W3C Japanese Member Meeting, June 2024

Daniel Appelquist @torgo@mastodon.social

https://w3.org/tag/ | https://tag.w3.org/ (Current Work)

@tag@w3c.social

W3C TAG Logo

Technical Architecture Group Update, Discussion of ActivityPub & new “SWAG” CG

 

 

Topics and Hats for Today

TAG Update ⇦ as TAG co-chair

Discussion of ActivityPub ⇦ as a member of this community

Announcement of SWAG CG ⇦ as SWAG CG Co-chair

🧢

Technical architecture is about interfaces, system design, principles & connecting people:
cross-cutting concerns.

W3C TAG Logo

What is the TAG?

Chartered in W3C process to:

  • document and build consensus around principles of Web architecture and to interpret and clarify these principles when necessary;

  • resolve issues involving general Web architecture brought to the TAG;

  • help coordinate cross-technology architecture developments inside and outside W3C.

 

 

What does that mean?

  • Write architectural documents: findings, principles & guidelines;

  • Review new specifications & help where we can;

  • Work with others to identify key emerging topics;

  • We don't write standards.

 

 

We're on github: https://github.com/w3ctag

Follow @tag@w3c.social in the #Fediverse

Daniel Appelquist (Invited Expert) co-Chair

Matthew Atkinson (Samsung)

Hadley Beeman (Invited Expert)

Tim Berners-Lee (W3C) Emeritus Chair

Amy Guy (Digital Bazaar)

Yves Lafon (W3C) staff contact

Peter Linss  (Invited Expert) co-Chair

Dapeng (Max) Liu (Alibaba Group)

Tess O'Connor (Apple)

Martin Thomson (Mozilla)

Lea Verou (Invited Expert)

 8 elected, 3 appointed (2 unfilled),
1 emeritus chair (Tim),
1 staff contact

Sangwhan, Dan, Tess, Yves, Lea, Hadley, Amy, Matthew

Martin, Max, Peter

Our last F2F, January 2024, hosted by Apple in London

Current work of the TAG

  • Reviewing others' work: primarily design reviews 
    • including design principles, security & privacy questionnaire, a11y questionnaire, privacy principles
    • 43 design reviews completed so far in 2024
  • Writing down the high level principles of the web: ethical web principles, findings, design principles, etc...
  • Convene task forces when necessary
  • Technical governance and oversight
    • Play a role in cross-organization liaisons
    • Review charters
    • Help to resolve formal objections via Council process
    • Inform technical strategy

Value of Design Review

  • For some, the first port-of-call for wide review
    • We highlight privacy, security, internationalisation, accessibility issues and recommend further detailed reviews in these areas if warranted
  • We are part of "W3C wide review"
  • We ideally want to provide value earlier in the design process
    • Design principles, Security & Privacy Questionnaire, Accessibility Questionnaire, Privacy Principles, etc...
    • "Early" design review for emerging ideas
  • We flag issues like lack of multi-stakeholder or multi-implementer support
  • We encourage people to work together rather than in silos

https://tag.w3.org/workmode/design-reviews/

How does the TAG work?

The TAG holds 5 video call breakouts per week (commitment to attend 2) and we hold a plenary call once every 2 weeks.

In January, we held a 3-day F2F in London. In September 2023, we held a "virtual F2F" with a 4-day schedule comprised of 18 breakout sessions across 3 time zone groups.

All minutes are posted to: https://github.com/w3ctag/meetings/

TAG Election is Coming Up in December

Every year we have an election for a number of seats on the TAG.

Please consider putting someone forward from your organisation for our next election cycle.

We are looking for people who can help us with maintaining the web's architecture: reviewing new web technologies, helping to write guidelines, pondering big questions about the web...

We're looking to ensure the TAG reflects the W3C and Web community and that it's a diverse group of people.

 

Web Platform Design Principles

General design principles for
new web features.

Incorporates our "learnings" from the design review process.

API Design Across Languages

HTML / CSS / JavaScript

Events

Web IDL / Types / Units

OS "Wrapper" APIs

Naming

https://www.w3.org/TR/design-principles/

Now with extra Priority of Constituencies!

Ethical Web Principles

Introduction that seeks to differentiate the web

on ethical grounds.

12 high-level principles.

Not intended to be actionable in itself :

this document informs our other work.

Complements the AB "vision" document.

The Principles

There is one web.

The web does not cause harm to society.

The web supports healthy community and debate.

The web is for all people.

The web is secure, and respects peoples' privacy.

The web enables freedom of expression.

The web makes it possible to verify information.

The web enhances individuals' control and power.

The web is an environmentally sustainable platform.

The web is transparent.

The web is multi-browser, multi-OS and multi-device.

People can render web content as they want.

Quoted  and referenced in UN report on "Human rights and technical standard-setting processes for new and emerging digital technologies"

Privacy Principles

Defining privacy on the web

Discussion of key privacy concepts

30 design principles applicable to API designers, browser makers & web developers

If a service needs to collect extra data from its users in order to protect those or other users, it must take extra technical and legal measures to ensure that this data can't be then used for other purposes, like to grow the service

Sites, user agents, and other actors should restrict the data they transfer to what's either necessary to achieve their users' goals or aligns with their users' wishes and interests

Web APIs should be designed to minimize the amount of data that sites need to request to carry out their users' goals. Web APIs should also provide granularity and user controls over personal data that is communicated to sites.

People have certain rights over data that is about themselves, and these rights should be facilitated by their user agent and the actors that are processing their data.

New Territory: Statements

The TAG is requesting two of its documents to be ratified as W3C Statements

What's a Statement?

A W3C Statement is a Note that has been endorsed by W3C as a whole. In order to elevate a Note to W3C Statement status, A group must:

Why are we seeking Statement status?

They already represent TAG consensus. We want to elevate these documents to W3C consensus to give them additional credibility and impact.

These documents have both been, and continue to be, subject to wide review in the community.

New Topic: ActivityPub and the #Fediverse

ActivityPub

With ActivityPub, we move from single "social silos" to a word of multiple, federated social networks across multiple, implementations (the “Fediverse”).

 

People then choose which network they want to join and which communities they do, and do not, want be a part of.

 

Seems like a web.

ActivityPub

The "Social Web" activity in w3c started over a decade ago to "break the social silos".

ActivityPub is arguably one of the most successful non-browser technologies produced in W3C.

Many Open Source implementations, including Mastodon, PeerTube, Pleroma and Misskey. Meta's Threads is also implemented on top of ActivityPub

Misskey is a Japanese community project - see https://github.com/misskey-dev/ and Misskey.io main server has over 500k users (with many more servers).

Call To Action?

New Community Group: SWAG

Goals

  • Enhance web application security to make the web safer for users.
  • Develop security best practices for web developers.

Scope of Work

  • Documentation Needs:

    • Web Application Security Developer's Principles.
    • Threat Models, Theory, Attacks, Practices, and Tools.
  • Security Best Practices:

    • Framework/Library secure development.
    • WebAssembly secure development.
    • Secure build processes.

Collaborate with…

Following on from 2023's Secure the Web Forward workshop:

https://www.w3.org/2023/03/secure-the-web-forward/

 

Join SWAG: https://www.w3.org/community/swag/

Thank you.

 

Daniel Appelquist

@torgo@mastodon.social (#Fediverse)

dan@torgo.com (Email)