Participating at W3C’s TPAC 2009

This week the W3C holds its annual Technical Plenary and Advisory Committee meeting (TPAC 2009). There will be about a dozen people from the IE team participating and this is a valuable opportunity to continue working together with other W3C members on the next generation of web standards. High quality specifications that improve interoperability between browsers are important. Our goal is to help ensure these new standards work well for web developers and will work well in future versions of IE.

We will participate in a number of browser related working group meetings including accessibility, CSS and HTML sessions. For many groups, this is the only face to face time participants will get and so this is a perfect time to put faces to email addresses. Held in Santa Clara, California this year, the close proximity to many of the companies involved in the W3C means a large number of attendees is expected.

Over the last few months, some of us in the IE team have been working through the HTML5 working draft reviewing the specification text. It is interesting to exchange ideas and help the specification become clearer and I am looking forward to seeing many of the people involved again. There has been a long discussion about the submission we made to the HTML working group about distributed extensibility. Tony Ross, the author of our discussion document, will be participating in a panel on extensibility with Jonas Sicking from Mozilla on Wednesday.

Eliot Graff, a lead technical editor for IE, who is helping edit an updated draft of the Canvas API document that Doug Schepers started will also be at the HTML working group meeting this week.

Kris Krueger, one of our lead test managers, has volunteered to help the newly formed Testing Task Force within the HTML working group. Having a comprehensive test suite that thoroughly tests a specification is a key step to ensuring implementations interoperate successfully. Kris will be taking part in the HTML working group meeting on Thursday and Friday.

Paul Cotton, who was recently appointed as a co-chair of the HTML working group as Chris Wilson changed his focus to programmability in the web platform, will also be with us at the TPAC to help the overall work.

On Thursday, the W3C has organised a Developer Gathering for web and application developers who don’t normally participate in the W3C to join discussions about web standards. In my experience the participation of web developers is extremely important to check the overall ease of use of the specifications and APIs being proposed as standards.  One of our program managers, Sylvain Galineau, will be amongst the CSS Strike Force presenting CSS demos.

I don’t have room in this short blog post to mention everyone who will be involved this week but I’ve tried to give a flavour for the work that we will be participating in. Above all, it’s fun to hang out with people you mostly see only by email so there will be lots of hallway conversations and debates over lunch or dinner. I can’t wait.

Adrian Bateman
Program Manager

Comments (54)

  1. Anonymous says:

    This time around next year IE’s market share will be under 50%. Why do think that’s is happening? IE reminds me of American cars, you know how that story goes.

  2. Anonymous says:

    I really want to hear the real progress about IE

  3. Anonymous says:

    This is a test for posting comment with PIMShell

  4. Justin says:

    I know I’m crazy for asking about this, but any word on if you guys and the other browser teams are going to meet up and talk about standardizations?

    Things are slowly getting better, but they’re not there yet.

  5. Jon says:

    Justin– W3C summits are all about standards. Other browsers are members as well.

  6. geld lenen says:

    The dream of any webdesigner: one browser 😉

  7. SquareWheel says:

    Not necessarily one browser, but a solid standard.  Microsoft needs to conform to these standards, even Apple’s Safari does.

  8. Thanks for letting us know you folks are around and tinkering away. While new standard support would be great existing standards that aren’t yet supported yet are beyond needed it years ago such as XHTML. Web 3.0 is about the web transitioning to the role of applications and for that to happen they need to act like applications and fail like applications. This is the only major thing I can’t implement a reliable work around (e.g. application/xml / W3C bot issue) in IE. Any way I hope the meeting is productive and that we hear more from you folks at least on occasion between now and the first IE9 beta. 🙂

  9. adil says:

    One browser, but a solid standard.

    That’s what we want when we work.

  10. Mike says:

    Lets hope things can move forward quickly!

  11. Rob Parsons says:

    Registration closed 10/29.


    A timely blog post may have generated more interest. Regards.

  12. Jon says:

    Is the W3C even relevant to HTML 5 though? As I understand it, the W3C HTML 5 spec simply tracks whatever the WHATWG puts out, which is controlled by Google’s Ian Hickson, and they haven’t shown much interest in the W3C, except as a rubber stamp for whatever they decide.

