Re: Draft Charter Available for Comments [via Browser Extension Community Group] from Florian Rivoal on 2015-10-26 (public-browserext@w3.org from October 2015)

From: Florian Rivoal <florian@rivoal.net>
Date: Mon, 26 Oct 2015 23:06:40 +0900
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: Browser Extension Community Group <ij@w3.org>, public-browserext@w3.org
Message-Id: <1850F3F3-7504-4309-ABC4-4B94BCE97E32@rivoal.net>

> On 26 Oct 2015, at 00:51, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
> 
> On 2015-10-25 15:59, W3C Community Development Team wrote:
>> Hello World!
>> 
>> Draft charter is available for comments:
>> http://browserext.github.io/charter/
>> 
>> Please provide comments / feedback via Github issues
>> 
>> Any feedback is welcome and please join in the group if you feel this is a
>> problem worth solving.
> 
> Basing this work on Chrome extensions is a good idea.
> There are a couple of things to consider though:
> 
> 1. The AppStore. Maybe the only realistic is that each vendor maintains a copy although it feels a bit inconvenient?

I agree this is a discussion we should have, and I link it to point 3 in the scope section. It is far from certain that we can reach agreement about this, but it is a topic worth discussion. We could make this explicit by adding one more bullet point to the list under point 3, maybe saying "distribution channels"

> 2. Native Messaging. This is (IMO...) a very important part of the Chrome extension API but unfortunately it suffers from major usability, deployment, and security issues:
> https://lists.w3.org/Archives/Public/public-webappsec/2015Oct/0071.html
> Personally I believe Native Messaging should be a separate effort because it differs from the rest by diving into the OS.

I think Native Messaging is an important part of what extensions need to be able to do, and therefore that it belongs in the scope of this CG. Whether the model proposed by Chrome is acceptable as is, needs adjustments, or needs to be replaced by a different API altogether due to security (or other) concerns is certainly a discussion that needs to happen, but I believe this community group is a good place for this discussion to be had.

However, we should probably list WebAppSec and/or the TAG as liaisons to be contacted to work on security aspects of the various APIs we will be standardizing. While we're at it, we should probably add the other traditional W3C horizontal review groups (accessibility, internationalization, and privacy) to the Liaison section as well.

 - Florian

Received on Monday, 26 October 2015 14:07:12 UTC