HTML5 began making waves in software development many years before its official adoption in October 2014, reducing reliance on proprietary rich internet technologies such as Adobe Flash and Microsoft Silverlight. The HTML5 video element, for embedding video in a document, was a big change to support the rich internet. HTML5 also was designed to the support the change of the web from a place to browse documents to a place to build distributed applications.

Still dogging HTML5, though, is the search for a common, royalty-free video codec for the web. There has been some progress, but no resolution. H.265 is still encumbered with patents. Google’s VP9 codec may help, but other companies involved in web standards are leery of supporting technology from a major competitor.

Nonetheless, HTML5 has established itself as the way to build applications for an open, multimedia-rich web. “HTML5 has very quickly become the only version of HTML that people are really using in browsers today and websites,” said Jeff Jaffe, CEO of the World Wide Web Consortium, which has jurisdiction over the technology.

HTML5’s incremental improvements

The HTML5 specification is regularly updated. Sometimes, there are small feature improvements and bug fixes, such as with last year’s version 5.1, which modified the canvas 2D element and further cleaned up HTML5.

Next up is version 5.2, with features such as, tentatively, the menu element, representing a group of commands that can be activated. Release 5.2 also hones in on Web Content Security Policy, providing a way for developers to control resource access. The upgrade also could handle email addresses in non-Latin alphabets. Still, HTML5.2 is considered a minor revision.

But the W3C wants more frequent updates of the core HTML specification, updating it every year instead of every ten to 15 years as in previous HTML major-version shifts, which does not keep up with web time, Jaffe said. However, those major revisions won’t necessarily get whole-number upgrades, such as from HTML5 to HTML6 to HTML7.

What might make for an HTML5 successor

So will there ever be an HTML6? Jaffe suggests that web payments might justify such a whole-number revision, to provide a consistent way of doing payments on the web. “If we were going to linearly call something HTML6, this might be it.” Although buying through the web is not new, the increased dominance of mobile web usage is causing people to abandon shopping carts because of the complexity—and may require a different approach baked into HTML itself. The W3C has a working group to explore this very issue.

W3C also is working on Web Components, a framework to identify reusable website components, and Service Workers, to make it easier to run multiple functions inside a browser, featuring offline capabilities. Maybe they’ll justify a name change to HTML6.

The open web branches HTML5 into new areas

While HTML5 has anchored the open web platform, the platform itself has increasingly become bigger than just HTML, Jaffe said. So the W3C is working on security, performance, and streaming.

A streaming-related effort involves the proposed Encrypted Media Extensions (EME) standard, which extends the HTMLMediaElement (in HTML5.1) to provide APIs for controlling playback of encrypted content and connecting to a digital rights management system. EME provides a standard way of displaying video through browsers. Previously, there was no interoperability, Jaffe said. “It’s a tremendous improvement over the nonstandardized method of delivering video today,” which is often Netscape’s controversial NPAPI plug-in technology.

Tim Berner-Lee, W3C director and considered the inventor of the web, endorsed the EME proposal in February, saying it provides a relatively safe way to watch a movie online. But others have opposed the proposal. Berners-Lee himself notes there are problems with DRM for developers and issues around posterity and laws.

For web security, the W3C has three efforts:

  • A web authentication framework. In progress, the goal is to support security via multifactor authentication. “We really want to get away from passwords,” Jaffe said.
  • Web Crypto API. Completed earlier this year, it provides a JavaScript API for basic cryptographic operations in web applications.
  • Best practices for web-development security. Also completed, these practices are meant to prevent sharing of information from one application to another and thus violate user privacy.