  13. billybob says:

    Distributed Extensibility is not going to help with a common standard.  It looks like it will just be abused to create a special .NET compatible IE-only websites.  I think we have all had more than enough or browser-specific code to last a lifetime.

    I think I speak for most developers when I say you should concentrate on existing standards before creating your own.

  14. marc says:

    Just get more than 20 points in the ACID 3 test3 and we ( web developers and users ) will be happy!

    The others browsers are getting near 100 points.

    IE, support standards now !!!! forget about meetings and "canapes"

  15. larry says:

    Based on this post – does this mean that there is a glimmer of hope that CANVAS will be supported natively in IE{Next} (presuming IE9)

    It isn’t quite the SVG support we’ve wanted – but I would gladly take any support of an open vector graphic standard in IE.

  16. 8675309 says:

    would be nice to see true canvas support to play games like hullbreach online but i doubt that will happen & that google code project is a joke since its only for implementing it on the server side not the client side

  17. Matthew David says:

    I am looking forward to the Microsoft team fully embracing the HTML5 development debate. It will be interesting to see if you step in and merely support existing HTML5 definitions (new elements, attributes, CSS3, SVG/Canvas, Web Workers, GeoLocation and Local Storage) or take a lead in other technologies such as MathML.

    How will you handle VIDEO support of H.264/Theora and CANVAS competing against your own technologies?

  18. orlando says:


    "the WHATWG puts out, which is controlled by Google’s Ian Hickson"


  19. Olivier says:

    @orlando : you’re wrong : "Queries should be directed either to the mailing list or to Ian Hickson, who is acting as a spokesman for the group".

    But there’s also the other clown (DH), the one from apple.

    I hope Microsoft will continue the development of XHTML 2.0 which is much more promising then HTML5.

  20. orlando says:


    there is a charter who have the authority to override or replace Hickson decisions.

    XHTML 2.0 is almost dead:

  21. Erik says:

    @billybob: "Decentralized extensibility" has nothing to do with ".net".  See section #5 of for discussion.

  22. Is there a chance to get a public preview build of your current work?

    Talking about standards is good, but seeing where you go is much better.

  23. brent says:

    All we ask is that when you implement the various methods and properties in the Canvas API that you implement them *EXACTLY* as they are specified.

    If a method takes a string ID, you will match only on a string ID – no funky magic matching parameters etc.

    There also should be no dependency on ActiveX or similar as I’m not turning that back on to achieve a usable 2D graphics API in IE.

    Yeah… we are passionate about this.

  24. EdgeTech says:

    Thanks for supporting open industry standards, as these critical for continued web, IE & cloud efforts.

  25. billybob says:

    @Erik – AFAIR Something similar to "Distributed Extensibility" IN HTML was used by Word and possibly .NET libraries.

    XML is supposed to be extensible, HTML is not.  The difference is that HTML is used for display whereas XML is used for data.  In XML it does not matter if there is a tag called x:br, but only Microsoft will know exactly how to render it.

    If Distributed Extensibility was added to HTML5 then Microsoft could use it to add undocumented, proprietary features to the web (again).  My guess is that the 2 biggest spreaders of this disease will be Office and .NET libraries for the clueless.

  26. Jon says:

    "billybob": After someone has pointed out that you don’t know what you’re talking about, the smart thing to do is to either apologize, or just stop typing.

  27. marc says:

    @jon and @Adrian Bateman

    Please read carefully the HTML 5 specification (*):

    "2.2.2 Extensibility

    Vendor-specific proprietary extensions to this specification are strongly _discouraged_. Documents must not use such extensions, as doing so reduces interoperability and fragments the user base, allowing only users of specific user agents to access the content in question."

    If vendor-specific markup extensions are needed, they should be done using XML"

    (emphasis mine)

    Thank you


  28. Jon R says:


    "there is a charter who have the authority to override or replace Hickson decisions."

    Have you read the charter? Nobody has the authority to override the editor. I refer you in particular to the following:

    "Each document shall have an assigned editor. Editors should reflect the consensus opinion of the working group when writing their specifications, but it is the document editor’s responsibility to break deadlocks when the working group cannot come to an agreement on an issue."

