacy Self-Review Questionnaire, with input from the Privacy Interest Group (PING) and Web Application Security Working Group, to help editors in making those assessments.
PING and Web Security Interest Group offer assistance with specification review, and the Director will look for Security and Privacy Considerations at specification transitions.
The Tracking Protection Working Group sent the Tracking Preference Expression (TPE) to Candidate Recommendation and the Compliance Specification is almost there. These specs give a mechanism for expressing tracking preferences, and by which sites can indicate their compliance with user requests.
PING published a draft of Fingerprinting Guidance for Web Specification Authors.
As the impact of the Open Web Platform has grown, several industries are building their business platforms on top of the Web and using Web technology.
Last October we presented why the Industry is important to the Web and vice-versa, and introduced the Industry Vertical Champion Program,
Automotive's future is made of rich user experiences, greater security and smarter location-based services. Drivers and passengers demand the same rich user experiences in vehicles that they enjoy with all their mobile and other devices. HTML5 and the Open Web Platform offer the best roadmap for new services, increased security and interoperability.
W3C has been working with GENIVI to enhance our work with the automotive industry to the level of having a strong shared vision and partnership. The GENIVI Alliance is a non-profit automotive industry alliance committed to driving the broad adoption of an In-Vehicle Infotainment (IVI) open-source development platform.
The Automotive Working Group is advancing on the Recommendation Track the W3C Vehicle Information API, which aims to enable connectivity through in-vehicle infotainment systems and vehicle data access protocols and can be leveraged by web applications running on mobile devices that access the data resources of a connected passenger vehicle. A companion, the Vehicle Data API, defines a standard for Vehicle Data which might be available in a vehicle.
The group is now engaging with different stakeholders and consumer groups in addressing data rights, and has established a Privacy and Security Task Force for Automotive.
The Automotive and Web Platform Business Group, formed back in 2013, is pursuing work on a Location-Based Services API, and has handed use cases for automotive Media Tuner needs to the TV Control API Community Group. A draft charter for a TV Control Working Group is in the work.
The Open Web Platform helps reduce costs and complexity by replacing multiple proprietary approaches with a simplified global solution. Web applications built for vehicles using smartphones or embedded solutions are delivered as products or services. Areas where the Web can help auto:
W3C continues to explore this emerging industry vertical. The September 2015 Digital Marketing workshop identified three streams of work:
A draft Digital Advertising Interest Group seeks to provide a forum for technical discussions to identify Advertising use cases and requirements to achieve a simpler, more direct, dependable, and reliable model to deliver and measure ads on the web. An Incentives Interest Group would address web-based customer relations, improving the ability to customize loyalty programs and offers, responsive to users' privacy and purchasing interests.
W3C is considering an e-Commerce W3C Workshop later in 2016. Consumer purchasing behaviour is shifting to mobile and the revenue generated by advertising or functionality or entertainment in exchange for a purchase price, is dwarfed by the quantity of e-Commerce transactions being conducted through mobile applications.
To change the way books, magazines and journals are created and published, the Digital Publishing Interest Group is continuing work on Portable Web Publications, having issued several drafts of Portable Web Publications for the Open Web Platform —a vision for the future of digital publishing that achieves full convergence between online and offline documents— and has set up task forces on archiving and locators. The group collaborates with the ARIA Working Group for accessibility concerns, and the CSS Working Group on various issues related to the needs of the Digital Publishing Community.
The industry and the Consortium choice is to enhance HTML to be capable of playing video content without the help of plug-in video players, streaming technologies over HTTP such as Dynamic Adaptive Streaming over HTTP (DASH) has rapidly emerged in the industry. W3C took to develop two HTML5 extensions to enable UAs to play such streams.
These extensions are essential to meet the industry requirements for video content delivery on the Web, by providing Web apps with more flexible control over video content, which enable advanced services such as dynamic ad-insertion.
HTML Media, core media features of Web platform, is developed in HTML (Media Extensions) Working Group, previously called the HTML Working Group, while new features of core Web standards are crafted in Web Platform Working Group.
