I've just posted some detail on the Internet Explorer 8 XSS Filter Architecture / Implementation over on the SWI Blog.  It would be great to get some feedback and answer any questions you may have -- just drop me a mail using the Email link to the left.

In other news, Gareth Heyes has been spending some time testing the XSS Filter implementation.  Gareth has written up a post on the Bluehat blog about targeted fuzzing, specifically as applied to XSS.

And finally, it's worth mentioning that I'm now on Twitter!