    So, Hickson must reflect the consensus of the group opinion of the workgroup, but he has the final say on anything there isn’t 100% agreement about. And since Hickson himself is a member of the workgroup, anything he doesn’t agree with does not have a consensus, and he has the authority to break the "deadlock" by doing whatever he wants.


    David Hyatt is not an editor of the WHATWG spec, only the W3C one, which tracks the WHATWG one anyway, making his position somewhat pointless.

  29. adrianba [MSFT] says:

    @Jon: "Is the W3C even relevant to HTML 5 though?"

    I think the W3C is very relevant. It continues to be a place with a strong web community discussing a variety of related standards, not just the HTML5 spec.

    The W3C HTML working group mailing list is very active:

  30. adrianba [MSFT] says:

    @billybob: "I think we have all had more than enough or browser-specific code to last a lifetime."

    Do you think that JavaScript libraries should be allowed that enable HTML annotations to provide a declarative syntax for wiring up library controls? For example, a calendar control or the ability to do data-binding without writing code? This is one of the scenarios that we think is important.

  31. Retro says:

    @adrianba Not unless the specs for those control syntaxes and annotations were formally submitted to the W3C without the requirement of a browser-specific environment.  If this technology really is good, then other browser developers ought to be able to implement it as well.  I don’t see you folks implementing XForms or the new HTML5 form elements any time soon, so I don’t think I’m wrong to be sceptical about this effort.

  32. Ben says:

    "Retro", you are completely missing the point. If the generic extension syntax is part of the standard (and it should be) then JavaScript itself could take advantage of it to simplify functionality, and that functionality would be cross-browser compatible.

    JQuery and other libraries work sorta like this today, and it’s generally agreed that this is a very valuable thing.

  33. Greg says:

    Please insist on complexity levels in the new HTML/web standard.  This already is done with modern video formats (h264) so that one can produce a device that supports standard X complexity level 4.

    This is one of the largest problems when developing web pages for the mobile device market.

    The client browser device should be able to tell the server what html standard it supports and what complexity level within that standard it supports.

    This gets developers, tool vendors, etc. out of the market of coding for specific browsers and specific versions of those browsers.

  34. Jens says:

    One browser but a very solid standard.

    That is what we want al if we work.

  35. adrianba [MSFT] says:

    @Retro: "If this technology really is good, then other browser developers ought to be able to implement it as well."

    Are you suggesting that before you personally are allowed to write JavaScript that enumerates custom attributes on just your web site that you need to write up a spec and submit it to a standards body so other people could also do the same thing? That doesn’t seem very scalable. As Ben says, I think a generic extensibility mechanism that supports this in a conforming way is valuable.

  36. Retro says:

    @Ben It’s not just about the extensibility spec itself – it’s about the extensions too.

    Distributed extensibility is only useful if the people who develop extensions produce public, open specs that are detailed enough for everyone else to implement so that it works as effectively and correctly as the reference implementation.  Also, these extension specs ought to be available to be reviewed by people who did not initially create them.

    It might just be me, but I don’t think that Microsoft will be very keen on letting people outside MS review and propose changes to their extensions, and I’m not holding out much hope either that they’ll let people implement their native widgets and bindings using open technologies either unless they go down the same sort of route that Mono is going down.

  37. jim says:

    Off topic – but highly relevant:

    With Windows 7 being officially released recently a whole new supported platform enters the mix for Web Developers.

    We realize that Windows 7 doesn’t look like Windows XP etc. however there are many questions about how different IE8 renders/interacts with web content compared to IE8 on XP (or Vista).

    I don’t currently have budget to go out and buy a brand new PC with Windows 7 in order to test my pages at the moment but I certainly do want to know how it compares.

    Question 1.)

    Are there any VPC images of Win7 that we can get access to for testing?

    Question 2.)

    Are there any known differences that we should be aware of as developers?

    I realize that the userAgent string will be slightly different, but beyond that? E.g. are there any enhanced printing features/changes? Bookmarking restrictions/improvements?