Web content is available on an ever expanding array of devices including eBook readers, phones, tablets, laptops, auto displays, and electronic billboards, and there are a variety of mechanisms that allow these devices to use secondary display screens available in the local environment, attached by wired connections or remotely with wireless, peer-to-peer media. However, in most cases, lower layers such as OS provide those connection mechanisms, which Web apps, consequently, have no access and control over. Web apps should be capable of implementing services which cover scenarios such as using a big screen device to watch a movie selected on and streamed from a smartphone are getting more common as OTT services like Netflix emerge.
The Second Screen Working Group aims at defining simple APIs that allow web applications to show and control web content on one or more secondary displays. Some of the group's work is incubated in the Second Screen Community Group.
The Cloud Browser Task
Force, a subset of the Web and TV Interest
Group, discusses support for web browser technology within devices such as
HDMI dongles and lightweight STBs.
New cloud browser Runtime Environments (RTEs) require the definition of APIs that would enable communication between the cloud browser and the client. The Task Force will look into use cases, requirements and gaps in cloud UI architectures.
Thanks to the international and interdependent standards developed by global organizations including W3C, IETF, IEEE, CEA, SMPTE, MPEG, etc. the Internet-based or Web-based video content delivery services are expanding in the entertainment content market. Because of the distributed and sometime ad-hoc nature of the efforts, there is a need to go back to use cases: capture existing use cases, analyze them, and enhance them to further develop new standards for better services.
The GGIF Task Force, a subset of the Web and TV Interest Group, discusses the end to end Internet digital video ecosystem, focusing on all phases of the video life cycle: Capture-Edit-Package-Distribute-Find-Watch for both professional and non-professional digital video, and will identify recommended standards and features that could be developed.
In 2014, The Web and TV IG launched the TV Control API Community Group to create a draft specification about APIs that make Web apps capable of accessing TV tuners and other broadcasting resources. TV sets are another major type of devices which use HTML5 as its run-time engine. Some regional SDOs have created HTML5-based run-time engines for their TV specs by expanding HTML5 in their space. This caused a fragmentation of Web apps on TV. TV-like user interfaces are still common on big screen devices, thus it is useful to provide generic APIs to easily create such UIs in an underlying-layer-agnostic way.
In 2015, The Web and TV IG launched the Multi-device Timing Community Group to a create draft specification that defines a common, multi-device, timing mechanism and a practical programming model e.g. to allow Web apps to synchronize the playback of multiple streams on multiple devices. Timing mechanisms allow operations to be executed at the correct time. The Web already has several mechanisms, some of which may be custom, and the Web lacks support for multi-device timing. More generally, multi-device timing has wide utility in communication, collaboration and multi-screen presentation.
Multi-device timing is particularly important for the broadcasting industry, as it is the key enabler for web-based secondary device offerings. This mechanism would also improve accessibility of the Web media content. For example, third party can easily provide additional audio track, such as Clean Audio.
Telecommunication remains the largest vertical represented in W3C Membership; the recent addition of Japan-based Softbank (which also owns Sprint in the US) strengthens further this representation. The W3C agenda continues to support important challenges and opportunities that emerge from the telco industry.
The Internet of Things (IoT) could be the next driver on the Internet, provided we have a model which makes broad sharing available for it. IoT refers to services for connected sensors and actuators. Juniper Research expects the number of IoT connected devices to rise to 38.5 billion in 2020 (from 13.4 billion in 2015). Gartner expects a huge business potential and predicts the aggregate benefits forecast to be $1.9 trillion across sectors in 2020.
Today's architectures and initial implementations tend to be silo-ed. There are standards at the physical layer but insufficient interoperability at the higher layers. The Web of Things (WoT) defines a Web-based interoperability layer on top of existing IoT platforms, using a uniform approach to semantics and metadata, thus countering fragmentation and fostering the business potential currently held back due to incompatible platforms and a bewildering range of protocols.
For example, a person's watch (as an IoT device) will want to participate in IoT wearable applications (since it is worn), IoT medical applications (as it takes one's pulse and links into personal medical information), IoT Smart Homes (used to control the home), IoT Smart Cities (as the municipal infrastructure relies on data about weather and traffic), and IoT Smart Factories (to track its usage and condition). But to participate across all silos, and for applications to be built which leverage all silos requires common data models, metadata, and an interoperable layered model.
The Web of Thing model complements IoT by providing a higher level interoperability layer above IoT. W3C is unique in tackling the Internet of Things from the perspective of application developers, with an approach that frees you from the complexities of the protocols and communication patterns — these can be chosen to match the specific needs for each context.