    I also realize that chrome features may have changed… "typical" scrollbars in XP were 17px wide, ditto with Vista… has this changed in Win7?


  38. martin says:

    I don’t think it matters how much MSFT and IE fanboys bark about security with Google Frame.  All end users and the web development community is going to focus on is 3 things:

    1.) IE8 runs 10x faster with Google Chrome Frame plugin installed:

    2.) HTML5 items beyond the default IE8 items now supported

    3.) IE6 rendering pains are out the window!

    10x faster!  Just goes to show you how slow IE8 really is!

  39. i luv ie says:

    Be sure to teach those other losers a thing or two about security.  The Internet would be a much safer place if they’d get their heads together and follow your lead.  C’mon, if you can’t trust the largest software company in the world to provide secure products, then who can you trust?  Take control and help get those other browsers up to speed.

  40. Olivier says:

    @orlando : I really hope XHTML2 isn’t dead :

    And from : : "codify everything in use on the net, everywhere, no matter how broken, as long as Hixie has seen it at least once and thinks it is useful", so I really hope Ian Hickson will discover all the features of "jodi DOT org" domain and subdomains ( ), then HTML5 will be even worse than now.

    BTW : the captcha on the blogs from are very annoying. Yesterday the image couldn’t get displayed, today it’s working again…

  41. Olivier says:

    @martin : most people here are probably webdevelopers, so what’s the point in using the Chrome Frame ? We want to render webpages like IE8, if we want tot try the Chrome rendering, we’ll use Chrome.

    And you forget the main "feature" of the Chrome Frame : 10x more security flaws, great !

  42. Mark says:

    <<IE8 runs 10x faster with Google Chrome Frame plugin installed>>

    That statement is incorrect.

    A correct statement would be:

    "The raw JavaScript execution performance of microbenchmarks which do not interact with the DOM is ~10x faster when that JavaScript is running inside a frame that is rendered with ChromeFrame*.  *=Not including the performance cost of loading ChromeFrame to begin with, the performance cost of communicating out of ChromeFrame to the rest of the document, etc."

    As shown when IE8 shipped, performance is about a LOT more than microbenchmarks of JavaScript.

  43. win7enthusiast says:

    I think Google made a great mistake by making Chrome Frame simply because Chrome Frame makes IE the new Google Chrome, there is just no point having Google Chrome around anymore.

    In case anyone asks, I already told them (I can’t remember how).

  44. Greg says:

    IE8 developer tools bug – please fix:

     a) load IE8

     b) navigate to a web page

     c) hit F12 to load dev tools

     d) dev tools window does not show up

     e) right click on dev tools taskbar button select maximize — dev tools window shows up

    The dev tools window does not handle negative upper left hand corners of a 2 monitor display

    It is set to OFF OF THE SCREEN and NOT VISIBLE if you have 2 monitors with the 2nd monitor on the left and the 1st monitor on the right.

    Cascade, tile winodws, etc does not help.  

    You can test the coordinate scheme by loading a cmd.exe window and selecting properties from the context menu.  Move the dos window on each monitor and test this. It has -1279 for my 1280×1152 display.

  45. 8675309 says:

    what would be nice is to see if they improve ie6on6

  46. Jon R says:

    The performance/security advantages of Chrome Frame are immaterial, the simple fact is that it is wrong, and evil, for browser makers to start releasing products that hijack core functionality (e.g. HTML rendering) of their competitors software. If you disagree with this, let me ask you something, how would you have reacted if, instead of Google releasing Chrome Frame, Microsoft had released "IE Frame", which plugged into Chrome and Firefox and started using Trident to render content? I think I know: People would have out with torches and pitchforks, screaming about anti-competitive behaviour.

    I share the frustration everyone involved in the web feels, including  the current IE team I’m sure, about the market share of IE6, but Chrome Frame is not the answer.

  47. boen_robot says:

    @Jon R

    Actually, as far as IE-in-Firefox is concerned, there are already a few Firefox add-ons called "IE Tab" that let Trident run in Firefox. When Chrome has support for extensions, assuming those extensions could use the same things that Firefox extensions may, it’s likely we’ll have something similar for it.

    As far as reactions go, IE haters love it, because it means they don’t have to open IE if a page doesn’t work well in Firefox. They just click the rendering switch, and see their page. Trident remains active until the user clicks on the rendering switch again. IE lovers (a.k.a. newbies) don’t mind it, because it "just works".

    I think there’s also a great misconception about the way IE add-ons work and how Firefox add-ons work.

    AFAIK, Firefox add-ons are sandboxed. If you have a security issue, it will usually be in a "minor" form that can be eliminated by the uninstallation of the "malware". In rare circumstances, it could be a flaw in Firefox itself that you need to target in order to break out of this sandboxing.

    AFAIK, IE add-ons are not sandboxed. They do everything the invoking IE instance is allowed to do. This gives them much more power than any Firefox extension, but also gives them much more responsibilities, including security. A "malware" IE add-on is "malware" to the whole system in all cases.

    In order for Chrome Frame to create a security issue, all a hacker needs to do is target Chrome Frame *or* IE, not Chrome Frame *and* IE. A flaw in Chrome may not be a flaw in Chrome Frame, but a flaw in Chrome Frame alone is enough, and since Chrome Frame is a set of many engines, a flaw in any one of them *could* escalate up to Chrome Frame, at which point it is a problem for the end user.

  48. larry says:

    @boen: You’re sorta missing Jon’s point. IETab doesn’t allow a *website* to say “Render me in IETab”… that’s up to the *user*. That’s in significant contrast to ChromeFrame.  But… it’s in line with the Google design philosophy, where the web site/service’s desires trump the user’s desires. (Privacy, anyone?)

    Your assumption about Firefox add-ons being sandboxed is completely incorrect. There’s no sandboxing of Firefox add-ons; FF’s chrome extensions can write to any part of your user-profile, and hence can install malware. Several such extensions have been encountered over the years, although they’re flagged and taken down pretty quickly when posted on the main add-on site. There were two talks about this topic at DefCon last summer, IIRC.

    In contrast, IE add-ons ARE sandboxed (by Protected Mode) at runtime, which means that vulnerabilities in add-ons are not able to write to the user-account. However, IE addons are initially installed using a process that runs outside of the sandbox (needed for compatibility) which is why it’s important for Defender/SmartScreen to block install of truly evil add-ons because the installer runs with high trust.

  49. Mitch 74 says:

    @boen_robot: what you’re saying used to be true (IE 6), as IE addons are essentially ActiveX controls that run inside the browser – and ActiveX in IE 6 ran with the user’s privileges. Since IE 6/ActiveX couldn’t be used when under a limited account, even those versions of Windows that allowed ‘limited’ users (2000, XP) had to make use of Administrator accounts.

    Meaning that an add-on had administrative access to the system.

    In IE 7/Vista, there was a special mode that effectively sandboxed IE from the rest of the OS: you could finally run IE as a user-level process, without granting your add-on full administrator capabilities. This was somewhat backported to XP, and expanded with IE 8 where each tab is essentially sandboxed (but the sandbox really only works as intended on Vista and 7).

    Firefox, on the other hand, has always been a user-level process: it can do as much as the user can, no more no less. Of course, the fact that it’s under heavy scrutiny and enjoys a fast review process means that abusing its own internal checks isn’t so easy any more (it’s still possible – as it is with IE for those plugins that don’t take well to sandboxing, and that create a hole in the sandbox’s walls).

    However, you can run it full strength on a limited user account – meaning that if said user account is wiped clean after log off, whatever program that tried to infect Firefox got removed too.

    Essentially, what does it mean?

    – On Windows, if you always browse the Web with full Administrator rights, you’ll be somewhat safer with IE 8, provided you have no extension loaded (I’m loathe to mention Flash, which is supported by Microsoft, but doesn’t, as fas I know, conform to the sandbox model); in that situation, Google Frame is indeed dangerous.

    – On Windows, if you browse the Web with UAC enabled or a limited user account, both situations will be similar: whether you’re using the sandbox or not, whatever nasty comes through your browser of choice will have to ask for authorization to get jiggy with your system.