E-commerce is growing as a proportion of all commerce. According to Forrester, the web in 2018 will account for 11% of total retail sales, up from 8% in 2013. However, a number of challenges are limiting the potential of E-commerce, such as fraud losses, user expectations in particular with mobile device usage, technology (Biometrics, Web of Things, Automotive advances, and NFC adoption), regulation.
The historic dichotomy between the design point of the Web and how it is used by merchants is striking. The Web is user-centric. It is designed to connect humanity to information. e-Commerce has historically been merchant-centric. A merchant makes their product available on their site for a customer to come in and buy.
But e-Commerce has changed. In today's omni-channel model, the customer is in charge. They receive information from social media and recommendation websites. They combine in-store with on-line; and expect service from laptop and mobile. There are enormous changes and more flexibility in payment methods. Users are looking and finding the best deal and most importantly the best overall experience.
The underlying payment and e-commerce infrastructure will be "web-like". In addition to connecting humanity to information, we will better connect humanity with their economic potential.
The work on Web components (Custom Elements, Shadow DOM, HTML imports) is closer to completion and getting broader consensus around some of the Core issues. This brings us closer to a reality when developers will be able to provide their own custom HTML elements, as components.
We are also ensuring that Web applications are able to be behave like real applications. The Core of this work happens around the Service Workers effort, to enable offline support, application lifecycles (such as install, update), and background tasks (offline notification). This allows the application to install properly and ensure from the start that the needed resources are available offline.
The Web Platform Working Group also announced a new plan in order to maintain the HTML specification. The specification was moved to GitHub and transformed to facilitate its edition, in order to promote the widest participation possible.
We encourage the community at large to contribute and help the maintenance of the specification. The focus is on making changes to promote interoperability to produce a new Recommendation. New features are encouraged to go through an incubation phase before being brought to the Working Group, in order to demonstrate buy-in from a sizeable community.
The group is on track to deliver a Recommendation for HTML 5.1 this year, with a working approach that will make it possible to deliver a further improved HTML Recommendation in another year or two. Read the Web Platform Working Group co-chairs's invitation to get involved and make sure the development of HTML continues to reflect the needs and goals of the broad community.
The CSS Working Group is continuing its refinement and progress of the CSS language. The definition for the current state of CSS was updated with the publication of the CSS Snapshot 2015 document. Its primary audience is CSS implementers, not CSS authors, as this definition includes modules by specification stability, not Web browser adoption rate.
While continuing its work on the TTML Text and Image Profiles for Internet Media Subtitles and Captions, known as IMSC, the work of the Working Group received an Emmy Â® Award for Standards Work on Accessible Video Captioning and Subtitles. The award recognizes W3C's Timed Text Markup Language (TTML) standard that helps ensure that the needs of people with disabilities, particularly people who are deaf or hard of hearing, are addressed. This work, begun in WAI, enables online captioning, which is critically important to ensure accessibility of TV and video on the web for people who are deaf and hard of hearing. In recent years with the convergence of traditional media and the Web, more video content from television is coming to the Web, and the Web is now running on televisions. TTML helps to bridge these worlds.
Fewer than one third of current Web users speak English as their native language and that proportion will continue to decrease as the Web reaches more and more communities of limited English proficiency. If the Web is to live up to the "World Wide" portion of its name, it must support the needs of world-wide users at a basic level as they engage with content in the various languages. The W3C Internationalization activities pursue this goal in various ways, including coordination with other organizations, creation of educational materials, coordination on the work of other W3C groups, gathering user requirements, and technical work itself on various topics:
Work is moving forward slowly but steadily on specifying layout and typographic requirements (see Layout & typography). The major new initiative to standardize Mongolian variant forms in Unicode which is using Internationalization activity lists is now nearing completion. Many of the world's top Mongolian font experts are collaborating in this effort. Recommendations are being taken to the Unicode Technical Committee.
We are also working with browser developers to facilitate the implement of isolation for the dir attribute, which will significantly improve support for bidirectional text on the Web (eg. for Arabic, Hebrew, Thaana, etc).
We continued again in liaison with OASIS the work on have the Internationalization Tag Set (ITS) 2.0 specification available natively in XLIFF. This work will be documented in XLIFF 2.1, so that XLIFF tools conformant to the related XLIFF 2.1 module will understand ITS natively. This work should be completed in Q1-Q2 2016 and help the adoption of Web technologies in the localization realm a lot.
Work on linguistic linked data continues in various community groups. The BPMLOD CG published various guidelines for converting existing data into linguistic linked data resources. This conversion helps to foster cross-lingual access on the Web.
The group continues to maintain and add to its collection of articles for content developers, helping them understand and work with internationalization-related features of the Web. See the list of techniques index for authoring HTML and CSS content, which points to resources on a task-by-task basis.
Internationalization groups participants also deliver talks and seminars to raise awareness about Multilingual Web and encourage participation in the work at the W3C. They spoke about their work at the Internationalization & Unicode Conference in Santa Clara, last October. In February, they were part of a Unicode workshop in Oman. It is expected that this will widen awareness of and support for work on typographic support in the Web Platform for non-Latin scripts.
Support for internationalization content and the user forum was also provided for the HTML5 Mooc course run by the W3C.
Authoring Tool Accessibility Guidelines (ATAG) 2.0, which is a W3C Recommendation, helps authoring tool developers support more efficient production of accessible content and as well as interfaces that work better for web authors with disabilities and older users. Benefits which authoring tools that conform to ATAG 2.0 provide for developers of websites and web content are outlined in ATAG at a Glance.
User Agent Accessibility Guidelines (UAAG) 2.0 is now a completed Working Group Note, and provides help for developers of browsers, browser extensions, mobile applications and eReaders interested in providing a more consistent level of support for the needs of people with disabilities and older users. UAAG Reference: Explanations, Examples, and Resources is an implementation guide for UAAG 2.0.
The flagship Web Content Accessibility Guidelines (WCAG) 2.0 have been stable and widely used internationally since 2008. The WCAG Working Group is currently exploring several potential areas of new guidance, including in the areas of mobile accessibility, cognitive and learning accessibility, and low vision accessibility.
Potential future work on combined guidelines across the areas of web content and applications, user agents, and authoring tools is also under exploration.
Work on Accessibility Rich Internet Applications (ARIA) has moved to a dedicated group (the ARIA WG) and is developing new features in ARIA 1.0. The ARIA Project Plan shows progress on a full suite of ARIA documents, and Accessibility API Mapping (AAM) documents.
Accessibility reviews of W3C specifications are proceeding in the Accessible Platform Architectures (APA) Working Group. New participants interested in reviewing accessibility support in W3C specifications are welcome.
The W3Cx, a MOOC training program, started in June 2015. Since then, over 200K people enrolled in 3 W3Cx courses (2 editions of HTML5 Part 1 and 1 edition of HTML5 Part 2).
HTML5 Part 1 is listed as the 3rd most popular course on edX. We collected excellent feedback from the students both with regard to the quality of the course content but also the fact that it comes from W3C.
W3C training program is multi-tier:
W3C is involved in liaisons and coordination with numerous organizations and SDOs to:
Ongoing work at the government liaison level, includes ensuring our standards work is officially recognized so that products based on them (often done by our members) are part of procurement orders.
We have ARO/PAS status with ISO; WCAG 2 became ISO/IEC 40500; MathML became ISO/IEC 40314 (for Pi).
In Internet Governance, W3C participates in ICANN, NETmundial Initiative, GIPO, to name a few. Last October, we gave ICANN our input on the New gTLD Auction Proceeds Discussion Paper.
The Team is considering the following Headlights 2016:
As announced to W3C Members early March, we are planning the next Advisory Board election in May. The following seats are up for election:
All terms are for two years and will start 1 July 2016. Continuing AB participants are Michael Champion (Microsoft), Charles McCathie Nevile (Yandex), Chris Wilson (Google) and Judy Zhu (Alibaba), with terms ending at the end of June 2017.
Follow AB projects in the AB Priorities for 2016:
As announced last January, the W3C Advisory Committee elected the following people to the Technical Architecture Group:
Both terms are to two years and started in February 2016. Continuing TAG participants, including to the co-Chairs Tim Berners-Lee, Daniel Appelquist (W3C Invited Expert) and Peter Linss (HP), are Travis Leithead (Microsoft), Mark Nottingham (Akamai), Alex Russell (Google), and Hadley Beeman (W3C Invited Expert). The term of Yan Zhu (formerly with Yahoo!) ended late January.