    – On other OSes (mostly POSIX ones, such as Mac OS X, Linux, xBSD and Solaris), starting a GUI in root mode will get you flashing screens, loud red wallpaper and warnings all over the place – a hint that what you’re doing is dumb. You’ll be using a ‘normal’ user account; even better, some distros now provide ‘guest’ accounts that work from a RAMdisk (simplified – actually, a RAM-hosted loopback file system), where you could get the worst virii in existence, when you log off they’re gone, never even written to disk.

  50. invalid assumption says:

    There is a significantly invalid assumption being made here regarding IE addons:

    "IE add-ons ARE sandboxed (by Protected Mode) at runtime"

    Indeed… except for 3 things.

    1.) Most users are in IE6 or IE7 (not IE8)

    2.) Most users are using Windows XP (not Vista or Win 7)

    3.) Most users are unable to upgrade to Vista or Win 7 due to I.T. dept. control & the price to upgrade 1,000’s of PCs.

    Thus the vast majority of users are not sandboxed by Protected Mode… only by whatever IE addons have by default.

  51. Larry says:

    @invalid: You might have forgotten that IE7 includes Protected Mode?

    You’re absolutely correct to note that Windows Vista and Windows 7 users have a more secure browsing experience than those using an OS built nearly a decade ago.

    @Mitch: Why do you continue to post inaccurate statements about ActiveX?  IE6 users could and still can use IE *and* run ActiveX controls in limited user accounts. Stating otherwise is incorrect.

    Neither Protected Mode nor UAC was "backported to XP" as you suggest.

    Flash is not "supported by Microsoft."  It’s supported by Adobe, the company that develops it. (Contrast vs. Silverlight, which is supported by Microsoft, because they develop it). Suggesting that Flash magically has "full administrator rights" is incorrect and again suggests that you don’t understand either Flash or UAC.

    I don’t think you really understand what POSIX is; you should go read the Wikipedia entry on it, as it’s fairly good.

  52. boen_robot says:


    Fair enough about the user vs. site owner thing. But I think the only reason it hasn’t been done is that no one really wants to switch to IE. People switch *from* it, not *to* it. If you want, you could try to do such an extension. I sure won’t, and I don’t plan on asking any developer to implement such a switch either. If you do make it, I’m sure no one will complain.

    There is some difference between "sandboxing" and least privilages policy. By "sandboxing", I really mean for the files that make up the extension be interpreted ("managed") code, not native one. Flash applications are sandboxed because they depend on the Flash player, which may or may not let them do something. Same goes for Silverlight applications and Java applets. In the case of Firefox, extensions (but not plug-ins) are written with XUL, JavaScript, and optionally with (X)HTML and CSS. Even though JavaScript provides additional APIs for extensions, fact remains that Firefox itself must interpret the XUL, JavaScript, and everything else. It could therefore (at least in theory) mitigate some of the possible attacks (though obviously, not all).

    Protected mode is about process privilages. About giving processes "low" privilages, unless the user agrees to the protected mode prompt, at which point they get "medium" privilages (i.e. the privilages of the IE process), or the UAC prompt (for Administrative privilages).

    If an IE extension is exploited, it may generate a faulty prompt, at which the user will give permission, because it’s an add-on (s)he knows. One might say that in this regard, ActiveX controls are actually *more* secure, because they run in Protected Mode and don’t give a prompt, and if you turn off Protected Mode, they run with medium privilages.

    Note: We’re talking Vista and 7. I think there’s no disagreement that XP is less secure than those, and we can ditch all security concerns when we talk about XP.

  53. Jamison says:

    I’d like to make a feature reqest (or anoying bug report).

    The print preview window for IE8 is better than IE6, but there are significant usability issues with it.

    The biggest is that I can’t use the scroll wheel to scroll pages like I can in any other printpreview control for any other application out there.  Its majorly frustrating.

    The [Page Up] / [Page Down] and [Arrow Up] / [Arrow Down] keys don’t work either – total usability nightmare.

  54. taking the hint says:

    You mention the Canvas API in the original post.  Is this just name dropping to make it sound like IE is playing the standards game or can we actually expect to look forward to seeing native Canvas in IE in the near (3yr) future?

Skip to main content