After the July 2015 face-to-face meeting two findings were published:
The next big thing has always been our major area of focus —true to our mission to lead the Web to its full potential— strengthening the core, exploring and innovating to eventually expand it. We look at new application areas, features and services, and watch out for the time they are so pervasively used as services by other applications, that the 'next generation' of the platform must subsume some of those features.
Seven candidates bear the potential of growing the capability of the core Open Web Platform. We plan to have a dialog with the Membership at the March 2016 Advisory Committee meeting about viewpoint for this important topic.
The next big thing, now that HTML5 has shipped, is a truly extensible Web and Web applications that behave like real applications. Web extensibility means streamlined application development, simplified testing, better characterization of the core capabilities. The goals look towards reuse, encapsulation, composition, cleaner code. This is what Web Components (HTML) and work in the Houdini task force (CSS Working Group and Technical Architecture Group) are focusing on. For true Web Applications, the time has come to beef up the Service Worker framework by improving the cache model for offline status, allowing lifecycle management (for install and upgrade) as well as the much desired background processing.
Web security is a key problems of our time as contemporary disruptions such as data theft, malware threats and pervasive surveillance have shown, and as the Open Web Platform continues to grow increasingly more powerful and as millions of hardware devices of the Internet of Things come online, trust and security are required more than ever. The work in Web Crypto, Web application security and Web Authentication is in a position to address Web security.
The Open Web Platform allows for rich, interactive, cross-platform applications. Real-time conversations are a big thing in life. WebRTC is our initial bid to expand world-class real-time communication services to any connected devices on any network. As we look at WebRTC.next, upcoming work is on microphone and camera access, and recording. We have to think also how to factor in that work the recent advancements in augmented and virtual reality (see further down.)
The standards for the next wave of e-Commerce will be safe, and streamlined. With a potential of 1.5 trillion USD annually and having evolved from merchant-centric to customer-centric, the e-Commerce of today is a Web-like experience. It follows an omni-channel model where customers combine in-store and on-line, from laptop or mobile, and where flexibility and security in payment methods are required. From representation of payment flows to the payments initiation architecture, W3C standards expand the capabilities, performance, and interoperability of the Open Web Platform so that the Web better connects humanity with their economic potential.
There is a vertical industry at least in each of our horizontal key activities to bring the Open Web Platform to its full potential.More than 50% of W3C Members joined in 2011 to participate in a specific Vertical, driven by the need to fulfill business promises, and address challenges specific to the Web in a global and inclusive way. As this intensifies, is it indeed our next big thing?
The number of connected devices is rising. Juniper research estimates that number to rise to 38.5 billion in 2020 (from 13.4 billion in 2015.) The Web of Things is the interoperability layer that sits on top of Internet of Things platforms, breaking the silos and enabling an open market of things. W3C's key value proposition is in the area of semantics and metadata where a scalable web-based framework will be vitally important to enabling interoperability. The Web is fueling transition from costly monolithic software to open markets of apps.
Web and Virtual Reality is a project in the W3C's Headlights 2016 exercise —where W3C staff identifies potential directions for W3C. As Virtual Reality product and solutions are gaining momentum, we should make sure we understand if and how the Web can play a role in this space, and chart the standardization needs that emerge from it. The applications are massive: games, social, entertainment, Engineering, training, e-Commerce, real-estate, tourism, journalism, etc. Known gaps include codecs, HTML integration, streaming Web audio, 3D rendering, movement detection and so forth.
The Web is the most interoperable platform in history. It is transforming Industry and industries are transforming the Open Web Platform. It behooves W3C to continue to extend the Web capabilities, raise the platform to a higher standard of security, make it robust, and powerful for distributed applications and easier to use for developers.
The Web, which started as a progressive platform for all humanity, has evolved to be a set of highly useful tools and services. Through our outreach to the digital publishing, automotive, entertainment and telecommunications industries, we are working with the Web community in transforming the Web and enabling it based on how these communities are using the technology and what they need. Through liaisons, developer relations, and growing W3C Membership, we continue to strengthen our bonds with these industries and foster greater interoperability. The growing W3C community is well-positioned to guide the next wave of technology development and to take a leadership role in extending the Open Web Platform to empower and connect humanity in ways that evolves with humanity.